$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft File: ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft (raw, json) Hash identifier: DS8HJKqKz1+2Hpaze726p7A+pYFrmkuQncMfSRXKV0I= Subject key identifier: 80:4C:3E:C1:57:A2:EE:3C:F0:A9:24:8B:E3:D9:70:39:97:A6:9B:94 Authority key identifier: 65:54:2C:EC:28:11:1F:C5:4B:A3:D2:AE:E3:3F:4C:E8:7B:7F:90:AD Certificate issuer: /CN=A91E4743/serialNumber=65542CEC28111FC54BA3D2AEE33F4CE87B7F90AD Certificate serial: 08A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft Manifest number: 0897 Signing time: Sat 10 May 2025 20:16:58 +0000 Manifest this update: Sat 10 May 2025 20:16:58 +0000 Manifest next update: Sat 17 May 2025 20:16:58 +0000 Files and hashes: 1: ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl (hash: xt9AqxwV0ebvZ/cnjzp1dN88hAZw8kTg6UoAhkNLGLk=) 2: 1B2E0738BB7011EA93F7DE4EC4F9AE02.roa (hash: Kkq3FSGMJtrxAckL14K8lEjZBbSHWGV4MxpopXgePZY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:16:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2208 (0x8a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4743, serialNumber=65542CEC28111FC54BA3D2AEE33F4CE87B7F90AD Validity Not Before: May 10 20:16:58 2025 GMT Not After : May 17 20:16:58 2025 GMT Subject: CN=681fb43a-3f70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:73:d4:60:45:bc:a6:22:8f:19:7b:64:c4:23: 9e:a4:50:c4:ce:c4:c7:15:12:d5:c8:3e:ae:6f:dd: ac:28:6c:47:ef:a0:2e:cc:bd:b2:29:9f:74:8d:84: 18:cd:e8:c7:3a:66:26:14:8d:fa:3d:1c:85:d9:a1: 97:5b:1c:dd:3b:d6:06:3d:be:0c:ff:2d:7e:b0:73: d1:ec:4d:ca:c2:61:5e:bf:ce:85:db:36:4f:ba:16: 37:5e:80:02:09:0e:0a:8c:74:30:29:3f:e5:86:b1: 2c:a0:a0:7d:39:a6:d6:37:4f:7a:77:0f:04:3b:65: e5:05:6c:72:a6:3d:14:19:9b:1c:44:8f:64:4e:a6: 3c:e2:ab:61:2f:9f:43:02:8e:c0:27:db:f3:fb:81: 98:50:85:7f:83:cf:80:e1:64:71:3a:c1:15:14:d2: 7e:38:a2:0a:1a:1a:dc:88:c7:89:0a:8f:db:8f:ea: 2d:5c:b7:b6:72:8e:93:31:a1:26:1b:1f:d7:4f:d6: 40:57:d9:09:28:8e:c8:ff:8e:2a:b9:a5:19:43:b2: 9b:72:d6:69:f7:04:2a:78:9c:c2:49:34:56:68:0d: ca:92:81:19:64:e0:c2:02:95:a8:ab:1d:bd:cd:16: 15:1c:8f:aa:93:06:74:24:b1:bf:6e:27:86:b3:9d: 95:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:4C:3E:C1:57:A2:EE:3C:F0:A9:24:8B:E3:D9:70:39:97:A6:9B:94 X509v3 Authority Key Identifier: keyid:65:54:2C:EC:28:11:1F:C5:4B:A3:D2:AE:E3:3F:4C:E8:7B:7F:90:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:3c:f1:00:38:06:0d:52:c7:5a:8a:c2:d4:c5:85:b2:35:16: