$ rpki-client -vvf rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.mft File: zPWB9MM8pEQeGAfjlsXv51-oLdA.mft (raw, json) Hash identifier: Ts9XGtWNQClT0oT53TVeWFWSbfZrzECANP8g0mfSOgo= Subject key identifier: 65:9A:61:D9:A6:06:80:A1:09:AE:A3:DB:F7:FB:EF:4C:30:0F:1A:73 Authority key identifier: CC:F5:81:F4:C3:3C:A4:44:1E:18:07:E3:96:C5:EF:E7:5F:A8:2D:D0 Certificate issuer: /CN=A9111A27/serialNumber=CCF581F4C33CA4441E1807E396C5EFE75FA82DD0 Certificate serial: 0A26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPWB9MM8pEQeGAfjlsXv51-oLdA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.mft Manifest number: 0A1C Signing time: Thu 24 Apr 2025 19:42:15 +0000 Manifest this update: Thu 24 Apr 2025 19:42:15 +0000 Manifest next update: Thu 01 May 2025 19:42:15 +0000 Files and hashes: 1: zPWB9MM8pEQeGAfjlsXv51-oLdA.crl (hash: 4oIMaWmA34h73CrpzW1WqMwNtFMn1ktgk7u0tHBluaU=) 2: EECBCEBE6E3511EABDE26D73C4F9AE02.roa (hash: LPVTnB/0GHrJCLpXZVzzn+Fi+J75+p11hdRea2Hs9CM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.crl rsync://rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPWB9MM8pEQeGAfjlsXv51-oLdA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:42:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2598 (0xa26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9111A27, serialNumber=CCF581F4C33CA4441E1807E396C5EFE75FA82DD0 Validity Not Before: Apr 24 19:42:15 2025 GMT Not After : May 1 19:42:15 2025 GMT Subject: CN=680a9417-c184 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d7:5a:a7:3a:17:e7:25:96:a9:ca:60:63:60: e9:e6:04:4f:c1:ea:93:bc:62:96:87:e0:e0:f0:d8: 9b:61:f7:b2:13:e9:9c:40:39:71:2d:68:45:8b:94: 07:77:09:69:b8:fa:0e:85:10:f8:88:99:ed:f8:1a: 02:bc:b6:c6:ba:31:a8:a4:ae:45:bd:36:4d:b8:8a: c2:61:d5:8f:e6:74:a0:cd:05:98:97:19:7a:3a:73: 12:67:34:08:d5:e9:58:03:02:f9:aa:26:64:a2:18: 6e:d5:12:2a:89:6a:76:6b:f9:e3:00:0c:91:1c:26: 70:13:e8:bb:e1:17:38:2d:20:bd:b0:9e:3f:03:58: 3a:0c:62:88:55:4f:60:ce:63:98:58:40:00:d9:b2: 3e:64:29:b4:ad:cd:34:49:0d:9f:78:f0:3a:49:e6: 9d:12:69:bc:c7:d3:8f:21:28:67:8c:77:7f:90:72: 6d:64:fa:d3:a4:e7:ba:7f:d6:89:8a:3b:65:9b:c8: 7c:98:1a:f9:96:9e:85:72:1f:65:b4:cc:74:83:d3: 0e:73:c0:50:0b:ce:08:73:87:3c:44:70:88:b7:5e: a2:2c:5b:7c:d3:c4:5b:2d:1a:50:e8:fa:32:24:db: e3:4e:df:dd:a6:8f:92:54:d7:60:24:95:7f:a3:3d: 31:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:9A:61:D9:A6:06:80:A1:09:AE:A3:DB:F7:FB:EF:4C:30:0F:1A:73 X509v3 Authority Key Identifier: