$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: A4JeP5IBxDhmQZkOihAkcUQ4XfZF6jcAiSRkQ7Kj96g= Subject key identifier: D3:2C:5F:09:33:76:0B:24:CC:06:30:20:84:35:3E:3C:76:6A:38:5A Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 0198 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0190 Signing time: Sun 19 Oct 2025 06:10:17 +0000 Manifest this update: Sun 19 Oct 2025 06:10:17 +0000 Manifest next update: Sun 26 Oct 2025 06:10:17 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: ChaAMLQwdcxpwGHkwP7iaQis+XSvfe5vr9ACXmSUpJw=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 408 (0x198) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Oct 19 06:10:17 2025 GMT Not After : Oct 26 06:10:17 2025 GMT Subject: CN=68f480c9-eff4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e3:16:1f:60:f7:d0:f8:d6:ca:b0:a7:0e:86: 0b:cf:a9:dc:1b:81:4e:52:77:c4:f8:14:b8:3c:81: 56:ed:4f:7e:fc:45:9c:3d:0f:07:49:10:d0:02:60: 5c:49:bc:3d:16:8e:ee:03:77:f2:9c:2a:b0:ee:b2: f4:61:b5:23:e6:6c:3a:9b:e4:c5:9f:18:d9:35:08: c4:1a:41:6e:50:7d:08:5b:2f:60:5a:6a:e2:3d:47: 51:99:99:2e:73:b4:46:d2:ae:fe:79:47:c3:ba:25: 4d:15:a9:b8:b5:87:06:6c:81:f3:5c:7b:00:36:6d: fd:ba:69:11:8c:70:f1:c0:e0:9d:cc:9a:12:b7:e5: bb:66:ca:1d:88:f8:c8:e8:83:e5:9c:59:a5:a5:4f: 8c:63:c7:3b:67:6d:84:bf:95:78:02:af:6a:4e:cd: ea:ce:32:76:fc:d4:03:b9:b2:76:7c:5f:68:49:e5: 52:2c:ac:4c:11:5c:94:fd:8e:9f:b3:0f:70:01:f5: 45:e6:c7:63:4c:ff:8a:76:a5:69:69:a3:c2:df:5c: 17:d3:3b:ab:71:b8:2e:9e:bc:ca:0c:5c:25:2d:cf: 50:c6:c3:6e:b0:ef:89:96:15:10:a6:e6:cf:9e:cd: b5:fa:45:c0:19:b7:d5:57:26:6c:61:e1:91:83:c6: cb:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:2C:5F:09:33:76:0B:24:CC:06:30:20:84:35:3E:3C:76:6A:38:5A X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:f6:7c:54:76:76:84:0b:87:1b:f8:a0:6f:c3:34:2c:d3:ba: bd:56:cf:ce:91:8a:02:4e:5e:29:83:ce:b8:db:70:de:2a:0b: 11:7e:82:16:f2:c5:e9:71:84:f9:1f:c8:9c:f0:c0:0a:97:ac: c7:9c:99:49:73:4c:e1:f1:7b:e9:25:61:84:40:6a:51:a5:bd: 7b:a0:a9:08:34:bd:83:17:b6:12:86:e4:97:32:72:99:2a:ae: a3:e3:6a:19:ec:89:a7:b5:1d:1e:8c:3e:12:e2:eb:70:24:9c: bc:4a:15:58:6c:b0:17:ef:ca:f4:9c:f2:97:13:35:19:cd:31: 61:59:61:25:10:55:e7:d6:91:8a:12:05:b2:24:ce:fe:34:67: 45:3c:c3:e8:98:af:fa:8a:b9:64:4e:9e:f1:70:61:35:eb:23: b6:10:51:1c:bc:08:a0:33:a1:db:17:1d:32:d2:36:d2:98:e7: 65:84:58:5d:b8:50:01:75:29:6a:b6:6e:a3:45:f4:40:67:a8: 7d:db:4c:55:55:54:db:62:cb:a3:f2:12:6f:57:0f:60:77:3e: 42:f0:5f:d9:0d:1c:18:a5:0a:1d:95:57:a3:53:85:8f:4d:3c: 9a:fb:64:32:6f:13:da:31:c1:56:a7:39:7f:5e:64:cb:ba:12: 0f:6d:88:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUxMDE5MDYxMDE3WhcNMjUxMDI2MDYxMDE3WjAYMRYwFAYD VQQDEw02OGY0ODBjOS1lZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOMWH2D30PjWyrCnDoYLz6ncG4FOUnfE+BS4PIFW7U9+/EWcPQ8HSRDQAmBc Sbw9Fo7uA3fynCqw7rL0YbUj5mw6m+TFnxjZNQjEGkFuUH0IWy9gWmriPUdRmZku c7RG0q7+eUfDuiVNFam4tYcGbIHzXHsANm39umkRjHDxwOCdzJoSt+W7ZsodiPjI 6IPlnFmlpU+MY8c7Z22Ev5V4Aq9qTs3qzjJ2/NQDubJ2fF9oSeVSLKxMEVyU/Y6f sw9wAfVF5sdjTP+KdqVpaaPC31wX0zurcbgunrzKDFwlLc9QxsNusO+JlhUQpubP ns21+kXAGbfVVyZsYeGRg8bLAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNMsXwkz dgskzAYwIIQ1Pjx2ajhaMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCR9nxUdnaEC4cb+KBvwzQs07q9Vs/OkYoCTl4pg86423DeKgsRfoIW 8sXpcYT5H8ic8MAKl6zHnJlJc0zh8XvpJWGEQGpRpb17oKkINL2DF7YShuSXMnKZ Kq6j42oZ7ImntR0ejD4S4utwJJy8ShVYbLAX78r0nPKXEzUZzTFhWWElEFXn1pGK EgWyJM7+NGdFPMPomK/6irlkTp7xcGE16yO2EFEcvAigM6HbFx0y0jbSmOdlhFhd uFABdSlqtm6jRfRAZ6h920xVVVTbYsuj8hJvVw9gdz5C8F/ZDRwYpQodlVejU4WP TTya+2QybxPaMcFWpzl/XmTLuhIPbYjh -----END CERTIFICATE-----Generated at Mon Oct 20 01:47:23 2025 by rpki-client