$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft File: z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft (raw, json) Hash identifier: 3Ii804galkEW/OWpn1JhtJcHRNAuNDvweVOBqbDRHAU= Subject key identifier: C9:E2:39:62:7B:CC:CB:E5:95:BB:89:90:5A:2A:1E:44:7B:66:4F:DE Authority key identifier: CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF Certificate issuer: /CN=A91F8F9B/serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF Certificate serial: 8B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft Manifest number: 8A Signing time: Tue 13 May 2025 05:41:08 +0000 Manifest this update: Tue 13 May 2025 05:41:08 +0000 Manifest next update: Tue 20 May 2025 05:41:08 +0000 Files and hashes: 1: z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl (hash: eVJGp9/zZB9NzcDhgMcy/2YnnKm4vvXTOHzkfyx6fmk=) 2: 7143C5B85DBF11EFB8714857C4F9AE02.roa (hash: ap2qykakUMtuugznllb9ElqWzxnqoH122Li4BLMbH9U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 05:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 139 (0x8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8F9B, serialNumber=CFBB038FDB838654204962980AD221C9415D5CFF Validity Not Before: May 13 05:41:08 2025 GMT Not After : May 20 05:41:08 2025 GMT Subject: CN=6822db74-201e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2c:52:3b:ae:74:38:f2:2a:ca:e7:ed:1a:3b: c6:65:c7:74:aa:2c:d6:6a:7e:be:f2:2f:c4:02:05: 31:1b:aa:fe:f7:fc:dd:88:5c:a1:96:9e:e2:52:ce: aa:d4:cd:2a:02:80:4c:5a:d6:e8:d4:8b:58:f6:33: 0d:0a:f6:e0:3d:bc:f0:5e:95:6a:2a:30:96:d5:71: b8:8c:c6:25:13:19:27:2e:95:9d:69:4c:ac:11:1e: 8c:67:fd:ec:e1:9d:38:1f:55:84:a7:96:da:1e:de: d8:26:21:a6:09:72:45:2d:8d:6d:d3:fe:0b:b5:d0: 6e:08:a5:1a:5b:8f:90:5b:69:14:94:8a:6a:06:d1: 62:d0:7a:73:0c:5f:6f:ae:37:5e:78:6c:2c:f9:b2: c2:62:75:b1:bc:d1:4b:20:e4:7d:3c:5c:f6:79:0b: 39:70:28:aa:f7:07:76:e4:73:63:5b:b5:bf:86:2b: 70:bf:6e:31:04:1d:62:a0:94:d5:f9:56:62:4c:d7: 18:3b:56:1e:3b:01:fd:3f:24:30:fd:1e:02:b2:34: b6:39:c5:e9:ab:e1:f0:70:13:70:1b:8e:c9:e8:a0: 06:ee:9c:e6:2e:65:d9:2c:ad:f2:99:4d:c8:d4:f7: af:55:44:0f:63:64:96:71:e7:db:f1:64:dc:f4:91: 94:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E2:39:62:7B:CC:CB:E5:95:BB:89:90:5A:2A:1E:44:7B:66:4F:DE X509v3 Authority Key Identifier: keyid:CF:BB:03:8F:DB:83:86:54:20:49:62:98:0A:D2:21:C9:41:5D:5C:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z7sDj9uDhlQgSWKYCtIhyUFdXP8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8F9B/F902E5305DBD11EF8A06ED40C4F9AE02/z7sDj9uDhlQgSWKYCtIhyUFdXP8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:e8:7e:49:0d:0c:1b:3a:b2:01:61:2d:19:83:74:23:66:df: 