$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft File: ZH5crcsfv367iZpyGcOg8D0_ew0.mft (raw, json) Hash identifier: y60wlrypI26TuUH5bHVPgxuj83PyjXiR8rwUDpj0GNU= Subject key identifier: 22:E2:70:1F:F1:4D:A6:4D:D9:FF:01:F1:D4:3D:C0:F2:51:D5:82:CE Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D Certificate issuer: /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Certificate serial: 18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft Manifest number: 17 Signing time: Sat 23 Aug 2025 08:13:12 +0000 Manifest this update: Sat 23 Aug 2025 08:13:11 +0000 Manifest next update: Sat 30 Aug 2025 08:13:11 +0000 Files and hashes: 1: ZH5crcsfv367iZpyGcOg8D0_ew0.crl (hash: jpikpEh+a3Si/pwulGrHnuj0Vn+Nz3QGHyopk6LpqY8=) 2: 533DC25E60B511F0AB567568C4F9AE02.roa (hash: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:13:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Validity Not Before: Aug 23 08:13:11 2025 GMT Not After : Aug 30 08:13:11 2025 GMT Subject: CN=68a97818-9abe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a2:fa:fe:49:85:97:b4:82:3f:34:2b:e3:bc: 89:69:f8:cd:f0:6c:2c:e4:51:d0:d6:fa:d0:5b:ac: 2a:1b:ee:e9:ad:c4:dd:ef:80:53:6a:f3:f4:66:15: 2b:95:60:a8:20:7e:f4:34:d8:e0:f4:0a:c5:fb:71: 4d:57:a3:12:13:f5:db:0d:03:84:f2:77:4a:97:9d: 63:24:db:20:49:fc:98:d6:13:b3:8f:01:8d:d1:0d: 54:c4:09:61:6a:51:30:d8:54:24:a6:bb:c6:c0:59: ff:e0:c8:b3:a3:28:89:f6:8b:df:71:b7:e1:a2:24: fd:2c:1f:01:c6:e5:9c:ae:e3:14:98:68:ce:1c:cd: 6e:ec:fe:4c:9e:b7:cd:11:36:4d:a2:45:24:01:25: 17:e2:71:23:91:fb:c9:49:68:98:d5:bc:91:7c:3b: 6c:c4:7e:0e:43:8b:24:a6:c8:da:0e:14:e3:5c:51: 67:f4:c7:5f:9d:5b:af:ad:7a:cb:1f:5b:b3:6a:a1: d6:3a:4f:af:64:1d:47:9e:1d:f0:94:70:09:04:65: 5b:7f:6c:39:91:f6:02:b0:6e:c2:bf:0f:46:93:42: 7c:9a:25:f1:99:c9:cd:c2:fc:b2:bf:74:c3:16:8f: 34:20:6c:e7:88:01:cd:7a:1e:c4:13:d8:5a:e7:ac: c0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:E2:70:1F:F1:4D:A6:4D:D9:FF:01:F1:D4:3D:C0:F2:51:D5:82:CE X509v3 Authority Key Identifier: keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:69:03:d6:5d:9d:93:9f:e9:c6:b8:d6:9d:19:93:99:c6:e6: da:71:99:40:bd:c3:34:21:39:ba:da:fd:47:52:41:2a:92:c9: 46:8e:c1:f5:c3:8d:0a:dd:4a:cf:75:fd:be:73:b9:9f:8b:b8: f5:5c:ec:e2:a8:59:48:a5:af:b9:7a:12:47:9c:31:c5:95:9a: da:9e:20:2c:81:e5:93:0b:e3:5a:76:98:cc:b9:b1:a9:68:1e: 93:40:86:87:d3:9d:89:2b:7b:0e:19:05:35:52:d2:6c:b3:e0: b3:cc:54:2a:6d:ca:e0:7e:bb:12:c4:02:ac:4a:43:9f:f5:24: fb:db:a3:6a:8f:9a:de:af:53:b8:40:40:f5:fb:ce:b0:0c:63: 8d:ae:b4:4d:e7:70:69:ab:8d:91:22:a3:7a:47:a2:42:a7:1d: 5b:b6:84:a3:bf:8a:a6:3f:48:2d:fa:3b:b8:59:79:09:16:bc: 3a:b7:61:13:13:83:39:b2:83:ed:58:94:81:ae:b4:89:5a:fc: 88:a2:a4:ea:83:49:57:de:fe:cb:9f:91:28:f8:3f:b3:3f:12: 9e:37:cf:3b:47:1c:14:f3:d5:2c:28:17:4a:91:13:ef:35:f1: 20:9c:a7:3b:32:ad:5f:c4:12:90:8c:8e:06:2b:28:9b:83:75: 86:f5:ee:a5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz RDNGN0IwRDAeFw0yNTA4MjMwODEzMTFaFw0yNTA4MzAwODEzMTFaMBgxFjAUBgNV BAMTDTY4YTk3ODE4LTlhYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQovr+SYWXtII/NCvjvIlp+M3wbCzkUdDW+tBbrCob7umtxN3vgFNq8/RmFSuV YKggfvQ02OD0CsX7cU1XoxIT9dsNA4Tyd0qXnWMk2yBJ/JjWE7OPAY3RDVTECWFq UTDYVCSmu8bAWf/gyLOjKIn2i99xt+GiJP0sHwHG5Zyu4xSYaM4czW7s/kyet80R Nk2iRSQBJRficSOR+8lJaJjVvJF8O2zEfg5DiySmyNoOFONcUWf0x1+dW6+tessf W7NqodY6T69kHUeeHfCUcAkEZVt/bDmR9gKwbsK/D0aTQnyaJfGZyc3C/LK/dMMW jzQgbOeIAc16HsQT2FrnrMBxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIuJwH/FN pk3Z/wHx1D3A8lHVgs4wHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1 MURFLzkwNEY4NzBBNjBCNDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2 N2lacHlHY09nOEQwX2V3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFRpA9ZdnZOf6ca41p0Zk5nG5tpxmUC9wzQhObra/UdSQSqSyUaOwfXD jQrdSs91/b5zuZ+LuPVc7OKoWUilr7l6EkecMcWVmtqeICyB5ZML41p2mMy5salo HpNAhofTnYkrew4ZBTVS0myz4LPMVCptyuB+uxLEAqxKQ5/1JPvbo2qPmt6vU7hA QPX7zrAMY42utE3ncGmrjZEio3pHokKnHVu2hKO/iqY/SC36O7hZeQkWvDq3YRMT gzmyg+1YlIGutIla/IiipOqDSVfe/sufkSj4P7M/Ep43zztHHBTz1SwoF0qRE+81 8SCcpzsyrV/EEpCMjgYrKJuDdYb17qU= -----END CERTIFICATE-----Generated at Sat Aug 23 21:35:14 2025 by rpki-client