$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.mft File: ZzeGJRGhdM3TidNT8ODnLJdzzoQ.mft (raw, json) Hash identifier: D5TGzYcWHiDbPeTkJ3wI5fhpWJ/4W00ExAijFM+L8yc= Subject key identifier: 7A:5F:3B:E3:C3:F8:24:B2:53:D7:43:B6:AE:4A:4B:AC:39:AD:FA:7E Authority key identifier: 67:37:86:25:11:A1:74:CD:D3:89:D3:53:F0:E0:E7:2C:97:73:CE:84 Certificate issuer: /CN=A91A7150/serialNumber=6737862511A174CDD389D353F0E0E72C9773CE84 Certificate serial: 0628 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.mft Manifest number: 0624 Signing time: Thu 24 Apr 2025 22:31:26 +0000 Manifest this update: Thu 24 Apr 2025 22:31:25 +0000 Manifest next update: Thu 01 May 2025 22:31:25 +0000 Files and hashes: 1: ZzeGJRGhdM3TidNT8ODnLJdzzoQ.crl (hash: XlAVcdWgF7JZRW2SyM1HDNH+RO8Q7oegzbllsTIyAaI=) 2: BA7F7BA892C211EBBBF0055FC4F9AE02.roa (hash: xxTbwjHg1QikAjf8vr4+JJb23plKRbhPg2PJNBw2Jn0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.crl rsync://rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:31:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1576 (0x628) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7150, serialNumber=6737862511A174CDD389D353F0E0E72C9773CE84 Validity Not Before: Apr 24 22:31:25 2025 GMT Not After : May 1 22:31:25 2025 GMT Subject: CN=680abbbd-6298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:68:dd:43:9e:c9:c1:59:8e:72:e8:34:27:4f: 4d:37:fc:38:5c:0a:a7:a8:a0:fa:35:fa:b4:6d:27: 41:b7:84:91:d7:01:4c:c3:1b:a6:ac:d4:36:37:3d: 2c:15:b4:13:9c:a1:e7:7a:77:96:85:1e:8c:16:6b: 80:bc:ec:0d:6a:b9:28:e2:34:87:e4:7a:3f:60:47: 1c:72:18:eb:30:86:66:ea:83:e0:c6:e4:7a:ff:15: 1b:92:0f:0b:28:4e:5f:60:a4:2f:de:30:2e:e9:ed: 96:0c:a9:a1:df:39:23:26:c3:26:a3:57:22:91:28: f1:51:ab:da:c3:85:c2:ce:3e:3f:f5:e8:f9:7a:be: a5:23:9e:54:3d:ec:b0:dd:91:96:f9:fa:a3:3f:4c: 52:34:b5:b6:c5:f3:8b:7d:fe:10:31:30:53:41:bb: 95:7a:29:29:de:30:bc:2a:58:01:77:cd:90:23:4e: c6:ae:5d:51:96:06:3d:5d:54:d9:65:c8:6d:12:0d: 5d:14:7c:c8:01:3a:22:83:37:92:6e:e9:07:71:27: 10:25:d9:c0:81:7d:0c:34:fb:c5:e3:60:f9:ae:77: 16:fb:c9:3e:12:b6:1a:25:d1:85:de:35:cf:c1:96: f6:c2:13:47:58:c4:28:4a:bd:6f:04:38:9a:da:83: b9:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:5F:3B:E3:C3:F8:24:B2:53:D7:43:B6:AE:4A:4B:AC:39:AD:FA:7E X509v3 Authority Key Identifier: keyid:67:37:86:25:11:A1:74:CD:D3:89:D3:53:F0:E0:E7:2C:97:73:CE:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7150/5842E9E092C011EB8AA5A920C4F9AE02/ZzeGJRGhdM3TidNT8ODnLJdzzoQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:43:25:a6:8c:41:e5:2a:4b:16:6c:6d:08:5c:78:f8:15:26: