$ rpki-client -vvf rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft File: PKzc_ifokI3EfzPvkUrjxQi6R7M.mft (raw, json) Hash identifier: ol2P8SAmyjJtEhSRoQFro6srbSCfpbq2uU08MebRGWM= Subject key identifier: 0E:A6:95:FF:2B:1B:B3:41:E7:68:4C:2A:67:DD:A4:36:38:3B:DA:6B Authority key identifier: 3C:AC:DC:FE:27:E8:90:8D:C4:7F:33:EF:91:4A:E3:C5:08:BA:47:B3 Certificate issuer: /CN=A9133B40/serialNumber=3CACDCFE27E8908DC47F33EF914AE3C508BA47B3 Certificate serial: 0158 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft Manifest number: 0155 Signing time: Fri 25 Apr 2025 03:14:50 +0000 Manifest this update: Fri 25 Apr 2025 03:14:50 +0000 Manifest next update: Fri 02 May 2025 03:14:49 +0000 Files and hashes: 1: PKzc_ifokI3EfzPvkUrjxQi6R7M.crl (hash: z4C+iGYDSejTqGuZt9Nnj+QmWjrsNHgdk8aHubA7iOw=) 2: B5CBEADC5A9911EEBACCD06BC4F9AE02.roa (hash: F4cU+r0RsJavKuaSoPZVVD+mCZCLwysM3Ho83jeaeN0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.crl rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:14:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 344 (0x158) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9133B40, serialNumber=3CACDCFE27E8908DC47F33EF914AE3C508BA47B3 Validity Not Before: Apr 25 03:14:50 2025 GMT Not After : May 2 03:14:49 2025 GMT Subject: CN=680afe2a-f647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:df:0a:64:ae:7d:4b:ac:c9:80:d7:a9:81:69: 6f:97:31:a2:4e:fc:32:13:41:a5:85:f8:88:3a:b8: 94:43:32:07:68:37:cf:54:a6:f2:d9:30:ae:02:d8: 66:18:88:7a:98:19:5a:cb:25:3e:78:35:fe:cb:b5: 35:1c:a0:06:40:10:51:0a:1b:8a:87:b1:9e:bb:9c: 18:ec:98:bd:a3:e5:55:5d:40:93:58:40:d2:8d:94: 3b:63:6b:b5:fb:05:ba:bc:19:d9:b4:1b:c4:16:6e: 85:e2:2d:09:a4:d5:3c:a0:63:33:76:f8:af:33:7d: 52:ad:59:4e:66:af:38:b0:0a:b3:d3:2e:88:4d:8c: 12:52:76:6a:0c:64:71:36:96:24:bd:5b:02:d6:b2: 68:76:61:21:82:9e:d9:51:fb:9b:a5:7a:92:e0:7b: b0:9f:df:22:28:0f:1e:df:b6:5d:a5:fa:45:24:68: de:27:1c:99:e1:9f:67:56:65:69:3b:01:a7:c8:13: f8:69:b1:57:c1:b1:84:07:3d:1b:7c:e1:5a:84:c0: af:c3:a7:65:0f:43:9f:2d:6e:01:42:76:53:ac:b3: 96:4a:11:ba:28:1b:de:35:a8:63:97:3f:c4:72:07: f9:4c:21:97:e3:d1:d1:7b:82:49:1d:20:4a:87:19: 09:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A6:95:FF:2B:1B:B3:41:E7:68:4C:2A:67:DD:A4:36:38:3B:DA:6B X509v3 Authority Key Identifier: keyid:3C:AC:DC:FE:27:E8:90:8D:C4:7F:33:EF:91:4A:E3:C5:08:BA:47:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PKzc_ifokI3EfzPvkUrjxQi6R7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133B40/F01CA9C61B2211EEB79B1E1BC4F9AE02/PKzc_ifokI3EfzPvkUrjxQi6R7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:58:e0:b6:7c:0d:01:41:f5:63:0b:c8:8a:21:cc:7c:ca:ec: 