$ rpki-client -vvf rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft File: zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft (raw, json) Hash identifier: Ax4yvDZsQwoTDrNvO43Nn22pAGA6zbeHJmRx2H1Zgpc= Subject key identifier: B8:F6:A1:4D:D5:2B:DD:10:A4:5B:C5:EC:4B:98:B4:6E:A5:9D:B2:5F Authority key identifier: CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D Certificate issuer: /CN=A91594AE/serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Certificate serial: 0AB4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft Manifest number: 0AAC Signing time: Mon 12 May 2025 19:21:27 +0000 Manifest this update: Mon 12 May 2025 19:21:26 +0000 Manifest next update: Mon 19 May 2025 19:21:26 +0000 Files and hashes: 1: zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl (hash: yUrqK8zZOthzKoiYSi3xKLVEtsoXLaJUBZ/Rl24uhnc=) 2: 38CAF4EC52B911EAACE8041BC4F9AE02.roa (hash: lj/CFwKu+N9KL+BN8rOtiVH/zU3sp7+mG9hyAnPkezU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:21:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2740 (0xab4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91594AE, serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Validity Not Before: May 12 19:21:26 2025 GMT Not After : May 19 19:21:26 2025 GMT Subject: CN=68224a37-b70f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:30:5a:48:8c:0d:39:7e:90:d8:b4:9b:be:0a: aa:cf:9d:3b:cb:33:ae:ad:c5:1b:c0:0e:a3:21:5e: 88:01:e9:76:66:36:51:a9:b0:0e:e9:1c:b6:58:e1: d5:b1:aa:00:9d:74:c1:1f:9b:7c:fa:6b:70:6b:ac: a3:37:21:7c:ad:5b:e3:74:83:63:47:03:25:51:9d: 8c:47:42:62:6e:78:b6:26:b5:54:a6:f7:4d:54:8c: f6:b7:7e:89:e6:4b:c3:cd:66:1c:c8:a0:b3:c6:29: b9:05:8b:9f:2b:d8:b7:46:45:8c:a9:b2:b7:81:8a: 04:91:e3:57:45:26:84:6d:df:64:71:fe:31:95:e9: 9c:29:8e:43:38:f5:fa:5e:b7:23:47:a7:71:91:c5: 5e:bf:99:df:25:9d:fc:7d:5f:bd:99:b6:5a:b1:7b: ec:38:36:fa:fa:d0:61:6b:1e:ca:63:58:5c:3c:a4: d0:fe:e2:ee:37:97:e7:44:0e:32:db:b4:71:0e:ed: 56:f9:c9:8f:24:89:e9:9a:13:f1:c6:4e:77:43:bc: 2c:cb:13:4b:a4:17:61:4b:41:e8:d7:a5:f9:c8:aa: 13:d5:ee:b0:1f:65:c9:c0:16:bc:01:18:07:66:fc: a7:cf:15:5a:3e:ee:d1:c6:66:3b:ac:6a:54:40:c8: de:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:F6:A1:4D:D5:2B:DD:10:A4:5B:C5:EC:4B:98:B4:6E:A5:9D:B2:5F X509v3 Authority Key Identifier: keyid:CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:3c:00:16:ae:07:c8:c8:99:48:11:12:d3:f3:0b:32:36:60: 55:70:74:fb:46:ee:6d:9f:ec:98:8a:94:81:6a:25:76:4d:05: aa:e1:20:01:21:a0:90:41:14:75:79:80:f0:ab:07:a4:97:c4: 91:b3:7d:a7:bd:1a:72:05:a6:5f:f8:aa:f0:4c:73:5e:32:7b: 7f:57:2d:1d:c5:03:8f:c6:9b:82:92:ed:2d:24:29:d8:f0:bc: 7d:74:45:b0:30:84:f1:b7:98:d9:05:c7:bd:c1:67:ca:2e:8f: 12:c1:c1:21:39:98:67:5d:0a:fa:99:43:34:dc:cc:0c:af:ea: b2:12:f6:a3:9f:bb:b4:bb:3a:78:6d:43:f1:f2:17:bd:93:9c: 08:8e:20:32:4d:98:dc:94:53:42:01:cd:85:a5:1b:37:36:ad: fb:06:01:22:ce:35:49:fb:42:1c:77:d9:8a:f6:4d:7e:5e:fb: f1:81:0c:78:05:2c:47:60:e1:de:4e:49:17:b2:99:27:d0:d5: b9:fe:e5:a5:55:37:48:c5:6b:2b:8c:b0:5f:d9:a3:d3:c4:11: 8d:d2:70:cb:f3:88:77:0d:4f:95:ae:b5:25:37:9e:fa:86:0f: c9:66:97:64:15:6d:03:d7:9a:05:3b:02:26:69:73:6b:af:11: f9:86:ec:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTk0QUUxMTAvBgNVBAUTKENEQTQ3RTBBMUVFQjUyNUYzQjVBMEZBRkIyRkEwREJC MzYzQkZBNEQwHhcNMjUwNTEyMTkyMTI2WhcNMjUwNTE5MTkyMTI2WjAYMRYwFAYD VQQDEw02ODIyNGEzNy1iNzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnzBaSIwNOX6Q2LSbvgqqz507yzOurcUbwA6jIV6IAel2ZjZRqbAO6Ry2WOHV saoAnXTBH5t8+mtwa6yjNyF8rVvjdINjRwMlUZ2MR0Jibni2JrVUpvdNVIz2t36J 5kvDzWYcyKCzxim5BYufK9i3RkWMqbK3gYoEkeNXRSaEbd9kcf4xlemcKY5DOPX6 XrcjR6dxkcVev5nfJZ38fV+9mbZasXvsODb6+tBhax7KY1hcPKTQ/uLuN5fnRA4y 27RxDu1W+cmPJInpmhPxxk53Q7wsyxNLpBdhS0Ho16X5yKoT1e6wH2XJwBa8ARgH ZvynzxVaPu7RxmY7rGpUQMjeAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLj2oU3V K90QpFvF7EuYtG6lnbJfMB8GA1UdIwQYMBaAFM2kfgoe61JfO1oPr7L6Dbs2O/pN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTRBRS8zRDhCOEM0ODUy QjUxMUVBQTRBOUQyMEVDNEY5QUUwMi96YVItQ2g3clVsODdXZy12c3ZvTnV6WTct azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3phUi1DaDdyVWw4N1dnLXZzdm9OdXpZNy1rMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OTRBRS8zRDhCOEM0ODUyQjUxMUVBQTRBOUQyMEVDNEY5QUUwMi96YVItQ2g3clVs ODdXZy12c3ZvTnV6WTctazAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKPAAWrgfIyJlIERLT8wsyNmBVcHT7Ru5tn+yYipSBaiV2TQWq4SAB IaCQQRR1eYDwqwekl8SRs32nvRpyBaZf+KrwTHNeMnt/Vy0dxQOPxpuCku0tJCnY 8Lx9dEWwMITxt5jZBce9wWfKLo8SwcEhOZhnXQr6mUM03MwMr+qyEvajn7u0uzp4 bUPx8he9k5wIjiAyTZjclFNCAc2FpRs3Nq37BgEizjVJ+0Icd9mK9k1+XvvxgQx4 BSxHYOHeTkkXspkn0NW5/uWlVTdIxWsrjLBf2aPTxBGN0nDL84h3DU+VrrUlN576 hg/JZpdkFW0D15oFOwImaXNrrxH5huyA -----END CERTIFICATE-----Generated at Wed May 14 08:15:44 2025 by rpki-client