$ rpki-client -vvf rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.mft File: z4BKbz2GoZcTpOiG1Ze03GRFaGo.mft (raw, json) Hash identifier: CkSkeLtFLL/cU5jCp4F2gl97BqU17Rn87NfPAttmZ94= Subject key identifier: 5C:32:32:56:01:E8:65:66:CE:54:B4:9F:62:A5:0B:31:CD:EE:E9:F6 Authority key identifier: CF:80:4A:6F:3D:86:A1:97:13:A4:E8:86:D5:97:B4:DC:64:45:68:6A Certificate issuer: /CN=A9149C62/serialNumber=CF804A6F3D86A19713A4E886D597B4DC6445686A Certificate serial: 64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4BKbz2GoZcTpOiG1Ze03GRFaGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.mft Manifest number: 61 Signing time: Fri 25 Apr 2025 06:06:37 +0000 Manifest this update: Fri 25 Apr 2025 06:06:37 +0000 Manifest next update: Fri 02 May 2025 06:06:37 +0000 Files and hashes: 1: z4BKbz2GoZcTpOiG1Ze03GRFaGo.crl (hash: ZmI5hzShE051Xqka6dao2FflE+HJODUJ2dunjVt414o=) 2: 088C9298981611EFBE510B59C4F9AE02.roa (hash: MvPd2YQI9MOUSpjmUY5DT+pZT/6vsajAX/zCT/ZVYiM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.crl rsync://rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4BKbz2GoZcTpOiG1Ze03GRFaGo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:06:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149C62, serialNumber=CF804A6F3D86A19713A4E886D597B4DC6445686A Validity Not Before: Apr 25 06:06:37 2025 GMT Not After : May 2 06:06:37 2025 GMT Subject: CN=680b266d-7b1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:9f:f6:81:97:dd:15:00:96:f3:73:cc:1a:da: c1:66:69:b5:e5:5f:66:9e:45:eb:0f:87:9a:0e:14: 73:66:64:2b:5f:dd:71:ac:93:cc:99:cf:4c:85:26: e3:bf:ac:c6:3f:ed:f2:99:a6:62:c3:d8:ec:8c:07: 41:4f:fc:e8:79:7d:24:82:29:44:4f:f3:94:d6:5e: 1d:9a:0f:c8:50:f3:7a:5b:63:e5:8f:cc:4d:a6:69: 73:1c:47:1b:52:2d:30:82:47:b0:3e:e1:8e:72:97: bd:2a:30:db:c4:d5:b0:19:35:bc:d7:7d:3c:f8:91: 3b:5b:04:4b:2d:d8:ae:57:30:df:0c:3d:83:04:72: 53:81:60:08:9c:47:3f:4e:68:7d:90:8f:87:61:ef: d0:93:5e:3b:f5:fc:1d:f3:d4:8c:c9:00:94:ee:79: 13:a6:46:32:98:93:f8:6d:c5:f9:20:5b:6c:33:3f: 4d:50:2f:10:66:81:ca:79:72:90:60:87:c1:0b:1d: 8e:2d:b6:16:79:4c:7f:a8:8a:d6:3a:33:9a:48:ed: 8d:63:20:9b:02:bf:c1:7f:3e:03:49:ec:83:8a:b7: cd:e2:24:dd:6e:a3:03:ed:d0:fc:73:f9:81:72:c7: 2e:a6:a5:6b:9c:d6:5e:49:9d:68:85:2e:47:05:c0: 17:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:32:32:56:01:E8:65:66:CE:54:B4:9F:62:A5:0B:31:CD:EE:E9:F6 X509v3 Authority Key Identifier: