$ rpki-client -vvf rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft File: zlgHMAQJCIdOtirydgUp51w9XGg.mft (raw, json) Hash identifier: SgpKP/bq+Za6kvIeNaOc4BcSgzDF0Vc731vwxJ88LIc= Subject key identifier: 85:4A:F0:F7:DA:98:04:E4:9C:45:04:B0:52:5D:19:5F:EA:8C:9E:22 Authority key identifier: CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68 Certificate issuer: /CN=A91E89CD/serialNumber=CE580730040908874EB62AF2760529E75C3D5C68 Certificate serial: 08DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft Manifest number: 08CF Signing time: Thu 08 May 2025 20:21:46 +0000 Manifest this update: Thu 08 May 2025 20:21:46 +0000 Manifest next update: Thu 15 May 2025 20:21:46 +0000 Files and hashes: 1: zlgHMAQJCIdOtirydgUp51w9XGg.crl (hash: IHje74n378zvWSGt2/tsAoWCQIcnYmT0fqy+/S2U6+8=) 2: 8698CD28A42211EB91621734C4F9AE02.roa (hash: liguL5yWelfphfIz9rHVaKh3TqmzzrhEVoBWguDMI9M=) 3: D3ECF4B8E61D11EBB92C167BC4F9AE02.roa (hash: /n6JoBCxKb39xofyDRMG1k20W82UdWlbULQ4CPVAgMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.crl rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 20:21:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2270 (0x8de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E89CD, serialNumber=CE580730040908874EB62AF2760529E75C3D5C68 Validity Not Before: May 8 20:21:46 2025 GMT Not After : May 15 20:21:46 2025 GMT Subject: CN=681d125a-cf46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:28:51:21:ea:43:76:6a:40:5b:b6:43:c3:5d: ab:7e:3b:79:66:be:86:7d:b5:9b:9a:1f:55:79:67: a1:41:42:36:03:6d:a3:5a:ed:76:c6:95:fa:c8:3c: f1:13:09:07:e2:d7:bf:c2:df:e7:91:36:37:e2:9b: 50:9b:4b:93:1b:bd:af:27:30:7d:83:d4:98:45:05: 01:1d:aa:62:ed:51:d1:95:22:74:3d:16:0e:a4:a4: 9d:3c:38:62:b3:43:9d:be:b3:e4:f6:e9:5a:e0:5a: d8:a0:ad:db:1f:f4:59:4f:87:d4:93:51:5b:d0:64: 86:22:5a:6b:1d:ed:a1:96:8c:00:dc:88:a7:9e:d1: 35:f4:91:b2:cd:de:cb:98:3b:98:df:be:b8:e6:b4: 45:97:0b:43:58:3f:7b:18:4a:c0:03:f0:89:5f:b1: a5:b3:2c:db:62:b5:3f:f5:ce:c5:90:a4:e7:d4:58: 4c:7a:4c:2e:09:aa:94:2f:1c:d0:20:65:18:30:d6: 55:9b:16:85:5a:ab:d1:48:22:a5:31:e7:1c:8d:46: 15:d8:72:de:64:0d:b7:64:e1:f9:e0:43:01:c1:d4: 93:bd:9f:1d:f4:82:23:67:f0:63:26:4a:0f:e1:7a: 13:32:44:19:31:8f:76:2e:31:91:b7:9b:fa:b6:9f: 77:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:4A:F0:F7:DA:98:04:E4:9C:45:04:B0:52:5D:19:5F:EA:8C:9E:22 X509v3 Authority Key Identifier: