$ rpki-client -vvf rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft File: ZajQiy7I9C1Duap6QjUXK7ftFmU.mft (raw, json) Hash identifier: VF7fIpt3US6w8VW38Bu82QbpQqmOXm6IIdtZzQFoaQ4= Subject key identifier: 68:BC:F4:48:7D:7C:7F:62:88:28:9F:1C:2D:04:97:C7:C7:10:58:90 Authority key identifier: 65:A8:D0:8B:2E:C8:F4:2D:43:B9:AA:7A:42:35:17:2B:B7:ED:16:65 Certificate issuer: /CN=A912C7DC/serialNumber=65A8D08B2EC8F42D43B9AA7A4235172BB7ED1665 Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZajQiy7I9C1Duap6QjUXK7ftFmU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft Manifest number: 3E Signing time: Fri 25 Apr 2025 06:27:33 +0000 Manifest this update: Fri 25 Apr 2025 06:27:32 +0000 Manifest next update: Fri 02 May 2025 06:27:32 +0000 Files and hashes: 1: ZajQiy7I9C1Duap6QjUXK7ftFmU.crl (hash: MEOHiqvnLSGdEmAJ7f3LkzX6PLYPosch75ywWMlWY2I=) 2: E29CD82EC58B11EFBA44DE34C4F9AE02.roa (hash: Dm+Qler0DP4/BlS/cktwlrkhP2z4/Lue67gvK431F+w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.crl rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZajQiy7I9C1Duap6QjUXK7ftFmU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:27:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C7DC, serialNumber=65A8D08B2EC8F42D43B9AA7A4235172BB7ED1665 Validity Not Before: Apr 25 06:27:32 2025 GMT Not After : May 2 06:27:32 2025 GMT Subject: CN=680b2b54-f25d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:eb:23:32:90:fb:8a:52:a0:4a:af:ef:c1:03: 9a:4e:96:86:f6:c6:a8:0e:fd:3a:a1:12:b5:48:ec: 74:d0:07:a6:66:65:8f:c1:c1:85:01:5d:40:54:e6: ee:ef:ad:0c:bd:d2:d2:4c:b4:d9:40:17:05:30:55: 90:85:04:54:c5:2a:8a:16:16:f3:f0:68:6c:c9:1e: b5:7a:f7:14:48:4f:3b:f0:d5:15:9f:83:1a:18:91: 32:0f:cc:a2:50:1c:45:2b:07:e2:fe:5c:80:80:5c: 0d:0f:7e:1d:0f:ab:07:f7:52:03:89:ac:35:7a:a6: 5f:09:44:85:ae:11:90:99:c3:7d:d0:9e:17:de:51: 00:bc:b8:e7:7f:a7:d5:57:b0:f3:74:a9:d7:4b:50: a4:c4:49:ed:30:cc:4a:10:fd:84:09:12:82:7d:6f: 76:b5:b4:0b:2d:3c:e6:54:6d:4b:8f:d5:b5:00:32: b2:ae:57:33:e3:64:4b:be:0f:64:e4:a3:84:e9:25: 17:1a:90:2a:ef:36:6e:64:18:92:f4:9f:6e:4e:82: 5e:88:a3:c9:3c:51:37:6d:87:eb:89:34:c0:d9:29: 68:1d:46:c3:47:9d:94:e0:4e:f3:2c:21:a0:07:7f: 8b:ce:5c:b5:ae:db:18:8c:f6:22:ce:fe:c7:12:be: 0a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:BC:F4:48:7D:7C:7F:62:88:28:9F:1C:2D:04:97:C7:C7:10:58:90 X509v3 Authority Key Identifier: