$ rpki-client -vvf rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft File: zmNwmX29E9IOXsYWW1qe46KCprA.mft (raw, json) Hash identifier: G84tLqpAkkA14a4lTuTOfP41qsttnpnReIXSSmyXj+o= Subject key identifier: 7E:DA:18:24:7F:EF:8B:45:E7:35:54:85:67:53:09:BA:24:28:2B:88 Authority key identifier: CE:63:70:99:7D:BD:13:D2:0E:5E:C6:16:5B:5A:9E:E3:A2:82:A6:B0 Certificate issuer: /CN=A917ACA8/serialNumber=CE6370997DBD13D20E5EC6165B5A9EE3A282A6B0 Certificate serial: 0135 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft Manifest number: 0130 Signing time: Thu 07 Aug 2025 05:04:54 +0000 Manifest this update: Thu 07 Aug 2025 05:04:53 +0000 Manifest next update: Thu 14 Aug 2025 05:04:53 +0000 Files and hashes: 1: zmNwmX29E9IOXsYWW1qe46KCprA.crl (hash: edY+BDJ9lLwl8fjui3FehEjIlZEICe2xn6bV9JJvrR8=) 2: 894936BE60A911F098EEE824C4F9AE02.roa (hash: 6+ZtG4tMJV/LeRgQcj4Jq30ubiMB6Q5WScbIN7WAFn8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.crl rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:04:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 309 (0x135) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ACA8, serialNumber=CE6370997DBD13D20E5EC6165B5A9EE3A282A6B0 Validity Not Before: Aug 7 05:04:53 2025 GMT Not After : Aug 14 05:04:53 2025 GMT Subject: CN=689433f6-c053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:58:c6:b2:82:ce:eb:a6:27:82:46:28:2a:a1: 19:d5:20:30:16:18:79:5e:aa:48:c1:0e:71:61:a5: 8b:03:a7:f8:c9:b2:a3:57:c8:90:e8:e7:a5:f7:f4: cb:92:fb:b2:7a:a3:55:9b:a0:e3:8c:49:37:42:7c: 4f:25:05:01:bc:cf:fc:9d:76:3d:a3:1a:8c:d5:7d: ac:6f:ab:0f:20:d9:9f:d2:06:66:41:a4:10:d0:76: 3e:bb:24:27:ec:d4:5d:56:95:52:28:e8:e9:c5:10: 08:5b:2c:5f:50:59:3e:d3:99:7f:b6:c9:32:42:7d: 01:02:17:85:6a:55:3a:e2:32:10:13:d5:ce:6f:65: 76:aa:97:9e:ec:2f:a6:be:3a:b6:26:36:92:d8:71: fb:d6:cf:84:24:3e:b5:62:a0:33:92:c0:af:8d:6a: 76:74:10:5c:bc:8e:10:38:01:fc:6d:37:e4:65:38: 74:d2:c6:66:40:cf:74:10:15:8d:4b:15:61:62:ef: cc:e9:c1:fa:5e:eb:a0:0e:ae:87:51:fd:ba:09:02: c4:8c:c9:26:5d:e7:d7:53:82:d9:23:5b:c5:ba:3e: dd:80:b9:f1:d6:3d:dd:35:5b:71:d5:cc:03:68:56: 5a:64:fa:64:87:04:63:2f:f4:3c:ec:dd:92:a4:0d: 9d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:DA:18:24:7F:EF:8B:45:E7:35:54:85:67:53:09:BA:24:28:2B:88 X509v3 Authority Key Identifier: keyid:CE:63:70:99:7D:BD:13:D2:0E:5E:C6:16:5B:5A:9E:E3:A2:82:A6:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zmNwmX29E9IOXsYWW1qe46KCprA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ACA8/F9714AE6AAFA11EEA221E72EC4F9AE02/zmNwmX29E9IOXsYWW1qe46KCprA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:f7:1c:07:78:d9:45:95:dd:a8:7e:4a:54:98:23:ec:76:49: 