$ rpki-client -vvf rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.mft File: ZM9TLI4gsZbSW8fMflkyT5OBMnU.mft (raw, json) Hash identifier: K4jUvI0jvNfpZJVRypD8hayOO+gRLAljpvWU2lNWl5E= Subject key identifier: 68:C9:FC:A0:F6:F9:AA:C7:41:8C:83:0D:1D:1E:0D:E9:19:F0:CA:9A Authority key identifier: 64:CF:53:2C:8E:20:B1:96:D2:5B:C7:CC:7E:59:32:4F:93:81:32:75 Certificate issuer: /CN=A9175F43/serialNumber=64CF532C8E20B196D25BC7CC7E59324F93813275 Certificate serial: 5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZM9TLI4gsZbSW8fMflkyT5OBMnU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.mft Manifest number: 5D Signing time: Tue 01 Jul 2025 07:52:52 +0000 Manifest this update: Tue 01 Jul 2025 07:52:52 +0000 Manifest next update: Tue 08 Jul 2025 07:52:51 +0000 Files and hashes: 1: ZM9TLI4gsZbSW8fMflkyT5OBMnU.crl (hash: QM4+9tI9VN8gQ7xprv+lgx2zSP6MgionQh18iKfW0vI=) 2: B8587822CBF611EFAE14812EC4F9AE02.roa (hash: lDKeRG9eEL+s1K16vRs3ICLsEsEkHJhrK4mCAHxbCQs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.crl rsync://rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZM9TLI4gsZbSW8fMflkyT5OBMnU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:52:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9175F43, serialNumber=64CF532C8E20B196D25BC7CC7E59324F93813275 Validity Not Before: Jul 1 07:52:52 2025 GMT Not After : Jul 8 07:52:51 2025 GMT Subject: CN=686393d4-7c74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:8d:3a:0c:01:fd:e8:49:33:c8:0f:b3:9b:2f: a0:f9:4f:30:2f:e2:56:a0:d8:b9:2c:7c:f0:54:5d: 0e:d2:e6:75:47:e7:07:0d:37:09:4b:ad:18:ac:26: 75:9f:ea:7d:5e:fd:86:c8:bc:60:29:7f:14:47:28: 19:82:9c:cb:fd:64:ff:72:34:fc:e0:d8:34:93:f9: 99:3d:2a:49:ea:55:58:b4:6e:91:68:37:91:86:21: c9:e2:64:6a:21:61:95:01:0a:7c:ef:3b:a6:c1:1a: ba:32:5b:74:15:e3:f0:97:04:0c:03:67:11:74:ad: c6:c9:8d:5f:d8:73:77:bc:82:f1:00:5c:59:c8:c1: 42:0f:8b:e5:ac:6f:bf:91:ce:e4:4f:00:3e:19:0f: f8:f4:3d:1c:8e:ea:d0:d4:64:0f:7d:60:65:51:9c: 0c:1d:7c:7e:db:a2:52:4b:d3:78:b3:55:bd:dd:4a: 0e:c4:3b:bd:5b:4d:1b:9d:7d:40:cb:ed:75:c2:2c: 3d:86:7d:ab:9c:21:76:3c:30:a7:ca:f5:1a:b7:11: be:22:0b:39:ba:da:7b:72:77:84:87:fd:9d:3e:b0: 19:d9:c1:a1:82:2d:1f:52:f2:2a:8d:1e:e3:37:34: 74:f6:0a:1a:89:6b:85:34:ab:4a:d7:b8:5c:33:6d: 96:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C9:FC:A0:F6:F9:AA:C7:41:8C:83:0D:1D:1E:0D:E9:19:F0:CA:9A X509v3 Authority Key Identifier: