$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft File: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft (raw, json) Hash identifier: K3pa45r2sYyJ0tKSoe9TOhm7FYd2eM4DhKcSGlS5M/Y= Subject key identifier: FE:E0:C0:D1:13:06:AF:D2:E8:BA:8F:5C:5C:DC:7F:AF:56:7F:A4:39 Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1AD8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft Manifest number: 9F1F Signing time: Mon 12 May 2025 14:29:50 +0000 Manifest this update: Mon 12 May 2025 14:29:50 +0000 Manifest next update: Mon 19 May 2025 14:29:50 +0000 Files and hashes: 1: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl (hash: JP0HjXxtt3O4CThdYpiY2bGUaIgupegENrRH0QKsiXk=) 2: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (hash: RYynr8uizf4mxXQD/bYs58a0i9OmwI4vdpj7nHmjiJU=) 3: 959AC422557911EBBD21EB2FC4F9AE02.roa (hash: oMF/P2hGXRHcLkAXgbmeUw5lcthqUMWdcFQRgDGmw2Q=) 4: 20C6F2EC699D11EAA33EAE83C4F9AE02.roa (hash: 68iXhMXoCKzkvFm4ZJIC/ibhTxkbyNkKn12MmIsJUjc=) 5: 191363A69DD911EC99D91668C4F9AE02.roa (hash: oqniAucPfqcKV0mTFTmt9sxkwi/yyX2GOXb0nYNRsyI=) 6: ACC8833824DE11EDAEC0E529C4F9AE02.roa (hash: SpN5g9M2rsSW+Cra37fKcK/lk5XqYbPAMh8S4vUS9qk=) 7: 4FF339D8F01D11EB8C4B505BC4F9AE02.roa (hash: U9RF+JaWcsKZTr1DEGw1Y5hTdB+oWxy9sRXTz5ZgIuo=) 8: C89FD6DA557611EBA04C290BC4F9AE02.roa (hash: Y+JgutBZqKB0sr/67XUkEfaEMyqBwPZIYt+9Yv44r5c=) 9: FC6A19D892D511EC8FBFF32AC4F9AE02.roa (hash: kjWRly5sP345NgQNsNa2Y38tsuhMAJkUf7cDKkslnxQ=) 10: 1BF3A43C15BE11EF93ABFD7DC4F9AE02.roa (hash: Dnw6VZCydK3JoKDSOzotlEvfgmRpxLVN7ezEA2ZyyGo=) 11: 0B24875C7A4411EB804B7430C4F9AE02.roa (hash: Y+xehgtewaeOdOL6PowHHRPVgAd4mQJAADuq74in7FA=) 12: 3D68F8C29A4A11EA94706012C4F9AE02.roa (hash: +Q2D0d9yEIcvHWqL458RmFQjgHnoWa/Nyf3wOjdRqJY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:29:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6872 (0x1ad8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Validity Not Before: May 12 14:29:50 2025 GMT Not After : May 19 14:29:50 2025 GMT Subject: CN=682205de-6e68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:1a:55:75:26:f8:28:fe:77:e8:28:3e:4f:e3: 8f:05:f1:c9:cd:5f:b2:1f:36:5a:86:b6:00:a3:fe: 75:d9:87:eb:c9:5f:61:2b:57:95:49:78:60:41:c0: c4:2e:c0:9d:91:93:59:72:4f:74:d3:5d:26:23:91: 7e:28:39:dc:a3:7c:e2:2a:d1:df:30:8a:04:90:cd: 01:38:59:e4:cf:ad:44:54:c1:ca:9b:01:2c:0f:5d: b8:d8:d1:df:29:db:c8:f2:b9:95:30:4e:2d:94:6e: c4:ca:6f:3f:5b:a8:2f:54:e3:35:62:1d:13:8d:c3: 5e:31:a0:54:e5:2e:b3:5c:d9:49:40:63:84:d3:00: 