11:18:85:ea:d6:d2:e0:61:46:6b:63:28:04:89:e9:22:32:42: 84:ac:18:ca:45:dc:7c:1b:3f:31:a5:f9:8e:4e:64:7c:d9:c3: f4:fa:e0:25:e2:bb:52:43:cb:76:c8:53:62:14:11:a4:fa:5a: b0:a5:f4:2e:53:70:0d:13:ed:41:97:e4:bc:87:4b:2e:16:44: 3d:18:33:51:ea:27:c6:be:5a:2c:a1:3f:d4:f1:31:bc:96:a5: 82:31:12:e2:cd:67:7d:72:69:41:54:51:b8:83:f4:9e:60:f8: 49:6d:27:07:f9:07:c5:56:9a:cc:85:2e:e2:ee:92:57:cd:e5: 86:44:3c:33:6c:01:07:54:7a:ee:e7:bc:f9:33:60:94:0f:be: 2d:bb:86:6a:c6:e9:9f:60:af:dc:c9:c7:4f:ba:0b:80:21:45: 2d:c4:3a:e1:36:a0:a6:20:ff:49:a3:39:1c:05:53:10:ba:28: 7d:7c:cb:8e:94:19:7f:7b:d1:0d:e8:3b:af:ae:db:7d:6b:28: 1e:43:cf:e7:f2:b0:1a:e5:cd:99:f1:6e:4e:3e:49:88:9e:24: f2:19:cd:cd:ae:3b:77:53:35:d1:7e:95:8b:23:89:cd:5d:92: 80:9d:a0:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzNCNDAxMTAvBgNVBAUTKDNDQUNEQ0ZFMjdFODkwOERDNDdGMzNFRjkxNEFFM0M1 MDhCQTQ3QjMwHhcNMjUwNDI1MDMxNDUwWhcNMjUwNTAyMDMxNDQ5WjAYMRYwFAYD VQQDEw02ODBhZmUyYS1mNjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4N8KZK59S6zJgNepgWlvlzGiTvwyE0GlhfiIOriUQzIHaDfPVKby2TCuAthm GIh6mBlayyU+eDX+y7U1HKAGQBBRChuKh7Geu5wY7Ji9o+VVXUCTWEDSjZQ7Y2u1 +wW6vBnZtBvEFm6F4i0JpNU8oGMzdvivM31SrVlOZq84sAqz0y6ITYwSUnZqDGRx NpYkvVsC1rJodmEhgp7ZUfubpXqS4Huwn98iKA8e37ZdpfpFJGjeJxyZ4Z9nVmVp OwGnyBP4abFXwbGEBz0bfOFahMCvw6dlD0OfLW4BQnZTrLOWShG6KBveNahjlz/E cgf5TCGX49HRe4JJHSBKhxkJIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA6mlf8r G7NB52hMKmfdpDY4O9prMB8GA1UdIwQYMBaAFDys3P4n6JCNxH8z75FK48UIukez MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0I0MC9GMDFDQTlDNjFC MjIxMUVFQjc5QjFFMUJDNEY5QUUwMi9QS3pjX2lmb2tJM0VmelB2a1VyanhRaTZS N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BLemNfaWZva0kzRWZ6UHZrVXJqeFFpNlI3TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz M0I0MC9GMDFDQTlDNjFCMjIxMUVFQjc5QjFFMUJDNEY5QUUwMi9QS3pjX2lmb2tJ M0VmelB2a1VyanhRaTZSN00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJWOC2fA0BQfVjC8iKIcx8yuwRGIXq1tLgYUZrYygEiekiMkKErBjK Rdx8Gz8xpfmOTmR82cP0+uAl4rtSQ8t2yFNiFBGk+lqwpfQuU3ANE+1Bl+S8h0su FkQ9GDNR6ifGvlosoT/U8TG8lqWCMRLizWd9cmlBVFG4g/SeYPhJbScH+QfFVprM hS7i7pJXzeWGRDwzbAEHVHru57z5M2CUD74tu4ZqxumfYK/cycdPuguAIUUtxDrh NqCmIP9JozkcBVMQuih9fMuOlBl/e9EN6Duvrtt9aygeQ8/n8rAa5c2Z8W5OPkmI niTyGc3Nrjt3UzXRfpWLI4nNXZKAnaC4 -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:06 2025 by rpki-client