$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: e8AbjHZ3UiTQn/LN5xf+AVf0IDdAYJCu0kb/os9s6Bs= Subject key identifier: EE:92:31:5C:3D:A0:2D:AD:03:38:57:76:D3:53:A2:49:99:62:38:62 Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 013F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 0137 Signing time: Fri 25 Apr 2025 03:39:13 +0000 Manifest this update: Fri 25 Apr 2025 03:39:13 +0000 Manifest next update: Fri 02 May 2025 03:39:13 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: Wsn68Xz3QTwVrYbfduQz8jPBmB33Aomb64LGSf0O4g4=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: g6wCJDrtHyuCox1Dak/0D/0mdLei/24CwRHwHNh/Oi8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:39:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 319 (0x13f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA, serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: Apr 25 03:39:13 2025 GMT Not After : May 2 03:39:13 2025 GMT Subject: CN=680b03e1-2849 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d9:cb:ee:04:b2:df:2e:5b:43:80:6c:02:63: 13:ee:aa:a2:78:d3:3a:49:26:d2:d6:e6:b4:cc:07: a2:9d:2b:35:28:aa:e0:09:42:e3:88:77:2e:9b:2c: 2c:d5:b9:87:af:ca:8b:36:66:53:69:15:c6:38:8c: 7b:33:82:19:99:ae:0d:e7:71:c9:05:87:ef:fc:06: 87:f2:6d:20:3e:00:33:30:c1:73:64:e1:22:94:00: 5d:63:6b:cf:bd:82:55:48:30:67:a1:70:17:be:a4: 7a:66:22:99:33:34:8c:b9:a4:ee:6d:fc:b5:d6:c8: 54:cd:95:58:84:58:dd:d6:c5:4c:7f:56:ee:9a:85: 77:f6:5d:0e:c1:47:0d:fd:3f:41:43:cb:6b:0d:3a: a6:9c:92:f1:56:ae:08:40:ae:b1:28:d1:d5:5a:85: 24:0b:d9:12:c2:35:7a:64:28:57:0e:dc:95:61:57: 44:58:c9:a3:3b:d9:33:ca:cc:36:a1:1f:d1:7b:46: f7:3c:df:31:4a:e9:71:55:df:8a:29:64:99:5f:05: 56:84:23:5d:0c:b7:09:5f:19:4d:a8:5d:19:58:37: 76:ea:d9:03:f7:51:3a:3b:da:9e:34:2a:f4:57:0a: 1f:b4:b1:7c:35:9f:57:48:de:58:6d:dd:b2:e3:dd: 23:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:92:31:5C:3D:A0:2D:AD:03:38:57:76:D3:53:A2:49:99:62:38:62 X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:41:8e:ab:50:42:f0:35:9b:5c:7f:f1:6f:0b:c5:7a:7f:a4: a0:cf:23:41:26:38:8a:3a:2e:34:ca:ba:db:2a:96:32:31:8b: 0b:f8:52:a3:00:50:07:19:09:95:d7:d1:bb:b9:7e:f8:c1:4c: 55:97:55:af:0d:e9:e2:80:34:ab:9d:4f:19:2d:f0:f1:2f:cd: bd:71:03:75:fa:09:0e:9b:60:c5:15:db:13:e4:dd:08:21:e1: a1:8a:97:5e:d7:1c:72:c3:24:69:1c:d4:cd:a9:02:e0:ec:52: 09:be:14:5a:79:43:2b:e5:fe:03:53:98:6f:86:a8:1d:72:bf: 13:db:6b:d6:0b:9c:61:fb:28:79:b5:fa:ad:ec:e5:83:6a:29: b7:cd:5e:8e:90:59:91:d7:c0:d6:a4:33:6b:76:61:b0:79:bd: 0f:44:f4:86:ef:90:0f:f7:9c:06:53:d2:7d:7c:d6:b3:c9:fe: 0b:50:e3:70:85:f8:c3:a3:28:d2:5d:eb:6a:1c:60:d6:90:90: ad:9f:72:70:0f:48:30:a8:ff:63:39:dd:25:9c:a5:6f:c1:7d: d7:d5:d0:03:03:0a:61:b9:1c:63:9e:da:7b:b7:23:20:83:fa: 85:4e:69:9d:09:7e:2e:24:91:63:00:fd:64:82:7c:ef:64:71: 17:56:4a:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjUwNDI1MDMzOTEzWhcNMjUwNTAyMDMzOTEzWjAYMRYwFAYD VQQDEw02ODBiMDNlMS0yODQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtNnL7gSy3y5bQ4BsAmMT7qqieNM6SSbS1ua0zAeinSs1KKrgCULjiHcumyws 1bmHr8qLNmZTaRXGOIx7M4IZma4N53HJBYfv/AaH8m0gPgAzMMFzZOEilABdY2vP vYJVSDBnoXAXvqR6ZiKZMzSMuaTubfy11shUzZVYhFjd1sVMf1bumoV39l0OwUcN /T9BQ8trDTqmnJLxVq4IQK6xKNHVWoUkC9kSwjV6ZChXDtyVYVdEWMmjO9kzysw2 oR/Re0b3PN8xSulxVd+KKWSZXwVWhCNdDLcJXxlNqF0ZWDd26tkD91E6O9qeNCr0 VwoftLF8NZ9XSN5Ybd2y490j9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO6SMVw9 oC2tAzhXdtNTokmZYjhiMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDQY6rUELwNZtcf/FvC8V6f6SgzyNBJjiKOi40yrrbKpYyMYsL+FKj AFAHGQmV19G7uX74wUxVl1WvDenigDSrnU8ZLfDxL829cQN1+gkOm2DFFdsT5N0I IeGhipde1xxywyRpHNTNqQLg7FIJvhRaeUMr5f4DU5hvhqgdcr8T22vWC5xh+yh5 tfqt7OWDaim3zV6OkFmR18DWpDNrdmGweb0PRPSG75AP95wGU9J9fNazyf4LUONw hfjDoyjSXetqHGDWkJCtn3JwD0gwqP9jOd0lnKVvwX3X1dADAwphuRxjntp7tyMg g/qFTmmdCX4uJJFjAP1kgnzvZHEXVkoA -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:07 2025 by rpki-client