$ rpki-client -vvf rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft File: Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft (raw, json) Hash identifier: 2zZK8EuD2ediGOWVfvatlqnbms1SWxA+vfKV7KCbjcA= Subject key identifier: 9C:46:94:9E:95:CB:3A:EE:EA:62:BB:E8:C0:0E:69:99:9C:FB:CF:47 Authority key identifier: 67:F2:9B:35:A8:94:2A:A6:B7:F4:1A:EF:B3:4A:06:76:FD:69:50:97 Certificate issuer: /CN=A91180E8/serialNumber=67F29B35A8942AA6B7F41AEFB34A0676FD695097 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft Manifest number: 26 Signing time: Fri 25 Apr 2025 06:45:26 +0000 Manifest this update: Fri 25 Apr 2025 06:45:26 +0000 Manifest next update: Fri 02 May 2025 06:45:26 +0000 Files and hashes: 1: Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl (hash: iNHxqbjy4q4hCOzBHfQlS9r2vzGnB46CDyjqQ0eaVVo=) 2: E368BEF2E9D611EFAC604979C4F9AE02.roa (hash: HfXLWtads28iS5LrLz0AFXei2F6BGIFKfg02w7QPxkY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:45:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91180E8, serialNumber=67F29B35A8942AA6B7F41AEFB34A0676FD695097 Validity Not Before: Apr 25 06:45:26 2025 GMT Not After : May 2 06:45:26 2025 GMT Subject: CN=680b2f86-7787 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:83:d1:8d:e8:20:34:14:b9:0b:39:2d:44:73: 12:9a:ff:77:2d:fb:27:3d:7b:c5:f0:bf:2f:7e:50: a2:42:fc:59:c0:8a:2d:4f:32:90:1f:e6:52:70:be: ca:38:ea:a4:94:ab:68:d5:19:fe:01:67:44:8a:0e: d9:1a:9e:d7:a1:ee:45:16:50:9a:de:3d:42:97:4b: 1a:b8:ed:63:d2:0d:0e:6a:c3:a9:77:c3:eb:85:fa: b5:1b:f5:18:21:bf:5b:a1:5c:25:c7:f6:fb:78:36: 21:27:da:e9:eb:b0:82:75:0f:bc:34:d2:ae:4a:a8: f9:40:1c:41:93:60:e8:95:10:44:ac:bb:00:c0:f5: 48:ad:9b:d1:d7:6a:5d:bf:89:ac:bf:ca:ea:e5:b1: 4b:03:a9:85:de:3c:39:07:78:f7:a5:60:85:f2:dd: 34:e9:c6:b1:43:b0:87:27:3e:82:91:66:4c:cd:95: 58:33:5b:74:0f:5e:1b:57:a0:d0:de:8d:81:d4:68: 74:9d:ad:c2:da:54:4e:df:a3:eb:1e:f3:29:83:33: 85:65:44:21:50:a6:33:16:ad:d3:62:7b:44:03:43: 31:e9:84:9a:9b:c9:f4:47:07:ff:29:1b:b5:54:e2: f0:d3:40:2c:2b:b4:30:23:16:38:70:79:20:31:87: 82:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:46:94:9E:95:CB:3A:EE:EA:62:BB:E8:C0:0E:69:99:9C:FB:CF:47 X509v3 Authority Key Identifier: keyid:67:F2:9B:35:A8:94:2A:A6:B7:F4:1A:EF:B3:4A:06:76:FD:69:50:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_KbNaiUKqa39Brvs0oGdv1pUJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91180E8/3A9FAC54E9D611EF8D04B677C4F9AE02/Z_KbNaiUKqa39Brvs0oGdv1pUJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:91:d8:51:dd:fe:0a:1e:43:81:d0:99:b5:da:da:d8:f1:32: 