34:1d:f3:11:17:0e:8a:23:ec:d4:47:54:d8:e6:89:f4:81:cd: 7f:45:96:13:7b:8f:a9:81:6c:4e:dd:2d:5f:83:ff:7a:ea:a3: d4:8e:f9:af:1e:1f:11:cf:b2:ee:0c:47:ad:c7:9f:0c:df:2b: 04:c8:2d:c9:3c:2c:92:05:92:0b:7d:dd:1d:3b:ce:ee:36:f0: c2:bf:3e:90:69:4c:ee:93:d5:e5:f6:5b:87:fd:b6:87:4f:6b: 48:ff:8c:5e:7b:27:f4:35:26:ae:6d:fc:7a:df:c5:6c:27:a8: 16:66:0a:3e:28:c8:4d:c2:7e:9d:26:f6:94:b2:0c:ea:aa:78: 7f:98:b9:d6:f3:e8:33:c6:44:3e:a5:ce:7f:1d:dc:41:0f:8f: 1a:3a:f8:ec:f3:af:3f:c8:26:56:6c:70:07:e7:ee:0c:3c:1c: 47:ca:97:44:ff:11:12:8f:0a:1a:4e:15:21:17:c2:39:df:b6: e0:d6:27:eb:f3:e8:0a:ca:fe:6b:cb:43:41:82:4e:3c:24:20: bc:16:c9:3d:84:00:90:17:fb:c1:d8:03:df:68:cb:6d:c2:89: b1:24:1c:10:db:4e:f0:fb:df:17:c9:b9:2a:37:76:a6:ec:d9: d9:db:76:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDQTgxMTAvBgNVBAUTKENFNjM3MDk5N0RCRDEzRDIwRTVFQzYxNjVCNUE5RUUz QTI4MkE2QjAwHhcNMjUwODA3MDUwNDUzWhcNMjUwODE0MDUwNDUzWjAYMRYwFAYD VQQDEw02ODk0MzNmNi1jMDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt1jGsoLO66YngkYoKqEZ1SAwFhh5XqpIwQ5xYaWLA6f4ybKjV8iQ6Oel9/TL kvuyeqNVm6DjjEk3QnxPJQUBvM/8nXY9oxqM1X2sb6sPINmf0gZmQaQQ0HY+uyQn 7NRdVpVSKOjpxRAIWyxfUFk+05l/tskyQn0BAheFalU64jIQE9XOb2V2qpee7C+m vjq2JjaS2HH71s+EJD61YqAzksCvjWp2dBBcvI4QOAH8bTfkZTh00sZmQM90EBWN SxVhYu/M6cH6XuugDq6HUf26CQLEjMkmXefXU4LZI1vFuj7dgLnx1j3dNVtx1cwD aFZaZPpkhwRjL/Q87N2SpA2dVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH7aGCR/ 74tF5zVUhWdTCbokKCuIMB8GA1UdIwQYMBaAFM5jcJl9vRPSDl7GFltanuOigqaw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUNBOC9GOTcxNEFFNkFB RkExMUVFQTIyMUU3MkVDNEY5QUUwMi96bU53bVgyOUU5SU9Yc1lXVzFxZTQ2S0Nw ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ptTndtWDI5RTlJT1hzWVdXMXFlNDZLQ3ByQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUNBOC9GOTcxNEFFNkFBRkExMUVFQTIyMUU3MkVDNEY5QUUwMi96bU53bVgyOUU5 SU9Yc1lXVzFxZTQ2S0NwckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA79xwHeNlFld2ofkpUmCPsdkk0HfMRFw6KI+zUR1TY5on0gc1/RZYT e4+pgWxO3S1fg/966qPUjvmvHh8Rz7LuDEetx58M3ysEyC3JPCySBZILfd0dO87u NvDCvz6QaUzuk9Xl9luH/baHT2tI/4xeeyf0NSaubfx638VsJ6gWZgo+KMhNwn6d JvaUsgzqqnh/mLnW8+gzxkQ+pc5/HdxBD48aOvjs868/yCZWbHAH5+4MPBxHypdE /xESjwoaThUhF8I537bg1ifr8+gKyv5ry0NBgk48JCC8Fsk9hACQF/vB2APfaMtt womxJBwQ207w+98XybkqN3am7NnZ23aI -----END CERTIFICATE-----Generated at Sat Aug 9 03:02:51 2025 by rpki-client