c1:64:85:88:68:51:48:8f:71:b9:bc:16:0f:74:ba:d5:8d:46: b0:e2:6f:d2:dd:c2:59:a7:3d:ab:54:a1:27:43:65:2d:24:a8: 13:fa:51:00:38:cc:63:4b:28:29:b0:d5:c0:91:8c:b4:9c:f4: bd:c9:9c:74:e4:6d:cc:01:26:e2:72:3b:69:6a:ba:70:93:29: 4a:2a:3d:ce:02:10:c2:56:94:b8:89:d3:69:b1:76:27:2b:f6: 3a:e8:f9:7a:d7:e8:05:2c:34:c6:a9:3e:c2:e6:7b:3e:01:68: d5:30:f3:cf:ea:45:e4:bc:7c:66:98:d8:37:ee:03:38:e2:b8: 78:3d:5e:bc:35:ea:fe:d6:9c:4c:f8:c9:dc:12:40:fa:e3:be: 08:ab:48:5a:9e:a2:1e:7c:97:36:19:e4:a4:71:3e:98:06:e1: a5:cd:5d:be:18:d0:3b:ce:04:82:11:aa:da:f6:f5:f6:64:60: 5e:fa:20:d1:c2:04:e7:f9:93:22:a7:84:63:5d:95:75:81:43: 39:b2:65:b2:b1:0b:3a:b6:6f:b3:68:cf:74:2a:47:94:3e:0d: 43:ab:b6:39:27:6f:b6:06:3f:8b:4d:0e:93:86:94:f8:94:12: c1:76:52:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ3NDMxMTAvBgNVBAUTKDY1NTQyQ0VDMjgxMTFGQzU0QkEzRDJBRUUzM0Y0Q0U4 N0I3RjkwQUQwHhcNMjUwNTEwMjAxNjU4WhcNMjUwNTE3MjAxNjU4WjAYMRYwFAYD VQQDEw02ODFmYjQzYS0zZjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuHPUYEW8piKPGXtkxCOepFDEzsTHFRLVyD6ub92sKGxH76AuzL2yKZ90jYQY zejHOmYmFI36PRyF2aGXWxzdO9YGPb4M/y1+sHPR7E3KwmFev86F2zZPuhY3XoAC CQ4KjHQwKT/lhrEsoKB9OabWN096dw8EO2XlBWxypj0UGZscRI9kTqY84qthL59D Ao7AJ9vz+4GYUIV/g8+A4WRxOsEVFNJ+OKIKGhrciMeJCo/bj+otXLe2co6TMaEm Gx/XT9ZAV9kJKI7I/44quaUZQ7KbctZp9wQqeJzCSTRWaA3KkoEZZODCApWoqx29 zRYVHI+qkwZ0JLG/bieGs52VIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIBMPsFX ou488Kkki+PZcDmXppuUMB8GA1UdIwQYMBaAFGVULOwoER/FS6PSruM/TOh7f5Ct MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDc0My82NzBGODA5MkJC NkYxMUVBOTYxRkI4NEVDNEY5QUUwMi9aVlFzN0NnUkg4VkxvOUt1NHo5TTZIdF9r SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pWUXM3Q2dSSDhWTG85S3U0ejlNNkh0X2tLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDc0My82NzBGODA5MkJCNkYxMUVBOTYxRkI4NEVDNEY5QUUwMi9aVlFzN0NnUkg4 VkxvOUt1NHo5TTZIdF9rSzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGPPEAOAYNUsdaisLUxYWyNRbBZIWIaFFIj3G5vBYPdLrVjUaw4m/S 3cJZpz2rVKEnQ2UtJKgT+lEAOMxjSygpsNXAkYy0nPS9yZx05G3MASbicjtparpw kylKKj3OAhDCVpS4idNpsXYnK/Y66Pl61+gFLDTGqT7C5ns+AWjVMPPP6kXkvHxm mNg37gM44rh4PV68Ner+1pxM+MncEkD6474Iq0hanqIefJc2GeSkcT6YBuGlzV2+ GNA7zgSCEara9vX2ZGBe+iDRwgTn+ZMip4RjXZV1gUM5smWysQs6tm+zaM90KkeU Pg1Dq7Y5J2+2Bj+LTQ6ThpT4lBLBdlLm -----END CERTIFICATE-----Generated at Sun May 11 22:17:16 2025 by rpki-client