keyid:CE:58:07:30:04:09:08:87:4E:B6:2A:F2:76:05:29:E7:5C:3D:5C:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zlgHMAQJCIdOtirydgUp51w9XGg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E89CD/3C0D4A16B05511EAA045B80EC4F9AE02/zlgHMAQJCIdOtirydgUp51w9XGg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:c4:a0:35:fd:b5:d2:ee:1a:7f:10:c0:af:fe:4b:f3:31:8e: c4:80:d5:c8:48:6c:e6:9a:3d:69:1f:88:41:3c:a8:2e:dd:a2: 0b:77:fb:aa:27:8c:99:ba:0d:da:0e:0f:69:f0:5c:5d:96:fc: d7:05:eb:7b:de:20:61:19:06:d4:84:4b:a4:78:2d:64:37:75: fe:33:77:7d:a9:14:b5:b4:05:f0:0c:a2:84:f2:55:10:85:3c: 74:52:3f:e6:54:2d:e6:1d:82:c8:24:e0:9e:21:5a:5e:47:c8: 30:bf:74:be:2a:4d:8b:0b:93:e2:e1:fa:03:46:88:d9:e4:34: 05:78:2f:28:8c:15:f9:d0:46:dd:c6:8b:20:fb:e5:8a:91:45: b8:dd:44:a9:c8:ce:9b:76:93:06:a0:ba:d9:39:0f:cc:c1:0a: f7:78:16:b3:8d:6b:4a:db:1a:dc:b4:3e:d1:54:72:31:ef:3d: d5:39:5b:3f:33:40:17:fd:a0:26:79:69:f3:2f:42:32:be:f5: 51:e6:75:e0:fa:3d:61:45:c8:f6:51:11:09:e4:9a:44:74:10: c4:d7:d8:59:ee:06:94:e2:7a:88:46:09:0e:43:72:ac:e4:31: e9:35:30:14:ea:a9:ff:4b:6a:b1:87:b4:fa:40:0b:da:5d:c3: 6b:49:c8:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg5Q0QxMTAvBgNVBAUTKENFNTgwNzMwMDQwOTA4ODc0RUI2MkFGMjc2MDUyOUU3 NUMzRDVDNjgwHhcNMjUwNTA4MjAyMTQ2WhcNMjUwNTE1MjAyMTQ2WjAYMRYwFAYD VQQDEw02ODFkMTI1YS1jZjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyihRIepDdmpAW7ZDw12rfjt5Zr6GfbWbmh9VeWehQUI2A22jWu12xpX6yDzx EwkH4te/wt/nkTY34ptQm0uTG72vJzB9g9SYRQUBHapi7VHRlSJ0PRYOpKSdPDhi s0OdvrPk9ula4FrYoK3bH/RZT4fUk1Fb0GSGIlprHe2hlowA3IinntE19JGyzd7L mDuY37645rRFlwtDWD97GErAA/CJX7GlsyzbYrU/9c7FkKTn1FhMekwuCaqULxzQ IGUYMNZVmxaFWqvRSCKlMeccjUYV2HLeZA23ZOH54EMBwdSTvZ8d9IIjZ/BjJkoP 4XoTMkQZMY92LjGRt5v6tp938QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIVK8Pfa mATknEUEsFJdGV/qjJ4iMB8GA1UdIwQYMBaAFM5YBzAECQiHTrYq8nYFKedcPVxo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODlDRC8zQzBENEExNkIw NTUxMUVBQTA0NUI4MEVDNEY5QUUwMi96bGdITUFRSkNJZE90aXJ5ZGdVcDUxdzlY R2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3psZ0hNQVFKQ0lkT3RpcnlkZ1VwNTF3OVhHZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODlDRC8zQzBENEExNkIwNTUxMUVBQTA0NUI4MEVDNEY5QUUwMi96bGdITUFRSkNJ ZE90aXJ5ZGdVcDUxdzlYR2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4xKA1/bXS7hp/EMCv/kvzMY7EgNXISGzmmj1pH4hBPKgu3aILd/uq J4yZug3aDg9p8FxdlvzXBet73iBhGQbUhEukeC1kN3X+M3d9qRS1tAXwDKKE8lUQ hTx0Uj/mVC3mHYLIJOCeIVpeR8gwv3S+Kk2LC5Pi4foDRojZ5DQFeC8ojBX50Ebd xosg++WKkUW43USpyM6bdpMGoLrZOQ/MwQr3eBazjWtK2xrctD7RVHIx7z3VOVs/ M0AX/aAmeWnzL0IyvvVR5nXg+j1hRcj2UREJ5JpEdBDE19hZ7gaU4nqIRgkOQ3Ks 5DHpNTAU6qn/S2qxh7T6QAvaXcNrScjz -----END CERTIFICATE-----Generated at Fri May 9 21:11:02 2025 by rpki-client