keyid:CC:F5:81:F4:C3:3C:A4:44:1E:18:07:E3:96:C5:EF:E7:5F:A8:2D:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPWB9MM8pEQeGAfjlsXv51-oLdA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111A27/662518BE6E3411EA841D426EC4F9AE02/zPWB9MM8pEQeGAfjlsXv51-oLdA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:b6:ba:d7:6e:18:c5:99:82:4f:bb:86:4d:79:bf:c3:dd:9c: c3:8d:b8:9f:fd:d6:98:5b:fc:f3:0e:3e:2d:de:9f:f5:2a:ee: 0c:5a:64:71:9a:e6:f4:f4:cc:43:86:50:f3:c9:81:5c:3c:74: a8:2b:89:5d:ac:8b:15:a9:9c:fc:0e:d9:65:7e:2f:00:3e:20: ee:51:ac:4a:69:a9:0a:95:d5:7c:c1:0b:96:69:db:12:46:02: c7:a7:6d:0f:77:9d:d6:7a:8e:a9:e9:32:08:c2:17:32:4f:41: 60:fe:9e:6e:05:0e:d7:3c:11:ff:8f:36:53:ac:ca:3f:1f:b2: 95:3e:7e:7d:e8:7a:91:e6:10:4a:a1:15:bd:8b:bd:1c:88:a5: 82:fd:e2:2d:9c:e1:9e:fe:34:da:8a:f0:08:26:f6:2f:58:7a: 81:2b:a1:df:2b:8f:08:ac:72:7b:df:c8:9f:08:60:86:b4:e8: 6f:82:57:57:ed:7a:2f:f0:f0:c6:3e:f3:d8:b4:33:c4:53:67: 1c:b1:0c:80:1c:28:0a:9b:e1:11:bf:66:fe:b1:68:19:1a:49: 20:db:30:86:b2:ad:32:ca:6c:bc:12:08:07:08:77:4f:cc:88: 1f:46:05:b0:c0:dd:d7:4b:2e:21:74:ae:61:bb:9f:78:66:f2: ec:74:aa:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTFBMjcxMTAvBgNVBAUTKENDRjU4MUY0QzMzQ0E0NDQxRTE4MDdFMzk2QzVFRkU3 NUZBODJERDAwHhcNMjUwNDI0MTk0MjE1WhcNMjUwNTAxMTk0MjE1WjAYMRYwFAYD VQQDEw02ODBhOTQxNy1jMTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtdapzoX5yWWqcpgY2Dp5gRPweqTvGKWh+Dg8NibYfeyE+mcQDlxLWhFi5QH dwlpuPoOhRD4iJnt+BoCvLbGujGopK5FvTZNuIrCYdWP5nSgzQWYlxl6OnMSZzQI 1elYAwL5qiZkohhu1RIqiWp2a/njAAyRHCZwE+i74Rc4LSC9sJ4/A1g6DGKIVU9g zmOYWEAA2bI+ZCm0rc00SQ2fePA6SeadEmm8x9OPIShnjHd/kHJtZPrTpOe6f9aJ ijtlm8h8mBr5lp6Fch9ltMx0g9MOc8BQC84Ic4c8RHCIt16iLFt808RbLRpQ6Poy JNvjTt/dpo+SVNdgJJV/oz0xmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGWaYdmm BoChCa6j2/f770wwDxpzMB8GA1UdIwQYMBaAFMz1gfTDPKREHhgH45bF7+dfqC3Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMUEyNy82NjI1MThCRTZF MzQxMUVBODQxRDQyNkVDNEY5QUUwMi96UFdCOU1NOHBFUWVHQWZqbHNYdjUxLW9M ZEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pQV0I5TU04cEVRZUdBZmpsc1h2NTEtb0xkQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MUEyNy82NjI1MThCRTZFMzQxMUVBODQxRDQyNkVDNEY5QUUwMi96UFdCOU1NOHBF UWVHQWZqbHNYdjUxLW9MZEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZtrrXbhjFmYJPu4ZNeb/D3ZzDjbif/daYW/zzDj4t3p/1Ku4MWmRx mub09MxDhlDzyYFcPHSoK4ldrIsVqZz8Dtllfi8APiDuUaxKaakKldV8wQuWadsS RgLHp20Pd53Weo6p6TIIwhcyT0Fg/p5uBQ7XPBH/jzZTrMo/H7KVPn596HqR5hBK oRW9i70ciKWC/eItnOGe/jTaivAIJvYvWHqBK6HfK48IrHJ738ifCGCGtOhvgldX 7Xov8PDGPvPYtDPEU2ccsQyAHCgKm+ERv2b+sWgZGkkg2zCGsq0yymy8EggHCHdP zIgfRgWwwN3XSy4hdK5hu594ZvLsdKqf -----END CERTIFICATE-----Generated at Sat Apr 26 17:06:47 2025 by rpki-client