8a:e1:16:7d:72:e0:a1:73:78:5c:c4:87:7d:77:28:5a:5b:f8: 26:01:2d:a3:6d:3e:33:87:62:7a:35:ed:66:55:c7:54:35:5f: a6:37:d8:5f:8d:b5:2a:2d:cb:ca:94:ad:fe:41:15:2c:d4:e0: ae:17:a7:84:69:75:ca:b0:6c:3b:1b:66:3b:a2:7b:0e:c9:74: 00:6c:3a:06:71:e2:48:b1:58:1c:b9:9e:0a:7f:0e:b0:84:e2: d0:7f:8f:43:54:01:42:ca:b0:4c:80:d5:be:dc:37:ec:6b:25: fe:d9:93:7c:4c:54:20:34:2a:69:af:d5:4a:11:b9:78:ea:68: 13:28:c7:44:96:13:c9:21:96:cb:3e:63:84:9e:1f:96:7a:c5: 1a:28:a5:ee:8f:b9:c0:0f:b8:c1:af:5f:14:82:76:06:ec:29: 54:83:54:a6:1d:93:a7:bf:09:85:8d:c6:f2:6e:0c:e6:8e:38: 5e:4f:1c:e9:fa:1e:de:63:b8:f8:83:4c:f6:73:ce:36:67:ff: 63:09:d5:35:8a:48:29:73:16:06:0f:4a:5d:90:c9:de:7c:91: 90:0c:a6:10:e4:e0:d2:53:7a:ed:58:01:ef:ff:d9:4a:e1:d9: 2c:f3:17:a0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx ODBFODExMC8GA1UEBRMoNjdGMjlCMzVBODk0MkFBNkI3RjQxQUVGQjM0QTA2NzZG RDY5NTA5NzAeFw0yNTA0MjUwNjQ1MjZaFw0yNTA1MDIwNjQ1MjZaMBgxFjAUBgNV BAMTDTY4MGIyZjg2LTc3ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBg9GN6CA0FLkLOS1EcxKa/3ct+yc9e8Xwvy9+UKJC/FnAii1PMpAf5lJwvso4 6qSUq2jVGf4BZ0SKDtkanteh7kUWUJrePUKXSxq47WPSDQ5qw6l3w+uF+rUb9Rgh v1uhXCXH9vt4NiEn2unrsIJ1D7w00q5KqPlAHEGTYOiVEESsuwDA9Uitm9HXal2/ iay/yurlsUsDqYXePDkHePelYIXy3TTpxrFDsIcnPoKRZkzNlVgzW3QPXhtXoNDe jYHUaHSdrcLaVE7fo+se8ymDM4VlRCFQpjMWrdNie0QDQzHphJqbyfRHB/8pG7VU 4vDTQCwrtDAjFjhweSAxh4JBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnEaUnpXL Ou7qYrvowA5pmZz7z0cwHwYDVR0jBBgwFoAUZ/KbNaiUKqa39Brvs0oGdv1pUJcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4MEU4LzNBOUZBQzU0RTlE NjExRUY4RDA0QjY3N0M0RjlBRTAyL1pfS2JOYWlVS3FhMzlCcnZzMG9HZHYxcFVK Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWl9LYk5haVVLcWEzOUJydnMwb0dkdjFwVUpjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE4 MEU4LzNBOUZBQzU0RTlENjExRUY4RDA0QjY3N0M0RjlBRTAyL1pfS2JOYWlVS3Fh MzlCcnZzMG9HZHYxcFVKYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALyR2FHd/goeQ4HQmbXa2tjxMorhFn1y4KFzeFzEh313KFpb+CYBLaNt PjOHYno17WZVx1Q1X6Y32F+NtSoty8qUrf5BFSzU4K4Xp4RpdcqwbDsbZjuiew7J dABsOgZx4kixWBy5ngp/DrCE4tB/j0NUAULKsEyA1b7cN+xrJf7Zk3xMVCA0Kmmv 1UoRuXjqaBMox0SWE8khlss+Y4SeH5Z6xRoope6PucAPuMGvXxSCdgbsKVSDVKYd k6e/CYWNxvJuDOaOOF5PHOn6Ht5juPiDTPZzzjZn/2MJ1TWKSClzFgYPSl2Qyd58 kZAMphDk4NJTeu1YAe//2Urh2SzzF6A= -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:05 2025 by rpki-client