42:91:d5:bd:52:94:d4:6c:5f:b8:7b:cb:fb:9c:70:2c:a6:56: 4c:e2:d0:d4:27:48:1b:0e:ac:a8:17:6e:2d:e5:f2:3a:bd:38: ce:db:b1:e1:2c:c7:ca:6c:c0:e3:db:c6:d8:53:f7:e4:d3:06: 34:87:fc:68:9a:37:7b:9d:16:48:76:29:4e:b4:e4:a7:2b:4b: ee:8e:5e:bc:7d:e5:c5:68:42:85:cc:ca:c5:77:1c:85:03:e6: 79:78:c1:eb:5e:f2:93:9b:2e:b5:74:33:f5:92:a2:1b:ab:96: 8a:29:c2:1a:64:d4:dd:14:e3:b6:ce:ea:eb:a0:16:51:28:4d: 72:25:b8:81:f7:b9:6c:8f:3b:fb:2d:30:a2:67:8d:42:2d:13: 0a:ad:aa:a8:3e:af:ec:94:f1:8b:bc:1b:d7:b6:fa:08:3f:bb: aa:3c:f5:f3:45:df:90:17:8f:dd:ac:e5:25:7b:84:0c:cb:b8: 0f:74:58:fb:d9:90:2c:e3:74:37:4d:7b:41:4c:bb:5c:a5:37: 7f:99:ab:7d:97:8d:56:ac:3a:e9:4a:80:dc:a6:fc:73:c1:dc: d1:f5:9e:da:63:a3:14:3c:7f:af:4d:2a:a6:b5:45:30:f4:5e: ba:1d:ec:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhGOUIxMTAvBgNVBAUTKENGQkIwMzhGREI4Mzg2NTQyMDQ5NjI5ODBBRDIyMUM5 NDE1RDVDRkYwHhcNMjUwNTEzMDU0MTA4WhcNMjUwNTIwMDU0MTA4WjAYMRYwFAYD VQQDEw02ODIyZGI3NC0yMDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1CxSO650OPIqyuftGjvGZcd0qizWan6+8i/EAgUxG6r+9/zdiFyhlp7iUs6q 1M0qAoBMWtbo1ItY9jMNCvbgPbzwXpVqKjCW1XG4jMYlExknLpWdaUysER6MZ/3s 4Z04H1WEp5baHt7YJiGmCXJFLY1t0/4LtdBuCKUaW4+QW2kUlIpqBtFi0HpzDF9v rjdeeGws+bLCYnWxvNFLIOR9PFz2eQs5cCiq9wd25HNjW7W/hitwv24xBB1ioJTV +VZiTNcYO1YeOwH9PyQw/R4CsjS2OcXpq+HwcBNwG47J6KAG7pzmLmXZLK3ymU3I 1PevVUQPY2SWcefb8WTc9JGUOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMniOWJ7 zMvllbuJkFoqHkR7Zk/eMB8GA1UdIwQYMBaAFM+7A4/bg4ZUIElimArSIclBXVz/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEY5Qi9GOTAyRTUzMDVE QkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhsUWdTV0tZQ3RJaHlVRmRY UDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3o3c0RqOXVEaGxRZ1NXS1lDdEloeVVGZFhQOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OEY5Qi9GOTAyRTUzMDVEQkQxMUVGOEEwNkVENDBDNEY5QUUwMi96N3NEajl1RGhs UWdTV0tZQ3RJaHlVRmRYUDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAv6H5JDQwbOrIBYS0Zg3QjZt9CkdW9UpTUbF+4e8v7nHAsplZM4tDU J0gbDqyoF24t5fI6vTjO27HhLMfKbMDj28bYU/fk0wY0h/xomjd7nRZIdilOtOSn K0vujl68feXFaEKFzMrFdxyFA+Z5eMHrXvKTmy61dDP1kqIbq5aKKcIaZNTdFOO2 zurroBZRKE1yJbiB97lsjzv7LTCiZ41CLRMKraqoPq/slPGLvBvXtvoIP7uqPPXz Rd+QF4/drOUle4QMy7gPdFj72ZAs43Q3TXtBTLtcpTd/mat9l41WrDrpSoDcpvxz wdzR9Z7aY6MUPH+vTSqmtUUw9F66Hexz -----END CERTIFICATE-----Generated at Wed May 14 07:55:19 2025 by rpki-client