$ rpki-client -vvf rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft File: zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft (raw, json) Hash identifier: goFOJWvLhk8wu887Mt4Fsd5VNJLUaEKprvsezAcg2oE= Subject key identifier: EA:27:08:4C:23:C5:C1:CC:DC:6E:25:C0:A4:D1:AB:9B:83:5B:33:84 Authority key identifier: CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D Certificate issuer: /CN=A91594AE/serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Certificate serial: 0ACD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft Manifest number: 0AC5 Signing time: Wed 02 Jul 2025 19:41:36 +0000 Manifest this update: Wed 02 Jul 2025 19:41:35 +0000 Manifest next update: Wed 09 Jul 2025 19:41:35 +0000 Files and hashes: 1: zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl (hash: UWThbzr6uqfs0A5bQnaG+IloxGkXWBTKB6dHBxlkQrc=) 2: 38CAF4EC52B911EAACE8041BC4F9AE02.roa (hash: lj/CFwKu+N9KL+BN8rOtiVH/zU3sp7+mG9hyAnPkezU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:41:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2765 (0xacd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91594AE, serialNumber=CDA47E0A1EEB525F3B5A0FAFB2FA0DBB363BFA4D Validity Not Before: Jul 2 19:41:35 2025 GMT Not After : Jul 9 19:41:35 2025 GMT Subject: CN=68658b70-935a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:85:d4:0b:25:43:7a:3c:eb:b0:64:37:b5:7b: c3:53:df:ac:6c:bb:c4:e2:23:6e:a4:03:cd:2f:53: be:be:55:08:d0:45:2e:65:d2:85:60:54:68:4e:ea: f7:c3:86:6f:6f:cc:1a:f8:1d:77:f2:b4:96:7a:cf: 79:c2:c8:35:1e:c2:0a:1f:06:69:b7:2e:61:0f:e3: 6f:76:60:4a:bc:b1:8e:54:9a:a7:0f:14:6e:c2:3b: de:54:ed:03:30:7b:d9:81:61:48:96:65:2b:95:ab: ef:a0:3f:58:33:8a:2f:e7:29:69:8e:35:a6:4b:c6: 87:91:29:63:95:9a:89:02:cd:02:4f:a3:0b:ff:3f: 7c:3e:56:8b:c2:ca:71:7a:6a:33:92:6a:3a:99:82: c9:a4:ca:00:f4:5a:f0:17:89:52:71:8f:44:57:d9: 99:7a:73:69:2c:20:3c:18:3e:9c:f7:ec:62:1e:9b: f2:67:46:e0:02:e8:44:98:d2:90:ff:d2:e9:cd:4a: c1:5f:2c:ba:66:2a:bb:3e:e1:55:b5:a5:3c:29:ab: b5:c1:c5:da:29:19:9e:c2:d5:10:8e:a1:65:f0:34: 29:d3:ba:e8:fa:74:49:b6:8e:ea:47:99:bf:59:bc: a0:05:a2:cc:68:0a:dd:4a:dc:45:2f:19:6e:9b:0d: 1b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:27:08:4C:23:C5:C1:CC:DC:6E:25:C0:A4:D1:AB:9B:83:5B:33:84 X509v3 Authority Key Identifier: keyid:CD:A4:7E:0A:1E:EB:52:5F:3B:5A:0F:AF:B2:FA:0D:BB:36:3B:FA:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91594AE/3D8B8C4852B511EAA4A9D20EC4F9AE02/zaR-Ch7rUl87Wg-vsvoNuzY7-k0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:87:f2:6f:d8:f1:3f:d0:e7:18:94:10:eb:1a:db:18:74:0c: 