$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft File: zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft (raw, json) Hash identifier: evFOLPGulrveEBmYkV2+7Ggoaw0Q5MoQhY2jb6vJnvY= Subject key identifier: D8:36:C4:28:7A:7D:39:65:BF:A2:8F:DF:FA:6F:83:74:64:6D:99:C8 Authority key identifier: CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71 Certificate issuer: /CN=A91AAE63/serialNumber=CC7C5F2780A80D3C666B2BF69153F20484BEEE71 Certificate serial: 01AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft Manifest number: 01AA Signing time: Tue 01 Jul 2025 03:38:18 +0000 Manifest this update: Tue 01 Jul 2025 03:38:18 +0000 Manifest next update: Tue 08 Jul 2025 03:38:18 +0000 Files and hashes: 1: zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl (hash: 2HeBAkJbzZE3a2b0kawL1bYXusdY0uEmC2lWPNKAx8k=) 2: 5DCF3814CA0E11ED9251861DC4F9AE02.roa (hash: QPqR58JeNFPJi8H+5XnKJrf+9hDaJRDjHQAg1P1N4n8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:38:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 429 (0x1ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAE63, serialNumber=CC7C5F2780A80D3C666B2BF69153F20484BEEE71 Validity Not Before: Jul 1 03:38:18 2025 GMT Not After : Jul 8 03:38:18 2025 GMT Subject: CN=6863582a-4101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ac:77:9e:6f:d8:c5:3b:48:04:d6:57:91:1d: 7b:70:23:de:50:73:f7:6e:7f:0a:0a:e1:c6:ee:55: d9:88:99:38:41:8d:61:bd:14:0d:41:18:1f:dd:2a: 78:a3:34:f0:07:81:05:ea:a2:54:46:ca:2c:50:42: 13:49:70:11:32:07:09:cf:dc:f7:5c:2e:d5:f5:06: 20:25:d9:85:3d:46:24:ae:38:b0:43:b4:9a:5a:fd: 3b:72:cd:0d:ab:72:8c:2d:cd:1f:8e:91:d5:79:4a: 29:40:8e:0d:99:d9:7b:ff:fb:f6:8c:88:55:aa:b2: 91:a9:26:29:f7:23:57:d1:d6:47:4e:df:bf:65:19: a9:b3:86:88:1d:05:39:93:1b:7d:bf:ec:5b:05:20: 6d:40:fd:e3:61:81:a5:dc:b9:5f:47:51:25:e3:cb: c5:ec:7d:6f:91:44:20:fa:8f:fb:0c:bb:0c:7a:2f: 8b:d6:54:bf:eb:e9:35:0c:2e:e8:54:25:ec:f9:fe: ec:67:04:e9:df:f0:9e:4b:bf:f1:f5:e7:b2:6b:9a: 15:14:3e:7c:fd:e9:2f:a2:f6:a3:ee:6a:a7:18:df: 69:5e:6e:a8:62:74:9e:3a:2f:00:ee:6f:fd:24:7b: 72:66:77:63:6f:c4:9a:82:f8:3d:b3:bd:40:71:db: 40:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:36:C4:28:7A:7D:39:65:BF:A2:8F:DF:FA:6F:83:74:64:6D:99:C8 X509v3 Authority Key Identifier: keyid:CC:7C:5F:27:80:A8:0D:3C:66:6B:2B:F6:91:53:F2:04:84:BE:EE:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zHxfJ4CoDTxmayv2kVPyBIS-7nE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE63/5E966394CA0911ED81B6F63CC4F9AE02/zHxfJ4CoDTxmayv2kVPyBIS-7nE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:f5:e4:d9:e3:d8:95:18:39:5c:b6:65:c2:97:0a:de:0a:4f: 