$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft File: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft (raw, json) Hash identifier: wfH42NcxfMf6m4O+VJoCCkK8WBbUE1/6/8kJ1AbPCTg= Subject key identifier: 4D:8B:8D:48:BB:3F:DA:3C:6E:1C:67:54:8F:E1:F1:6B:D8:F3:C4:A1 Authority key identifier: 66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A Certificate issuer: /CN=A91C146D/serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft Manifest number: 25 Signing time: Sun 11 May 2025 06:36:38 +0000 Manifest this update: Sun 11 May 2025 06:36:37 +0000 Manifest next update: Sun 18 May 2025 06:36:37 +0000 Files and hashes: 1: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl (hash: k9+RLuua5deYLh8U0RODN4og8DsF7ae5Q8+e0qnyW1o=) 2: 992A7358004211F0AC90656CC4F9AE02.roa (hash: 6uK19EDHQqPyaVVXXtHQJXfGGnOJLngyIEFvwQHYfKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Validity Not Before: May 11 06:36:37 2025 GMT Not After : May 18 06:36:37 2025 GMT Subject: CN=68204575-5b3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f1:c3:fa:4c:d1:24:4c:7a:85:df:63:a6:cc: 5f:7a:c4:43:de:11:4b:c3:a7:af:e2:6b:88:7f:8c: fe:a7:7b:2d:64:b9:6b:92:85:87:97:d9:a0:c5:9d: 0c:38:8a:6a:4b:0a:3a:5a:3b:5a:1e:7e:71:cd:59: 84:58:16:6c:20:64:bf:4f:a6:0e:94:db:41:98:1b: ac:41:38:c2:9e:d4:4f:94:0f:4f:f9:6c:4b:37:9c: 66:12:42:3b:39:d4:52:c8:cf:d2:a2:db:ad:fb:17: 54:14:f6:8e:f9:57:19:4f:e1:12:14:7b:28:e5:15: 3e:c4:76:4b:9b:bb:45:4b:7d:cc:74:85:b5:4b:e9: 63:ed:43:9c:ea:53:d0:5e:e1:d6:1e:89:90:a6:57: d9:7f:fc:ca:a4:63:9c:e0:b8:bd:71:15:9a:73:fa: be:65:e4:43:66:8c:8d:53:d3:f0:2a:88:a4:03:8f: ae:74:c2:74:e1:83:27:0c:24:9d:49:7d:d7:1f:53: 99:25:65:14:d8:33:36:90:1e:15:45:63:16:df:34: 91:2c:ca:c6:9e:e1:da:8a:5d:c4:0e:64:b5:2d:bf: c7:16:8a:b5:5e:b7:11:a9:fa:9e:1e:8b:2a:39:24: ea:64:99:2a:cb:af:b5:ee:62:ae:be:00:dc:b0:3d: 73:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8B:8D:48:BB:3F:DA:3C:6E:1C:67:54:8F:E1:F1:6B:D8:F3:C4:A1 X509v3 Authority Key Identifier: keyid:66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:c3:96:2c:9b:85:a1:fd:0b:3f:42:6b:a9:fd:f5:0c:6c:0f: 7c:f0:a1:65:a9:0a:b7:4b:c3:15:85:5d:64:e6:e2:89:a0:03: 8e:8d:8f:08:ed:b7:c7:47:29:79:e9:2e:42:a4:95:0f:6b:49: 72:35:aa:b1:03:e2:7e:b7:f3:0d:7d:f9:8e:e1:22:f9:d4:90: c3:b3:37:5d:70:cb:8b:b4:4c:76:53:58:b7:e4:45:3a:92:4f: 27:e8:bb:b5:2d:aa:94:e9:43:55:5d:ed:a5:dc:4d:09:23:c6: bf:15:83:2d:d6:6b:e7:c0:ed:93:8e:84:b3:90:6f:be:c3:87: b7:03:fd:21:ab:f2:7b:49:63:a4:14:43:87:89:6d:7a:ad:f5: 98:d6:54:a6:b8:7e:82:05:da:59:17:6a:5a:f5:4f:ac:0e:11: 9c:52:97:59:a4:19:24:b2:c1:df:5a:92:6c:7c:12:0c:18:a3: 81:f6:c8:00:4b:3c:01:eb:19:e8:b1:66:c6:e4:c7:7d:86:0e: 64:59:2a:3c:2a:e3:d7:5d:df:4c:ef:7b:44:a2:56:32:5b:66: 06:c0:07:34:c6:1a:83:71:57:50:63:10:37:e1:4d:52:0e:3b: 14:38:0f:09:0e:29:2a:1a:fb:fd:18:65:5d:c5:5c:24:38:a6: 12:64:50:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MTQ2RDExMC8GA1UEBRMoNjY0RTU5QTAwMEI5MUU3MkY4MDNFNkQ4Njg0MTE1NEM4 MDU2Qjg4QTAeFw0yNTA1MTEwNjM2MzdaFw0yNTA1MTgwNjM2MzdaMBgxFjAUBgNV BAMTDTY4MjA0NTc1LTViM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDc8cP6TNEkTHqF32OmzF96xEPeEUvDp6/ia4h/jP6ney1kuWuShYeX2aDFnQw4 impLCjpaO1oefnHNWYRYFmwgZL9Ppg6U20GYG6xBOMKe1E+UD0/5bEs3nGYSQjs5 1FLIz9Ki2637F1QU9o75VxlP4RIUeyjlFT7Edkubu0VLfcx0hbVL6WPtQ5zqU9Be 4dYeiZCmV9l//MqkY5zguL1xFZpz+r5l5ENmjI1T0/AqiKQDj650wnThgycMJJ1J fdcfU5klZRTYMzaQHhVFYxbfNJEsysae4dqKXcQOZLUtv8cWirVetxGp+p4eiyo5 JOpkmSrLr7XuYq6+ANywPXP5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTYuNSLs/ 2jxuHGdUj+Hxa9jzxKEwHwYDVR0jBBgwFoAUZk5ZoAC5HnL4A+bYaEEVTIBWuIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMxNDZEL0VDQjAwQjQyMDAz NzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5MNEEtYllhRUVWVElCV3VJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWms1Wm9BQzVIbkw0QS1iWWFFRVZUSUJXdUlvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMx NDZEL0VDQjAwQjQyMDAzNzExRjBCQkQ3MjQ3NUM0RjlBRTAyL1prNVpvQUM1SG5M NEEtYllhRUVWVElCV3VJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEPDliybhaH9Cz9Ca6n99QxsD3zwoWWpCrdLwxWFXWTm4omgA46Njwjt t8dHKXnpLkKklQ9rSXI1qrED4n638w19+Y7hIvnUkMOzN11wy4u0THZTWLfkRTqS Tyfou7UtqpTpQ1Vd7aXcTQkjxr8Vgy3Wa+fA7ZOOhLOQb77Dh7cD/SGr8ntJY6QU Q4eJbXqt9ZjWVKa4foIF2lkXalr1T6wOEZxSl1mkGSSywd9akmx8EgwYo4H2yABL PAHrGeixZsbkx32GDmRZKjwq49dd30zve0SiVjJbZgbABzTGGoNxV1BjEDfhTVIO OxQ4DwkOKSoa+/0YZV3FXCQ4phJkUIA= -----END CERTIFICATE-----Generated at Sun May 11 13:47:12 2025 by rpki-client