$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft File: RZTy7BffVsPQZUDzZtKvEYsxfx4.mft (raw, json) Hash identifier: sAJbFIzPmHIxs1xyNtyjQCHYvsTXd1+oSbJEeGZMOr0= Subject key identifier: F5:4E:E6:3B:7F:B4:0C:5A:7D:7E:BE:77:94:65:4A:53:5E:3D:AB:91 Authority key identifier: 45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E Certificate issuer: /CN=A91CE978/serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Certificate serial: FB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft Manifest number: F8 Signing time: Tue 06 May 2025 14:51:39 +0000 Manifest this update: Tue 06 May 2025 14:51:38 +0000 Manifest next update: Tue 13 May 2025 14:51:38 +0000 Files and hashes: 1: RZTy7BffVsPQZUDzZtKvEYsxfx4.crl (hash: Ym33R5WFrn2Jy86ETToUYRsD+CmZKzUvR4CNat8/iAs=) 2: 30EAE110B9AD11EE83063243C4F9AE02.roa (hash: /mgu4P2twSDACdGUYPekQQEcvJH+CFlbuOsPxwdYvXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 14:51:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 251 (0xfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978, serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Validity Not Before: May 6 14:51:38 2025 GMT Not After : May 13 14:51:38 2025 GMT Subject: CN=681a21fa-74ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:4f:9c:6b:88:0a:b9:49:b1:11:27:74:b9:d8: bf:88:d6:90:93:39:46:d1:7d:3d:a3:b2:fe:2b:80: 26:17:b5:2a:0c:47:48:52:92:7e:bc:2d:67:2e:38: fb:0e:f2:fe:34:0d:e8:f9:2a:36:35:c8:15:8a:62: 8c:9a:1b:2a:ee:ff:b4:02:e6:5a:48:67:4c:e5:b4: 8d:f9:41:00:8f:4d:26:52:a6:3f:97:3a:2b:2a:63: 1a:03:31:79:d6:71:fa:cb:01:49:82:4f:fa:71:94: 6a:7f:e4:c1:de:85:f0:a5:49:1c:ae:10:c1:34:fc: 9c:20:75:16:02:b9:67:e4:77:ec:ee:dc:bd:67:2d: 2f:84:72:8c:9d:b7:e8:1c:26:05:cc:71:04:c1:2e: 6f:c7:fd:dc:6f:d9:a9:67:e9:b8:35:a5:05:b2:8f: 12:7e:71:e5:c4:43:1a:80:d8:d1:69:8a:e0:55:36: 97:f1:87:9d:f9:b5:b8:53:ed:4e:05:a9:fc:d6:bf: 48:40:81:ce:5e:a7:d1:00:f7:9d:7f:05:f8:7d:ec: 4a:51:48:da:95:34:e5:b4:67:cb:85:2b:a9:dc:da: b0:5c:fb:23:a9:0a:d5:87:39:b5:6b:c8:fb:1f:00: 5c:bf:04:83:4f:a7:4e:75:f8:f4:be:8d:b2:c9:01: b6:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:4E:E6:3B:7F:B4:0C:5A:7D:7E:BE:77:94:65:4A:53:5E:3D:AB:91 X509v3 Authority Key Identifier: keyid:45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:4b:57:9d:d9:10:df:5d:51:13:45:50:e5:8e:2d:30:ee:d7: 91:ce:82:98:be:c9:2c:a4:c3:11:c4:a4:62:6e:7a:a7:b5:d4: 6b:ea:12:0b:01:15:da:fe:e0:45:73:83:66:ea:f5:4e:fa:20: d9:3a:b6:c1:ab:21:be:2d:bb:be:c8:ff:9a:ea:1f:d9:a0:e4: 0c:6f:ac:00:80:17:fe:d0:ec:5f:b9:0e:44:b3:91:e6:2b:83: 7a:c4:3d:0b:ce:09:a2:63:94:d2:ef:28:66:90:53:ab:b2:84: 21:75:fa:2f:7d:87:34:34:3f:af:de:23:5f:fe:51:08:7e:96: fe:1b:d7:5c:f6:b2:59:d6:4e:81:97:6f:56:90:53:97:2a:45: d6:92:72:72:b7:46:98:e7:12:4f:a7:9d:d9:37:4c:95:07:30: cf:ef:32:48:09:b8:3a:58:a4:1d:72:db:28:43:1a:e9:e4:92: 47:8c:bd:7d:4a:77:db:9d:50:af:aa:c8:09:00:d0:1d:e2:f9: 03:fa:f2:e9:c5:0f:7f:79:a9:67:65:7e:41:1b:c8:b1:b9:14: cd:08:cc:1a:e0:d0:f2:03:ed:d9:9b:b7:52:6c:2f:0d:5c:ea: 97:06:cb:f4:4f:5f:bf:6d:13:95:ad:d3:e3:6d:34:43:e0:76: d9:97:26:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U5NzgxMTAvBgNVBAUTKDQ1OTRGMkVDMTdERjU2QzNEMDY1NDBGMzY2RDJBRjEx OEIzMTdGMUUwHhcNMjUwNTA2MTQ1MTM4WhcNMjUwNTEzMTQ1MTM4WjAYMRYwFAYD VQQDEw02ODFhMjFmYS03NGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkU+ca4gKuUmxESd0udi/iNaQkzlG0X09o7L+K4AmF7UqDEdIUpJ+vC1nLjj7 DvL+NA3o+So2NcgVimKMmhsq7v+0AuZaSGdM5bSN+UEAj00mUqY/lzorKmMaAzF5 1nH6ywFJgk/6cZRqf+TB3oXwpUkcrhDBNPycIHUWArln5Hfs7ty9Zy0vhHKMnbfo HCYFzHEEwS5vx/3cb9mpZ+m4NaUFso8SfnHlxEMagNjRaYrgVTaX8Yed+bW4U+1O Ban81r9IQIHOXqfRAPedfwX4fexKUUjalTTltGfLhSup3NqwXPsjqQrVhzm1a8j7 HwBcvwSDT6dOdfj0vo2yyQG21QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPVO5jt/ tAxafX6+d5RlSlNePauRMB8GA1UdIwQYMBaAFEWU8uwX31bD0GVA82bSrxGLMX8e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTk3OC81REI1NTVBQUI4 REExMUVFQkM0QkVDMkRDNEY5QUUwMi9SWlR5N0JmZlZzUFFaVUR6WnRLdkVZc3hm eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JaVHk3QmZmVnNQUVpVRHpadEt2RVlzeGZ4NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTk3OC81REI1NTVBQUI4REExMUVFQkM0QkVDMkRDNEY5QUUwMi9SWlR5N0JmZlZz UFFaVUR6WnRLdkVZc3hmeDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdS1ed2RDfXVETRVDlji0w7teRzoKYvskspMMRxKRibnqntdRr6hIL ARXa/uBFc4Nm6vVO+iDZOrbBqyG+Lbu+yP+a6h/ZoOQMb6wAgBf+0OxfuQ5Es5Hm K4N6xD0LzgmiY5TS7yhmkFOrsoQhdfovfYc0ND+v3iNf/lEIfpb+G9dc9rJZ1k6B l29WkFOXKkXWknJyt0aY5xJPp53ZN0yVBzDP7zJICbg6WKQdctsoQxrp5JJHjL19 SnfbnVCvqsgJANAd4vkD+vLpxQ9/ealnZX5BG8ixuRTNCMwa4NDyA+3Zm7dSbC8N XOqXBsv0T1+/bROVrdPjbTRD4HbZlyZR -----END CERTIFICATE-----Generated at Wed May 7 04:18:02 2025 by rpki-client