$ rpki-client -vvf rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft File: PKzc_ifokI3EfzPvkUrjxQi6R7M.mft (raw, json) Hash identifier: ceflE9CSG5k6zapJ/AeIPnssUQ8jI1lIApZH3AJXPxs= Subject key identifier: 12:2B:2F:6D:75:94:52:0F:51:3A:D3:E3:E8:83:32:1B:2A:78:D1:3C Authority key identifier: 3C:AC:DC:FE:27:E8:90:8D:C4:7F:33:EF:91:4A:E3:C5:08:BA:47:B3 Certificate issuer: /CN=A9133B40/serialNumber=3CACDCFE27E8908DC47F33EF914AE3C508BA47B3 Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft Manifest number: 0160 Signing time: Sat 17 May 2025 03:37:54 +0000 Manifest this update: Sat 17 May 2025 03:37:53 +0000 Manifest next update: Sat 24 May 2025 03:37:53 +0000 Files and hashes: 1: PKzc_ifokI3EfzPvkUrjxQi6R7M.crl (hash: R5pQkUjrtxnQO7up5RvPvjlVJSeYHLyFifJ90N+TCMo=) 2: B5CBEADC5A9911EEBACCD06BC4F9AE02.roa (hash: F4cU+r0RsJavKuaSoPZVVD+mCZCLwysM3Ho83jeaeN0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.crl rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 May 2025 03:37:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9133B40, serialNumber=3CACDCFE27E8908DC47F33EF914AE3C508BA47B3 Validity Not Before: May 17 03:37:53 2025 GMT Not After : May 24 03:37:53 2025 GMT Subject: CN=68280492-b8ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8e:a8:f2:34:61:78:f9:58:f0:7e:f6:eb:ca: 00:b4:fd:29:f6:a8:5b:b7:48:dc:a0:02:f3:b7:e3: e8:93:05:11:5b:95:08:44:2f:83:3b:9f:94:a6:29: 05:41:5a:3d:83:c1:e8:ff:23:70:7d:09:79:c4:39: d9:b1:b3:1f:03:4c:ac:b7:0c:d5:9d:64:4b:2d:69: b3:7d:f8:c7:52:75:f0:8d:26:b1:fd:24:7e:e3:8b: 2f:a0:83:a7:31:01:4b:19:80:61:f9:76:27:19:c6: 6c:e2:1f:17:fb:f4:b8:d8:95:57:2a:fe:33:d5:a8: c5:1a:08:68:21:68:68:7a:6c:86:cc:e1:60:1d:4b: 16:ad:44:c9:1e:d5:b8:83:3f:7d:27:fe:ae:14:dd: 76:b7:21:f6:67:ff:df:8a:1b:7a:68:bf:55:d1:82: 04:90:82:0b:4b:9e:82:9e:e1:0d:d7:0f:0c:a5:0d: 2b:af:ac:71:b1:bf:e6:29:c7:d4:00:05:16:07:6e: c0:d1:82:dd:19:11:28:03:e6:ea:06:0f:c3:18:41: 52:7a:51:66:be:5f:61:e2:6d:b3:65:23:52:bc:78: 8d:00:ab:01:74:2f:90:0d:10:28:f7:c1:87:b7:cd: d0:a3:ce:8a:e9:f3:93:fd:75:9a:96:34:13:d0:e4: 49:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:2B:2F:6D:75:94:52:0F:51:3A:D3:E3:E8:83:32:1B:2A:78:D1:3C X509v3 Authority Key Identifier: keyid:3C:AC:DC:FE:27:E8:90:8D:C4:7F:33:EF:91:4A:E3:C5:08:BA:47:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:0c:56:73:09:de:60:54:0d:f7:5f:d6:8c:44:f6:76:5f:22: 