keyid:65:A8:D0:8B:2E:C8:F4:2D:43:B9:AA:7A:42:35:17:2B:B7:ED:16:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZajQiy7I9C1Duap6QjUXK7ftFmU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C7DC/64BA4BA8C58B11EFB87E5F33C4F9AE02/ZajQiy7I9C1Duap6QjUXK7ftFmU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:3b:2f:5b:fd:02:eb:8d:3c:90:fe:43:a7:dd:88:a3:91:a1: 2b:4d:da:63:5f:f4:c1:dd:b8:6b:a9:c3:7e:2d:68:5f:c7:cd: 48:21:f2:98:4f:ed:f0:52:fa:c7:52:29:21:c0:dd:d1:32:7a: 74:21:7b:45:89:a0:10:b1:5a:5d:92:03:f6:0f:2d:45:c8:b9: 31:86:e1:17:e0:7e:d0:26:12:85:1e:2c:59:2d:23:a5:e1:32: f2:a5:f6:f1:18:78:97:8b:7f:61:89:86:bb:28:6e:cc:32:aa: 72:a5:64:9b:79:28:ce:2a:3e:ff:d4:98:c6:de:f3:e7:9b:2f: de:15:72:11:f7:32:53:d3:b0:d5:41:00:09:4a:b3:0e:8a:4f: d6:d1:00:ec:78:48:b6:8c:51:52:a4:b2:21:d5:77:d5:5f:7d: 89:6f:1d:f7:ab:38:b3:89:b1:fc:e4:51:4c:d0:1b:cd:dd:c7: c8:12:07:2c:da:b7:ac:94:0a:1b:71:e7:b6:56:bc:fc:9e:3e: f5:cd:aa:f6:de:17:48:cb:b5:e9:bd:8c:16:ee:4d:98:ac:1d: 18:9d:ab:40:0b:5e:61:68:2a:f0:85:89:52:e6:23:1d:45:26: 06:80:f1:bb:d2:99:b1:18:14:dc:b7:b9:a4:e9:c7:02:5e:82: ea:2b:fd:15 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QzdEQzExMC8GA1UEBRMoNjVBOEQwOEIyRUM4RjQyRDQzQjlBQTdBNDIzNTE3MkJC N0VEMTY2NTAeFw0yNTA0MjUwNjI3MzJaFw0yNTA1MDIwNjI3MzJaMBgxFjAUBgNV BAMTDTY4MGIyYjU0LWYyNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC56yMykPuKUqBKr+/BA5pOlob2xqgO/TqhErVI7HTQB6ZmZY/BwYUBXUBU5u7v rQy90tJMtNlAFwUwVZCFBFTFKooWFvPwaGzJHrV69xRITzvw1RWfgxoYkTIPzKJQ HEUrB+L+XICAXA0Pfh0Pqwf3UgOJrDV6pl8JRIWuEZCZw33QnhfeUQC8uOd/p9VX sPN0qddLUKTESe0wzEoQ/YQJEoJ9b3a1tAstPOZUbUuP1bUAMrKuVzPjZEu+D2Tk o4TpJRcakCrvNm5kGJL0n25Ogl6Io8k8UTdth+uJNMDZKWgdRsNHnZTgTvMsIaAH f4vOXLWu2xiM9iLO/scSvgopAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaLz0SH18 f2KIKJ8cLQSXx8cQWJAwHwYDVR0jBBgwFoAUZajQiy7I9C1Duap6QjUXK7ftFmUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDN0RDLzY0QkE0QkE4QzU4 QjExRUZCODdFNUYzM0M0RjlBRTAyL1phalFpeTdJOUMxRHVhcDZRalVYSzdmdEZt VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWmFqUWl5N0k5QzFEdWFwNlFqVVhLN2Z0Rm1VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJD N0RDLzY0QkE0QkE4QzU4QjExRUZCODdFNUYzM0M0RjlBRTAyL1phalFpeTdJOUMx RHVhcDZRalVYSzdmdEZtVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALE7L1v9AuuNPJD+Q6fdiKORoStN2mNf9MHduGupw34taF/HzUgh8phP 7fBS+sdSKSHA3dEyenQhe0WJoBCxWl2SA/YPLUXIuTGG4RfgftAmEoUeLFktI6Xh MvKl9vEYeJeLf2GJhrsobswyqnKlZJt5KM4qPv/UmMbe8+ebL94VchH3MlPTsNVB AAlKsw6KT9bRAOx4SLaMUVKksiHVd9VffYlvHferOLOJsfzkUUzQG83dx8gSByza t6yUChtx57ZWvPyePvXNqvbeF0jLtem9jBbuTZisHRidq0ALXmFoKvCFiVLmIx1F JgaA8bvSmbEYFNy3uaTpxwJeguor/RU= -----END CERTIFICATE-----Generated at Sat Apr 26 15:18:36 2025 by rpki-client