ed:ad:c1:3a:c6:bb:c4:b6:19:d0:cf:3b:4c:56:fb:d6:06:ac: f4:43:23:27:a6:90:d2:80:10:b6:ac:2e:6d:58:27:7b:94:04: a0:f8:d5:18:80:3d:e0:b3:b9:05:19:ae:08:14:32:82:f8:9b: cf:24:37:cf:5a:00:a1:61:a4:6a:4c:56:75:f4:8a:46:a5:3b: 36:2f:96:23:cd:62:15:43:c3:81:b6:e4:14:06:9f:7d:f2:cf: 3e:6c:9e:4f:f5:28:49:36:26:00:06:db:a4:90:41:b5:fb:a0: c6:d2:80:36:8a:ab:7c:b5:93:8b:da:93:38:61:00:6d:1a:92: c4:66:b1:8f:ef:83:29:b6:f6:16:f1:d1:dc:ea:1a:2a:b7:76: a9:85:94:e6:30:b6:39:95:49:40:72:1d:ce:75:da:38:0d:2d: a1:48:4e:2c:41:40:5b:ed:26:9d:9b:80:d0:a9:4d:72:a4:62: d5:bb:28:4a:18:89:90:86:d3:53:b6:0b:b2:a8:be:f8:61:95: 4a:73:23:46:4f:50:36:ff:08:f2:b0:0b:1c:b0:b4:29:34:79: eb:96:3b:9e:25:e6:98:bc:6e:e1:b6:da:4f:69:a9:fd:7b:7d: 58:3c:34:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTcxNTAxMTAvBgNVBAUTKDY3Mzc4NjI1MTFBMTc0Q0REMzg5RDM1M0YwRTBFNzJD OTc3M0NFODQwHhcNMjUwNDI0MjIzMTI1WhcNMjUwNTAxMjIzMTI1WjAYMRYwFAYD VQQDEw02ODBhYmJiZC02Mjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvWjdQ57JwVmOcug0J09NN/w4XAqnqKD6Nfq0bSdBt4SR1wFMwxumrNQ2Nz0s FbQTnKHneneWhR6MFmuAvOwNarko4jSH5Ho/YEccchjrMIZm6oPgxuR6/xUbkg8L KE5fYKQv3jAu6e2WDKmh3zkjJsMmo1cikSjxUavaw4XCzj4/9ej5er6lI55UPeyw 3ZGW+fqjP0xSNLW2xfOLff4QMTBTQbuVeikp3jC8KlgBd82QI07Grl1RlgY9XVTZ ZchtEg1dFHzIAToigzeSbukHcScQJdnAgX0MNPvF42D5rncW+8k+ErYaJdGF3jXP wZb2whNHWMQoSr1vBDia2oO58QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHpfO+PD +CSyU9dDtq5KS6w5rfp+MB8GA1UdIwQYMBaAFGc3hiURoXTN04nTU/Dg5yyXc86E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE1MC81ODQyRTlFMDky QzAxMUVCOEFBNUE5MjBDNEY5QUUwMi9aemVHSlJHaGRNM1RpZE5UOE9EbkxKZHp6 b1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p6ZUdKUkdoZE0zVGlkTlQ4T0RuTEpkenpvUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NzE1MC81ODQyRTlFMDkyQzAxMUVCOEFBNUE5MjBDNEY5QUUwMi9aemVHSlJHaGRN M1RpZE5UOE9EbkxKZHp6b1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApQyWmjEHlKksWbG0IXHj4FSbtrcE6xrvEthnQzztMVvvWBqz0QyMn ppDSgBC2rC5tWCd7lASg+NUYgD3gs7kFGa4IFDKC+JvPJDfPWgChYaRqTFZ19IpG pTs2L5YjzWIVQ8OBtuQUBp998s8+bJ5P9ShJNiYABtukkEG1+6DG0oA2iqt8tZOL 2pM4YQBtGpLEZrGP74MptvYW8dHc6hoqt3aphZTmMLY5lUlAch3Oddo4DS2hSE4s QUBb7Sadm4DQqU1ypGLVuyhKGImQhtNTtguyqL74YZVKcyNGT1A2/wjysAscsLQp NHnrljueJeaYvG7httpPaan9e31YPDSY -----END CERTIFICATE-----Generated at Sat Apr 26 04:02:32 2025 by rpki-client