$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: I0uahloSplvCA265fng9MIg0srijZ6PV6ZJWg3VpL4k= Subject key identifier: 4F:04:14:AB:DD:2A:BF:BC:6B:F8:3E:56:BA:D4:F9:D1:79:BE:FF:C4 Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 0149 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0141 Signing time: Thu 15 May 2025 03:49:28 +0000 Manifest this update: Thu 15 May 2025 03:49:28 +0000 Manifest next update: Thu 22 May 2025 03:49:28 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: ruUDLe69rBOWOfGdypZA3693B076b3Ip+SOh0mO7lrQ=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 03:49:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 329 (0x149) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: May 15 03:49:28 2025 GMT Not After : May 22 03:49:28 2025 GMT Subject: CN=68256448-1669 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f4:d6:e1:71:42:d4:6d:b2:a1:c7:0c:c0:07: 92:57:19:6b:f6:ad:c2:3b:1f:c9:53:fd:6e:15:82: 7e:44:db:84:7e:af:ef:76:69:cf:d0:57:b3:47:70: 9d:70:65:1e:18:35:54:0f:e4:0f:50:1f:b9:2e:36: 52:a4:da:b5:83:82:9d:fd:9a:a2:87:04:dd:0e:7c: 1b:c7:74:0b:98:66:fb:39:40:91:27:1d:c7:ad:8d: 58:9a:65:64:fa:d0:48:f3:ab:4e:3a:76:86:00:e5: 29:e2:f7:2a:73:48:6a:2f:5b:92:3a:ee:71:1a:cb: 91:38:bb:9e:99:ab:78:6d:ce:b2:4a:64:f8:fe:1f: a8:bb:15:d7:71:61:2a:db:f3:d1:86:d5:c2:bb:a7: 87:7d:f1:51:e3:db:6f:63:14:03:e3:ca:ac:66:ae: e1:30:da:e2:84:be:3f:f0:0f:c3:cb:4b:ab:9e:d2: 49:23:93:0a:ac:a9:8d:24:c1:23:5a:fc:7d:64:15: 94:c7:82:81:e7:eb:40:c9:4b:4b:9f:62:35:e3:f2: dc:d9:1b:b8:37:fe:de:cf:74:9e:51:7f:1b:a6:de: 6d:17:d5:37:38:a2:e6:a8:a9:61:ac:63:6f:6f:e7: b4:8b:b8:c8:a6:7e:37:eb:83:47:62:53:31:09:34: 6d:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:04:14:AB:DD:2A:BF:BC:6B:F8:3E:56:BA:D4:F9:D1:79:BE:FF:C4 X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:72:9a:38:87:96:54:11:9d:d9:f0:86:d1:4d:44:df:05:21: a1:7f:91:98:53:c1:32:0b:65:0b:17:bb:83:83:fc:64:01:d1: d2:9d:2d:f8:1f:ad:61:14:f1:37:88:4e:7a:37:d9:04:d9:8d: 61:49:9f:cb:cd:a7:70:09:59:cd:80:9b:fc:ec:39:b8:57:b1: 75:9e:10:72:be:65:8c:2c:16:55:15:ac:80:9f:ab:6a:45:ad: a8:43:5b:75:68:9a:84:9a:98:8a:b2:00:d5:4c:52:7a:50:89: a9:6a:b0:ba:9b:31:4b:bd:a9:3d:8d:b1:36:74:d9:85:fb:e6: e4:0b:90:87:be:d9:b7:96:64:7c:a6:f4:3a:ab:71:bd:0a:a4: 57:97:c7:61:12:55:de:04:b6:a5:a1:6d:7c:ba:6a:ce:99:3b: 35:48:0d:2d:56:1b:fa:56:43:b0:25:de:e4:26:df:f5:09:37: 70:a1:a4:0b:32:96:4f:8b:bb:94:39:11:3a:c9:96:52:05:f8: 3d:69:8d:cf:db:63:0e:8f:5d:86:6a:95:0a:ee:56:de:96:7c: c1:2d:00:d0:ec:2f:d2:f0:db:f0:28:e9:57:32:9b:56:a4:f8: ed:08:fc:65:8b:7c:dd:b3:ae:ee:cb:ee:e0:0f:b6:84:63:2a: 09:b7:e5:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUwNTE1MDM0OTI4WhcNMjUwNTIyMDM0OTI4WjAYMRYwFAYD VQQDEw02ODI1NjQ0OC0xNjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1vTW4XFC1G2yoccMwAeSVxlr9q3COx/JU/1uFYJ+RNuEfq/vdmnP0FezR3Cd cGUeGDVUD+QPUB+5LjZSpNq1g4Kd/ZqihwTdDnwbx3QLmGb7OUCRJx3HrY1YmmVk +tBI86tOOnaGAOUp4vcqc0hqL1uSOu5xGsuROLuemat4bc6ySmT4/h+ouxXXcWEq 2/PRhtXCu6eHffFR49tvYxQD48qsZq7hMNrihL4/8A/Dy0urntJJI5MKrKmNJMEj Wvx9ZBWUx4KB5+tAyUtLn2I14/Lc2Ru4N/7ez3SeUX8bpt5tF9U3OKLmqKlhrGNv b+e0i7jIpn4364NHYlMxCTRthwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE8EFKvd Kr+8a/g+VrrU+dF5vv/EMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCicpo4h5ZUEZ3Z8IbRTUTfBSGhf5GYU8EyC2ULF7uDg/xkAdHSnS34 H61hFPE3iE56N9kE2Y1hSZ/LzadwCVnNgJv87Dm4V7F1nhByvmWMLBZVFayAn6tq Ra2oQ1t1aJqEmpiKsgDVTFJ6UImparC6mzFLvak9jbE2dNmF++bkC5CHvtm3lmR8 pvQ6q3G9CqRXl8dhElXeBLaloW18umrOmTs1SA0tVhv6VkOwJd7kJt/1CTdwoaQL MpZPi7uUORE6yZZSBfg9aY3P22MOj12GapUK7lbelnzBLQDQ7C/S8NvwKOlXMptW pPjtCPxli3zds67uy+7gD7aEYyoJt+Vr -----END CERTIFICATE-----Generated at Fri May 16 11:59:12 2025 by rpki-client