37:55:43:e9:19:44:3f:b2:8f:38:eb:d2:17:6b:13: 87:dd:18:7b:a4:63:06:16:3b:2a:9b:a1:81:91:29: d6:06:92:e3:cb:c9:78:58:2a:4e:df:41:ef:dc:82: c0:f4:33:0e:9e:bb:cd:05:df:4d:05:b7:8f:cd:d3: f3:b8:35:fa:c9:2f:62:e7:16:db:fc:9a:e2:fc:c7: 37:7a:1b:b7:54:c1:02:09:19:6d:d3:6b:19:cb:dd: a6:a2:5b:d0:4e:e4:7e:eb:a6:63:69:7b:e6:4f:0e: 1a:4f:38:d9:e5:b2:2f:b5:7f:de:81:dd:bb:b8:43: 9a:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:E0:C0:D1:13:06:AF:D2:E8:BA:8F:5C:5C:DC:7F:AF:56:7F:A4:39 X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:63:ec:5d:34:e0:69:68:76:91:7f:68:34:df:bf:7d:c6:74: b4:2f:80:7f:6c:96:5f:f9:dd:82:34:6e:3f:23:28:95:6f:6d: 67:4d:03:37:79:46:16:a6:fa:a0:dc:3b:d4:02:49:08:90:61: ad:f7:31:b6:d0:6e:47:49:ec:71:92:02:16:81:ce:c0:5b:b8: 2b:46:69:d5:ed:8d:5c:0c:c2:ea:1d:cd:5f:70:d8:f0:ad:75: 30:9f:3a:2d:8a:64:8a:c8:a5:ce:e8:e2:8b:e8:61:4a:e6:40: 11:3a:9d:90:d3:5d:70:21:e8:bc:d5:20:17:62:e7:31:5f:74: 7c:0e:99:ca:57:27:be:7b:c7:be:ff:51:51:f6:2d:4b:c8:bc: 45:e7:6c:52:b1:db:ed:e3:5b:bc:56:71:1a:18:23:8c:4e:51: 8e:57:b8:53:3b:88:9c:98:fe:fb:f5:00:f9:d8:00:b3:ac:78: 49:32:ac:2f:26:4a:d2:92:62:5a:63:21:e1:0a:c9:12:89:94: 1d:07:3b:3e:ae:75:b5:df:1a:61:f0:63:0a:5a:44:79:fa:a1: d2:25:75:a0:fe:32:95:e6:d7:89:a2:12:db:d9:c3:45:52:db: 55:92:47:c8:4a:b4:17:0b:78:30:d4:53:5f:82:47:25:94:09: e8:d4:17:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjUwNTEyMTQyOTUwWhcNMjUwNTE5MTQyOTUwWjAYMRYwFAYD VQQDEw02ODIyMDVkZS02ZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3BpVdSb4KP536Cg+T+OPBfHJzV+yHzZahrYAo/512YfryV9hK1eVSXhgQcDE LsCdkZNZck90010mI5F+KDnco3ziKtHfMIoEkM0BOFnkz61EVMHKmwEsD1242NHf KdvI8rmVME4tlG7Eym8/W6gvVOM1Yh0TjcNeMaBU5S6zXNlJQGOE0wA3VUPpGUQ/ so8469IXaxOH3Rh7pGMGFjsqm6GBkSnWBpLjy8l4WCpO30Hv3ILA9DMOnrvNBd9N BbePzdPzuDX6yS9i5xbb/Jri/Mc3ehu3VMECCRlt02sZy92molvQTuR+66ZjaXvm Tw4aTzjZ5bIvtX/egd27uEOaSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7gwNET Bq/S6LqPXFzcf69Wf6Q5MB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdY T3pCMUFIMmxNM3JIM3NTNEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAY+xdNOBpaHaRf2g03799xnS0L4B/bJZf+d2CNG4/IyiVb21nTQM3 eUYWpvqg3DvUAkkIkGGt9zG20G5HSexxkgIWgc7AW7grRmnV7Y1cDMLqHc1fcNjw rXUwnzotimSKyKXO6OKL6GFK5kAROp2Q011wIei81SAXYucxX3R8DpnKVye+e8e+ /1FR9i1LyLxF52xSsdvt41u8VnEaGCOMTlGOV7hTO4icmP779QD52ACzrHhJMqwv JkrSkmJaYyHhCskSiZQdBzs+rnW13xph8GMKWkR5+qHSJXWg/jKV5teJohLb2cNF UttVkkfISrQXC3gw1FNfgkcllAno1BeG -----END CERTIFICATE-----Generated at Fri May 16 10:29:29 2025 by rpki-client