keyid:CF:80:4A:6F:3D:86:A1:97:13:A4:E8:86:D5:97:B4:DC:64:45:68:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4BKbz2GoZcTpOiG1Ze03GRFaGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149C62/84F46B68981511EFA4BD3D57C4F9AE02/z4BKbz2GoZcTpOiG1Ze03GRFaGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:c7:23:21:af:63:0e:86:54:87:cc:cb:68:f8:bc:06:d1:a4: 65:da:e3:94:28:0c:5a:de:e8:e5:dc:01:4e:69:64:db:e4:8c: cc:ca:7b:e3:e1:d8:b0:dc:88:17:c5:08:bb:fa:09:a2:7f:ad: 74:b2:e3:78:71:7b:7b:04:fb:d1:7e:7b:b5:f1:63:bb:5e:f6: 4b:d9:60:ac:54:fb:e1:c7:18:5d:19:13:bc:33:a8:f0:50:cb: 95:e9:a0:3c:5c:66:a8:e8:cc:d1:f5:b7:23:5b:df:14:36:06: 5e:0d:e2:06:73:d1:e5:b3:55:c0:06:53:a8:d5:2c:4a:13:30: c8:30:c1:1b:e1:2e:12:5f:8b:3f:a4:f9:be:05:7c:ea:b5:58: 70:43:2d:96:d4:bc:68:59:0d:b8:e8:6b:22:70:44:2d:b4:2f: 87:dc:22:8f:87:af:5a:67:8e:1a:e0:d0:93:42:6a:e6:00:a6: 2c:7f:67:f9:e5:30:fa:24:5d:b0:c4:96:ab:52:f3:06:92:f1: 63:44:f3:be:7e:73:6c:1e:09:91:31:bb:08:b7:02:ef:de:f9: 80:10:2b:83:38:c5:56:aa:b9:d2:22:7c:ce:06:66:ed:0e:dd: a6:2f:d1:72:12:bf:e2:9e:ca:53:ee:c1:2c:72:64:f7:a5:82: 7e:d3:9b:df -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 OUM2MjExMC8GA1UEBRMoQ0Y4MDRBNkYzRDg2QTE5NzEzQTRFODg2RDU5N0I0REM2 NDQ1Njg2QTAeFw0yNTA0MjUwNjA2MzdaFw0yNTA1MDIwNjA2MzdaMBgxFjAUBgNV BAMTDTY4MGIyNjZkLTdiMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDon/aBl90VAJbzc8wa2sFmabXlX2aeResPh5oOFHNmZCtf3XGsk8yZz0yFJuO/ rMY/7fKZpmLD2OyMB0FP/Oh5fSSCKURP85TWXh2aD8hQ83pbY+WPzE2maXMcRxtS LTCCR7A+4Y5yl70qMNvE1bAZNbzXfTz4kTtbBEst2K5XMN8MPYMEclOBYAicRz9O aH2Qj4dh79CTXjv1/B3z1IzJAJTueROmRjKYk/htxfkgW2wzP01QLxBmgcp5cpBg h8ELHY4tthZ5TH+oitY6M5pI7Y1jIJsCv8F/PgNJ7IOKt83iJN1uowPt0Pxz+YFy xy6mpWuc1l5JnWiFLkcFwBeBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXDIyVgHo ZWbOVLSfYqULMc3u6fYwHwYDVR0jBBgwFoAUz4BKbz2GoZcTpOiG1Ze03GRFaGow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5QzYyLzg0RjQ2QjY4OTgx NTExRUZBNEJEM0Q1N0M0RjlBRTAyL3o0QktiejJHb1pjVHBPaUcxWmUwM0dSRmFH by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvejRCS2J6MkdvWmNUcE9pRzFaZTAzR1JGYUdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5 QzYyLzg0RjQ2QjY4OTgxNTExRUZBNEJEM0Q1N0M0RjlBRTAyL3o0QktiejJHb1pj VHBPaUcxWmUwM0dSRmFHby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJnHIyGvYw6GVIfMy2j4vAbRpGXa45QoDFre6OXcAU5pZNvkjMzKe+Ph 2LDciBfFCLv6CaJ/rXSy43hxe3sE+9F+e7XxY7te9kvZYKxU++HHGF0ZE7wzqPBQ y5XpoDxcZqjozNH1tyNb3xQ2Bl4N4gZz0eWzVcAGU6jVLEoTMMgwwRvhLhJfiz+k +b4FfOq1WHBDLZbUvGhZDbjoayJwRC20L4fcIo+Hr1pnjhrg0JNCauYApix/Z/nl MPokXbDElqtS8waS8WNE875+c2weCZExuwi3Au/e+YAQK4M4xVaqudIifM4GZu0O 3aYv0XISv+KeylPuwSxyZPelgn7Tm98= -----END CERTIFICATE-----Generated at Sat Apr 26 16:59:54 2025 by rpki-client