3a:d0:63:d7:f9:e3:ba:35:6a:d1:66:b0:42:f4:23:d1:c2:ce: 93:54:90:1a:7d:74:12:8f:81:d8:3f:4f:02:ed:0b:f5:bf:00: 4a:9f:b8:d6:b5:cb:3c:76:a8:74:67:2b:ea:da:31:2b:83:73: 87:e3:93:20:b0:e4:a2:4d:75:43:99:c2:da:16:21:74:3f:42: 66:4a:91:19:17:1d:cb:10:31:a6:58:8c:92:f3:a8:e3:b2:70: 80:a1:2a:58:2f:18:fc:a3:91:3a:e9:62:a1:70:ea:cd:24:04: 7b:f2:5b:aa:58:0d:ac:99:7a:14:ef:ff:64:2d:be:d3:85:0f: 1f:17:03:86:0e:16:fe:17:15:37:c6:89:79:8c:60:1c:dd:30: c2:a7:b6:48:92:0f:a8:aa:67:d1:fa:73:6a:85:ff:24:f1:91: c6:23:51:2e:ab:6f:0f:e8:43:3c:f4:be:ba:60:e0:36:95:2d: cf:dc:ce:58:0f:dc:95:2e:3c:09:ad:44:71:e4:d3:f8:36:1a: e3:a9:ca:e5:80:63:59:24:e9:8b:0e:30:15:5c:1d:a5:49:a6: 32:5b:3f:e0:d2:3b:49:20:eb:46:2b:34:75:b1:a6:e9:69:1b: e6:bb:c1:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTk0QUUxMTAvBgNVBAUTKENEQTQ3RTBBMUVFQjUyNUYzQjVBMEZBRkIyRkEwREJC MzYzQkZBNEQwHhcNMjUwNzAyMTk0MTM1WhcNMjUwNzA5MTk0MTM1WjAYMRYwFAYD VQQDEw02ODY1OGI3MC05MzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4XUCyVDejzrsGQ3tXvDU9+sbLvE4iNupAPNL1O+vlUI0EUuZdKFYFRoTur3 w4Zvb8wa+B138rSWes95wsg1HsIKHwZpty5hD+NvdmBKvLGOVJqnDxRuwjveVO0D MHvZgWFIlmUrlavvoD9YM4ov5ylpjjWmS8aHkSljlZqJAs0CT6ML/z98PlaLwspx emozkmo6mYLJpMoA9FrwF4lScY9EV9mZenNpLCA8GD6c9+xiHpvyZ0bgAuhEmNKQ /9LpzUrBXyy6Ziq7PuFVtaU8Kau1wcXaKRmewtUQjqFl8DQp07ro+nRJto7qR5m/ WbygBaLMaArdStxFLxlumw0b5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOonCEwj xcHM3G4lwKTRq5uDWzOEMB8GA1UdIwQYMBaAFM2kfgoe61JfO1oPr7L6Dbs2O/pN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTRBRS8zRDhCOEM0ODUy QjUxMUVBQTRBOUQyMEVDNEY5QUUwMi96YVItQ2g3clVsODdXZy12c3ZvTnV6WTct azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3phUi1DaDdyVWw4N1dnLXZzdm9OdXpZNy1rMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 OTRBRS8zRDhCOEM0ODUyQjUxMUVBQTRBOUQyMEVDNEY5QUUwMi96YVItQ2g3clVs ODdXZy12c3ZvTnV6WTctazAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdh/Jv2PE/0OcYlBDrGtsYdAw60GPX+eO6NWrRZrBC9CPRws6TVJAa fXQSj4HYP08C7Qv1vwBKn7jWtcs8dqh0Zyvq2jErg3OH45MgsOSiTXVDmcLaFiF0 P0JmSpEZFx3LEDGmWIyS86jjsnCAoSpYLxj8o5E66WKhcOrNJAR78luqWA2smXoU 7/9kLb7ThQ8fFwOGDhb+FxU3xol5jGAc3TDCp7ZIkg+oqmfR+nNqhf8k8ZHGI1Eu q28P6EM89L66YOA2lS3P3M5YD9yVLjwJrURx5NP4NhrjqcrlgGNZJOmLDjAVXB2l SaYyWz/g0jtJIOtGKzR1sabpaRvmu8Hj -----END CERTIFICATE-----Generated at Thu Jul 3 01:12:36 2025 by rpki-client