$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: r4Mif27ttedPseJghv4TB0k6nDKIzIf27BPViynkARI= Subject key identifier: 46:4C:13:F1:A9:D1:F3:78:10:B8:36:0D:DD:68:60:F1:2A:00:6B:AD Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 017B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0173 Signing time: Sat 23 Aug 2025 04:00:27 +0000 Manifest this update: Sat 23 Aug 2025 04:00:27 +0000 Manifest next update: Sat 30 Aug 2025 04:00:27 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: OaJ/UajP5KKQFmojnf7kqCIwcAJu850JgpCmYqCr1LM=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 379 (0x17b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Aug 23 04:00:27 2025 GMT Not After : Aug 30 04:00:27 2025 GMT Subject: CN=68a93cdb-798a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3e:c5:91:8d:a5:47:9c:4b:80:92:78:27:a7: 32:8e:4a:7f:55:df:37:09:25:fa:62:25:3b:38:f0: ba:aa:f7:a3:cb:10:06:e0:0c:27:24:c5:fb:2e:99: ce:dc:c3:bd:bf:4d:6c:8e:cb:f5:24:84:5e:c5:53: 87:60:52:71:e8:07:39:0c:50:d4:57:d5:df:c1:e8: bc:51:60:c6:ed:32:d7:09:15:be:cd:8b:51:68:78: 6b:cf:ef:6d:f1:bf:3e:42:de:04:fb:35:11:12:9e: 19:81:ca:98:82:dc:05:ac:35:62:8e:84:0a:46:1e: 87:56:1b:e9:9c:88:50:cf:f4:cf:c7:7e:ab:94:10: ad:e6:6d:b1:12:85:81:2c:f0:13:c2:f7:f7:09:8f: 29:8e:27:77:2e:a2:8e:12:77:ab:cc:3b:7c:d6:b7: 7d:96:d3:dd:c0:a9:1c:86:5e:4f:17:2c:a2:55:ca: 68:b3:a7:1b:21:4d:6a:f0:16:16:12:90:60:70:48: 12:ab:b6:26:48:b6:56:3f:1f:98:98:c8:64:48:7d: 2c:66:ea:94:a8:3d:6f:4b:9a:c4:95:44:d2:15:32: 95:c2:88:89:79:f4:b6:b4:e7:5d:d0:88:6f:62:a9: 15:8d:ea:3e:04:ad:60:4b:16:12:ae:60:6e:e3:b3: 6a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:4C:13:F1:A9:D1:F3:78:10:B8:36:0D:DD:68:60:F1:2A:00:6B:AD X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:c1:e2:92:ee:eb:81:de:e3:4b:30:ac:f6:4e:08:dc:46:ee: b1:f0:b2:db:dd:19:b5:d3:89:cf:ef:ea:02:60:4e:08:47:ae: 10:9f:ed:7f:3f:08:b0:a4:a3:00:8d:70:ec:79:7e:a1:d6:1a: 0e:6a:f5:6c:6d:c3:71:02:55:2a:17:b7:d6:38:f8:6c:9e:bb: f6:19:78:a6:80:93:05:e5:47:3e:db:dd:43:77:3c:1a:c9:ab: af:b2:7d:d5:6f:25:c0:ef:d9:bd:43:fc:72:2a:47:42:a7:31: 31:81:6d:f1:77:68:9b:51:80:7e:47:e2:38:25:f9:4f:94:c9: d7:03:a5:cf:4d:ae:a5:65:de:1b:47:6a:03:5a:0f:b3:0e:6e: 99:37:3a:32:6f:8f:89:3c:e6:b6:e2:32:73:2e:1a:41:03:c1: c6:79:0f:f7:af:b2:c9:80:a4:c8:8d:f0:90:1f:17:52:48:1c: 13:68:e7:8e:61:cc:b1:d5:fb:72:54:15:d1:51:66:eb:64:bc: 94:9b:e7:7d:27:5f:f7:d6:08:d8:a8:2b:80:ff:cf:52:b6:c2: 1d:c3:43:98:a1:26:7f:de:08:0b:c2:f8:dd:ed:e0:7f:f5:22: b8:c4:de:08:b5:79:9c:19:c4:64:59:e4:cc:01:19:40:f7:a0: a2:d4:59:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUwODIzMDQwMDI3WhcNMjUwODMwMDQwMDI3WjAYMRYwFAYD VQQDEw02OGE5M2NkYi03OThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvz7FkY2lR5xLgJJ4J6cyjkp/Vd83CSX6YiU7OPC6qvejyxAG4AwnJMX7LpnO 3MO9v01sjsv1JIRexVOHYFJx6Ac5DFDUV9Xfwei8UWDG7TLXCRW+zYtRaHhrz+9t 8b8+Qt4E+zUREp4ZgcqYgtwFrDVijoQKRh6HVhvpnIhQz/TPx36rlBCt5m2xEoWB LPATwvf3CY8pjid3LqKOEnerzDt81rd9ltPdwKkchl5PFyyiVcpos6cbIU1q8BYW EpBgcEgSq7YmSLZWPx+YmMhkSH0sZuqUqD1vS5rElUTSFTKVwoiJefS2tOdd0Ihv YqkVjeo+BK1gSxYSrmBu47NqkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEZME/Gp 0fN4ELg2Dd1oYPEqAGutMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCyweKS7uuB3uNLMKz2TgjcRu6x8LLb3Rm104nP7+oCYE4IR64Qn+1/ PwiwpKMAjXDseX6h1hoOavVsbcNxAlUqF7fWOPhsnrv2GXimgJMF5Uc+291Ddzwa yauvsn3VbyXA79m9Q/xyKkdCpzExgW3xd2ibUYB+R+I4JflPlMnXA6XPTa6lZd4b R2oDWg+zDm6ZNzoyb4+JPOa24jJzLhpBA8HGeQ/3r7LJgKTIjfCQHxdSSBwTaOeO Ycyx1ftyVBXRUWbrZLyUm+d9J1/31gjYqCuA/89StsIdw0OYoSZ/3ggLwvjd7eB/ 9SK4xN4ItXmcGcRkWeTMARlA96Ci1FmU -----END CERTIFICATE-----Generated at Sat Aug 23 20:23:28 2025 by rpki-client