$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft File: zIQ-FAouPvvguUneDtgDg5BgVB0.mft (raw, json) Hash identifier: B2NkFFNojulzCcD6Pa2MKeZh4Xeatf6eEHkRyYeEiE0= Subject key identifier: 56:D5:25:94:A7:36:FB:FB:DE:F2:63:FA:B5:F2:ED:A8:10:F6:F6:D8 Authority key identifier: CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D Certificate issuer: /CN=A91C1A37/serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Certificate serial: 30BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft Manifest number: 30A5 Signing time: Wed 02 Jul 2025 15:32:56 +0000 Manifest this update: Wed 02 Jul 2025 15:32:56 +0000 Manifest next update: Wed 09 Jul 2025 15:32:56 +0000 Files and hashes: 1: zIQ-FAouPvvguUneDtgDg5BgVB0.crl (hash: l5KMfnDZ6GBGy6+F5cF5hYmZLgZAryceNbV23OcdjdQ=) 2: C3F53A0654F011E7BE4A6431C4F9AE02.roa (hash: 54WI7bxOwof+H1Cz8+uPiLZ+tzpprbk2GuCnR0w5MUY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12478 (0x30be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1A37, serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Validity Not Before: Jul 2 15:32:56 2025 GMT Not After : Jul 9 15:32:56 2025 GMT Subject: CN=68655128-2cdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a7:26:ee:33:8e:aa:06:9e:2e:25:93:c1:34: 55:5b:16:9f:51:c1:e4:09:59:ce:61:f5:14:61:f7: 15:1a:68:03:4a:c1:b5:b5:2e:1f:80:29:cd:1a:41: f2:ea:82:28:31:a9:cb:ce:86:b8:1d:e2:4e:5d:07: 84:38:05:d5:18:b2:88:99:79:61:5a:e2:8a:a0:46: 7b:f2:37:93:3d:6a:98:d0:98:ea:7a:2b:12:8b:5a: 32:5e:a4:4d:71:d3:8e:43:72:69:c7:32:54:69:96: e4:aa:b9:b8:63:52:b8:77:04:2a:ec:7d:7d:c5:83: 92:3b:02:59:fd:fb:17:0c:f1:7c:be:f7:3a:4a:d1: 3d:80:fe:a9:cd:8c:50:7f:41:67:6f:35:b4:15:8f: d4:5b:cd:5a:ff:d5:7d:96:a7:bc:59:6f:59:2b:56: 11:d7:9b:26:ba:c9:79:38:00:06:2c:b8:2f:2f:0c: cf:26:f0:68:05:19:59:44:b6:c8:6c:1b:14:d3:d0: d6:0d:5b:f6:b0:54:71:65:c2:b4:70:51:d4:05:3f: f4:21:6b:a2:ed:33:aa:5c:15:6d:1a:be:8d:c7:28: da:25:7a:dc:91:87:80:e6:2b:43:67:8f:b0:8b:f2: 83:d2:32:4b:1b:90:1e:3b:54:e3:fa:c5:20:23:fa: 7c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:D5:25:94:A7:36:FB:FB:DE:F2:63:FA:B5:F2:ED:A8:10:F6:F6:D8 X509v3 Authority Key Identifier: keyid:CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:dd:ea:e0:c6:75:b7:33:52:ae:85:59:5d:3e:3a:0c:9e:b5: fb:b9:f1:13:47:88:0b:87:48:71:57:04:9f:22:84:65:39:fb: e7:ee:7c:9c:23:47:03:62:ce:04:2e:6d:a1:62:66:7f:16:b2: c1:53:00:12:e9:0e:27:9c:f1:d8:e2:79:b2:8e:47:be:36:bb: 7a:97:bf:f8:c4:db:46:6d:f8:65:0c:d0:d5:ca:eb:1f:72:a6: 1d:fa:61:d0:a2:ab:91:02:14:6a:05:63:43:0f:c4:e9:4e:d1: 73:59:1a:f2:1b:b0:08:28:ea:6e:da:d6:db:7f:f5:05:e5:b7: db:bd:07:45:10:79:c4:3b:50:e2:65:c6:44:ec:c7:ed:2b:87: e1:ce:aa:c2:6a:c3:7a:c9:cc:94:ac:d2:92:6c:2b:5a:6f:36: cd:4f:21:7b:df:18:aa:f4:a3:3b:c9:08:fe:fb:fd:90:00:2c: 4f:ac:9c:63:5e:c3:88:60:b2:f2:f1:93:1d:de:b5:2d:42:1e: 19:16:04:0e:eb:09:07:01:c7:ab:be:36:c2:f2:bb:5c:2b:d8: cb:b9:29:56:54:35:b4:3c:8b:fe:45:4b:33:da:4a:a0:59:07: eb:ea:3e:81:d3:ba:4c:25:82:50:d5:ed:a6:21:c1:2d:f0:e1: c1:a5:fd:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICML4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFBMzcxMTAvBgNVBAUTKENDODQzRTE0MEEyRTNFRkJFMEI5NDlERTBFRDgwMzgz OTA2MDU0MUQwHhcNMjUwNzAyMTUzMjU2WhcNMjUwNzA5MTUzMjU2WjAYMRYwFAYD VQQDEw02ODY1NTEyOC0yY2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtqcm7jOOqgaeLiWTwTRVWxafUcHkCVnOYfUUYfcVGmgDSsG1tS4fgCnNGkHy 6oIoManLzoa4HeJOXQeEOAXVGLKImXlhWuKKoEZ78jeTPWqY0JjqeisSi1oyXqRN cdOOQ3JpxzJUaZbkqrm4Y1K4dwQq7H19xYOSOwJZ/fsXDPF8vvc6StE9gP6pzYxQ f0FnbzW0FY/UW81a/9V9lqe8WW9ZK1YR15smusl5OAAGLLgvLwzPJvBoBRlZRLbI bBsU09DWDVv2sFRxZcK0cFHUBT/0IWui7TOqXBVtGr6NxyjaJXrckYeA5itDZ4+w i/KD0jJLG5AeO1Tj+sUgI/p83QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFbVJZSn Nvv73vJj+rXy7agQ9vbYMB8GA1UdIwQYMBaAFMyEPhQKLj774LlJ3g7YA4OQYFQd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUEzNy82ODY4RTAyOEU3 RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2dmd1VW5lRHRnRGc1QmdW QjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJUS1GQW91UHZ2Z3VVbmVEdGdEZzVCZ1ZCMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUEzNy82ODY4RTAyOEU3RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2 dmd1VW5lRHRnRGc1QmdWQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/3ergxnW3M1KuhVldPjoMnrX7ufETR4gLh0hxVwSfIoRlOfvn7nyc I0cDYs4ELm2hYmZ/FrLBUwAS6Q4nnPHY4nmyjke+Nrt6l7/4xNtGbfhlDNDVyusf cqYd+mHQoquRAhRqBWNDD8TpTtFzWRryG7AIKOpu2tbbf/UF5bfbvQdFEHnEO1Di ZcZE7MftK4fhzqrCasN6ycyUrNKSbCtabzbNTyF73xiq9KM7yQj++/2QACxPrJxj XsOIYLLy8ZMd3rUtQh4ZFgQO6wkHAcervjbC8rtcK9jLuSlWVDW0PIv+RUsz2kqg WQfr6j6B07pMJYJQ1e2mIcEt8OHBpf1e -----END CERTIFICATE-----Generated at Thu Jul 3 11:28:02 2025 by rpki-client