4a:e8:36:9d:72:89:c5:dc:5e:64:ec:fc:84:f6:f3:96:13:b1: 3f:84:ba:4a:f5:35:a5:c8:53:af:a6:ea:5f:17:75:27:bd:5b: f8:d0:d4:8e:5d:fb:be:19:49:94:dc:48:7f:35:97:19:d0:8f: 46:99:c3:2a:bc:00:96:21:46:76:82:a5:15:04:53:98:bd:83: 36:bd:6a:72:7a:ad:4d:f9:bd:9f:8c:b1:63:19:ce:0a:63:96: 4e:d4:32:66:b5:63:d3:be:54:d9:06:37:25:3e:a5:3e:0c:f8: 44:4d:8a:06:1f:ea:41:b3:bc:e3:4f:2a:4d:15:c0:85:4d:9d: 40:90:bf:18:f3:34:e0:bd:50:a3:0c:49:78:0b:14:2c:0d:3a: 20:e6:4a:56:1b:d5:0c:e4:d9:3d:bb:78:32:36:83:ee:d2:e8: de:a9:33:8c:9b:ba:3f:e8:0c:6c:ae:71:61:a4:f6:20:3c:56: 6e:6e:ef:b0:dd:6e:e0:59:9c:b2:5b:89:6f:a6:8f:37:9f:a5: 8e:a0:8d:70:da:f2:81:d7:fc:ba:22:20:ae:1d:5a:e1:a1:e6: 3f:a8:6b:7f:cc:98:d7:4c:26:ec:25:f9:77:9c:ff:56:49:26: bc:c6:4a:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFNjMxMTAvBgNVBAUTKENDN0M1RjI3ODBBODBEM0M2NjZCMkJGNjkxNTNGMjA0 ODRCRUVFNzEwHhcNMjUwNzAxMDMzODE4WhcNMjUwNzA4MDMzODE4WjAYMRYwFAYD VQQDEw02ODYzNTgyYS00MTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsqx3nm/YxTtIBNZXkR17cCPeUHP3bn8KCuHG7lXZiJk4QY1hvRQNQRgf3Sp4 ozTwB4EF6qJURsosUEITSXARMgcJz9z3XC7V9QYgJdmFPUYkrjiwQ7SaWv07cs0N q3KMLc0fjpHVeUopQI4Nmdl7//v2jIhVqrKRqSYp9yNX0dZHTt+/ZRmps4aIHQU5 kxt9v+xbBSBtQP3jYYGl3LlfR1El48vF7H1vkUQg+o/7DLsMei+L1lS/6+k1DC7o VCXs+f7sZwTp3/CeS7/x9eeya5oVFD58/ekvovaj7mqnGN9pXm6oYnSeOi8A7m/9 JHtyZndjb8Sagvg9s71AcdtAzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNg2xCh6 fTllv6KP3/pvg3RkbZnIMB8GA1UdIwQYMBaAFMx8XyeAqA08Zmsr9pFT8gSEvu5x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUU2My81RTk2NjM5NENB MDkxMUVEODFCNkY2M0NDNEY5QUUwMi96SHhmSjRDb0RUeG1heXYya1ZQeUJJUy03 bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pIeGZKNENvRFR4bWF5djJrVlB5QklTLTduRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUU2My81RTk2NjM5NENBMDkxMUVEODFCNkY2M0NDNEY5QUUwMi96SHhmSjRDb0RU eG1heXYya1ZQeUJJUy03bkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB69eTZ49iVGDlctmXClwreCk9K6DadconF3F5k7PyE9vOWE7E/hLpK 9TWlyFOvpupfF3UnvVv40NSOXfu+GUmU3Eh/NZcZ0I9GmcMqvACWIUZ2gqUVBFOY vYM2vWpyeq1N+b2fjLFjGc4KY5ZO1DJmtWPTvlTZBjclPqU+DPhETYoGH+pBs7zj TypNFcCFTZ1AkL8Y8zTgvVCjDEl4CxQsDTog5kpWG9UM5Nk9u3gyNoPu0ujeqTOM m7o/6AxsrnFhpPYgPFZubu+w3W7gWZyyW4lvpo83n6WOoI1w2vKB1/y6IiCuHVrh oeY/qGt/zJjXTCbsJfl3nP9WSSa8xkoo -----END CERTIFICATE-----Generated at Wed Jul 2 04:24:59 2025 by rpki-client