0f:9e:cd:2f:3d:44:8c:ec:67:74:75:1d:4d:86:6f:55:58:ad: 51:da:b4:04:a8:5d:4f:d3:55:6e:a5:fe:05:10:1f:66:00:f2: 02:e1:04:35:7b:94:8e:fc:bc:4c:af:5c:06:96:d7:fb:c9:46: 4c:43:ee:4b:d1:f7:fb:45:ff:1b:c0:73:47:ff:b8:e6:bd:29: ec:52:09:29:9b:d6:33:2e:a2:79:b9:a0:e9:9f:1c:7d:a1:1a: 99:7e:9c:ec:ae:f3:90:ec:8f:d2:ad:37:ff:08:96:05:a3:2d: ed:54:69:c8:31:8b:bc:ac:4b:5e:bd:f2:7f:bc:c0:11:23:ec: 2c:ea:74:fe:0e:4f:c9:54:25:ff:25:41:86:76:a3:49:ac:a9: c7:53:9b:20:25:fa:89:f0:1a:0c:96:91:54:c4:31:a0:52:be: 41:1f:00:b2:68:a9:c7:1c:22:82:ba:9e:83:08:40:e8:f7:57: dd:45:0a:93:76:69:68:26:a2:81:cc:76:5f:c2:15:67:e8:69: e8:54:d4:54:fa:d3:ff:fe:65:b7:2e:8d:12:46:99:90:31:36: 7e:90:f6:6b:68:fd:92:da:5e:63:0e:85:96:72:a3:3c:49:38: 4b:79:80:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzNCNDAxMTAvBgNVBAUTKDNDQUNEQ0ZFMjdFODkwOERDNDdGMzNFRjkxNEFFM0M1 MDhCQTQ3QjMwHhcNMjUwNTE3MDMzNzUzWhcNMjUwNTI0MDMzNzUzWjAYMRYwFAYD VQQDEw02ODI4MDQ5Mi1iOGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzo6o8jRhePlY8H7268oAtP0p9qhbt0jcoALzt+PokwURW5UIRC+DO5+UpikF QVo9g8Ho/yNwfQl5xDnZsbMfA0ystwzVnWRLLWmzffjHUnXwjSax/SR+44svoIOn MQFLGYBh+XYnGcZs4h8X+/S42JVXKv4z1ajFGghoIWhoemyGzOFgHUsWrUTJHtW4 gz99J/6uFN12tyH2Z//fiht6aL9V0YIEkIILS56CnuEN1w8MpQ0rr6xxsb/mKcfU AAUWB27A0YLdGREoA+bqBg/DGEFSelFmvl9h4m2zZSNSvHiNAKsBdC+QDRAo98GH t83Qo86K6fOT/XWaljQT0ORJjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBIrL211 lFIPUTrT4+iDMhsqeNE8MB8GA1UdIwQYMBaAFDys3P4n6JCNxH8z75FK48UIukez MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0I0MC9GMDFDQTlDNjFC MjIxMUVFQjc5QjFFMUJDNEY5QUUwMi9QS3pjX2lmb2tJM0VmelB2a1VyanhRaTZS N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BLemNfaWZva0kzRWZ6UHZrVXJqeFFpNlI3TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz M0I0MC9GMDFDQTlDNjFCMjIxMUVFQjc5QjFFMUJDNEY5QUUwMi9QS3pjX2lmb2tJ M0VmelB2a1VyanhRaTZSN00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfDFZzCd5gVA33X9aMRPZ2XyIPns0vPUSM7Gd0dR1Nhm9VWK1R2rQE qF1P01Vupf4FEB9mAPIC4QQ1e5SO/LxMr1wGltf7yUZMQ+5L0ff7Rf8bwHNH/7jm vSnsUgkpm9YzLqJ5uaDpnxx9oRqZfpzsrvOQ7I/SrTf/CJYFoy3tVGnIMYu8rEte vfJ/vMARI+ws6nT+Dk/JVCX/JUGGdqNJrKnHU5sgJfqJ8BoMlpFUxDGgUr5BHwCy aKnHHCKCup6DCEDo91fdRQqTdmloJqKBzHZfwhVn6GnoVNRU+tP//mW3Lo0SRpmQ MTZ+kPZraP2S2l5jDoWWcqM8SThLeYA/ -----END CERTIFICATE-----Generated at Sat May 17 15:44:53 2025 by rpki-client