keyid:64:CF:53:2C:8E:20:B1:96:D2:5B:C7:CC:7E:59:32:4F:93:81:32:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZM9TLI4gsZbSW8fMflkyT5OBMnU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175F43/599FEB44CBF611EF9F57E92DC4F9AE02/ZM9TLI4gsZbSW8fMflkyT5OBMnU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:27:c1:76:fa:a3:a7:f0:f6:da:db:21:96:a1:44:c1:e3:75: 9b:d7:d7:96:45:f0:04:5d:c1:c1:32:8e:40:b5:f6:69:a8:d4: 09:d9:16:62:8b:27:6c:99:d8:11:02:f6:9b:dd:64:ba:25:bb: 2e:cb:41:41:4d:3d:bf:9a:b4:96:b7:13:a4:c3:ed:9e:7c:d0: c0:75:e3:e6:fb:4c:3b:5e:9e:b6:47:9d:e3:c0:be:83:0f:e4: 7e:6c:2e:0a:8e:2a:b8:1e:ea:4a:88:57:4f:a4:df:a7:93:cf: 04:bd:40:ad:0e:ff:83:9d:75:6f:6b:3d:ee:2c:fa:b0:4d:a5: 19:30:a2:8b:d8:46:dc:24:b2:d0:88:20:4c:9d:5d:2a:34:ac: 3f:b6:b1:b2:df:c0:e7:fd:be:1d:fb:95:f4:19:58:7e:0c:19: 4a:39:53:35:0b:18:83:52:a3:0f:d2:d9:3f:a8:54:b8:f3:96: 17:2e:cb:f2:6a:66:c5:9f:cf:4e:3f:e8:2c:7e:77:7d:84:69: c1:e0:00:42:28:c5:72:8a:2a:73:a6:09:6f:83:f4:7a:76:eb: 90:4b:df:9d:f7:17:18:73:b4:6f:c4:48:43:51:79:d3:8d:e2: b6:88:b7:9c:71:9d:f6:6a:71:b1:02:2a:bd:10:c2:2e:45:c1: f4:5b:d8:a9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NUY0MzExMC8GA1UEBRMoNjRDRjUzMkM4RTIwQjE5NkQyNUJDN0NDN0U1OTMyNEY5 MzgxMzI3NTAeFw0yNTA3MDEwNzUyNTJaFw0yNTA3MDgwNzUyNTFaMBgxFjAUBgNV BAMTDTY4NjM5M2Q0LTdjNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD3jToMAf3oSTPID7ObL6D5TzAv4lag2LksfPBUXQ7S5nVH5wcNNwlLrRisJnWf 6n1e/YbIvGApfxRHKBmCnMv9ZP9yNPzg2DST+Zk9KknqVVi0bpFoN5GGIcniZGoh YZUBCnzvO6bBGroyW3QV4/CXBAwDZxF0rcbJjV/Yc3e8gvEAXFnIwUIPi+Wsb7+R zuRPAD4ZD/j0PRyO6tDUZA99YGVRnAwdfH7bolJL03izVb3dSg7EO71bTRudfUDL 7XXCLD2GfaucIXY8MKfK9Rq3Eb4iCzm62ntyd4SH/Z0+sBnZwaGCLR9S8iqNHuM3 NHT2ChqJa4U0q0rXuFwzbZZDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaMn8oPb5 qsdBjIMNHR4N6RnwypowHwYDVR0jBBgwFoAUZM9TLI4gsZbSW8fMflkyT5OBMnUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1RjQzLzU5OUZFQjQ0Q0JG NjExRUY5RjU3RTkyREM0RjlBRTAyL1pNOVRMSTRnc1piU1c4Zk1mbGt5VDVPQk1u VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWk05VExJNGdzWmJTVzhmTWZsa3lUNU9CTW5VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1 RjQzLzU5OUZFQjQ0Q0JGNjExRUY5RjU3RTkyREM0RjlBRTAyL1pNOVRMSTRnc1pi U1c4Zk1mbGt5VDVPQk1uVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEsnwXb6o6fw9trbIZahRMHjdZvX15ZF8ARdwcEyjkC19mmo1AnZFmKL J2yZ2BEC9pvdZLoluy7LQUFNPb+atJa3E6TD7Z580MB14+b7TDtenrZHnePAvoMP 5H5sLgqOKrge6kqIV0+k36eTzwS9QK0O/4OddW9rPe4s+rBNpRkwoovYRtwkstCI IEydXSo0rD+2sbLfwOf9vh37lfQZWH4MGUo5UzULGINSow/S2T+oVLjzlhcuy/Jq ZsWfz04/6Cx+d32EacHgAEIoxXKKKnOmCW+D9Hp265BL3533FxhztG/ESENRedON 4raIt5xxnfZqcbECKr0Qwi5FwfRb2Kk= -----END CERTIFICATE-----Generated at Thu Jul 3 07:20:35 2025 by rpki-client