$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft File: ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft (raw, json) Hash identifier: o+NN5vdSdNKLocxN94rwFxcs3L7W2usSIUGdlG13K1k= Subject key identifier: 10:F6:5C:16:61:77:B9:6F:3E:6C:B5:F3:40:7A:E2:3F:7D:71:C4:AE Authority key identifier: 67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D Certificate issuer: /CN=A91CAA4E/serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Certificate serial: 1320 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft Manifest number: 1A21 Signing time: Thu 24 Apr 2025 17:02:40 +0000 Manifest this update: Thu 24 Apr 2025 17:02:40 +0000 Manifest next update: Thu 01 May 2025 17:02:40 +0000 Files and hashes: 1: ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl (hash: G5B8ZPaLJUPOsNd3eTbo1tFH1G6yieKb0yUIkqetY00=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:02:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4896 (0x1320) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAA4E, serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Validity Not Before: Apr 24 17:02:40 2025 GMT Not After : May 1 17:02:40 2025 GMT Subject: CN=680a6eb0-83d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:17:16:44:98:59:ce:2b:75:da:52:ab:56:9d: 73:30:32:ec:ce:93:cd:86:0e:c3:a4:ab:74:e5:d0: 26:78:58:ec:9b:91:b8:13:58:c5:69:44:1e:44:72: 7a:19:05:b1:72:7b:ff:24:68:43:04:9d:f0:5a:c2: e1:d8:5c:ea:1a:65:d2:7e:d8:c7:9c:17:3d:a3:97: d3:a9:58:22:bc:b5:7c:02:4c:f6:1e:77:30:e9:cd: be:e0:66:a0:f8:d3:8f:7d:e7:1b:04:29:2b:08:89: 6b:0a:b0:88:c6:8a:fd:1f:72:65:63:61:6c:ff:15: 8f:5e:db:22:b8:2e:3b:28:ef:46:70:ff:3b:69:74: 20:20:fc:76:f9:46:99:96:48:6f:c6:c5:3a:7b:1f: 0a:e9:83:32:35:5a:a5:ef:8b:8e:43:02:c4:6b:56: 79:1f:f3:6f:6d:0b:4e:66:9c:57:12:af:d3:3b:c5: f5:ca:a6:79:10:76:38:22:63:82:45:28:d5:b7:04: 59:9b:8c:d9:92:fc:40:d3:76:d3:dd:9b:be:32:62: df:ba:40:63:d9:78:ac:7b:40:26:0a:d8:99:ca:a0: 7d:d4:84:e7:7f:19:44:97:48:04:b9:23:df:6f:95: 70:50:d9:0e:bc:4d:f2:77:76:72:51:2b:4d:ba:ab: 86:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:F6:5C:16:61:77:B9:6F:3E:6C:B5:F3:40:7A:E2:3F:7D:71:C4:AE X509v3 Authority Key Identifier: keyid:67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:51:86:cc:2b:23:50:c8:f9:53:1b:a8:10:5f:9a:c2:85:b6: 48:f7:c4:02:0e:c0:54:51:1f:b7:22:5e:4b:55:2b:fd:05:d4: 6c:dc:b4:ea:6e:87:2a:3d:33:30:ae:b4:42:bb:7c:58:d5:ce: 72:08:bb:39:fc:80:6e:c3:49:94:98:f8:c7:35:29:f0:f1:79: 59:18:ad:a2:b6:0c:99:b7:4e:c9:2d:43:e7:f2:ad:bb:c6:a5: 45:c8:6c:c5:90:05:4c:5f:fe:fd:09:e8:81:88:83:a5:ba:3d: de:d0:83:e1:0d:9a:22:5b:f8:03:52:9f:33:1f:5d:63:dd:87: f3:43:fa:a5:bc:ed:f9:61:9f:7b:28:85:16:02:c0:3e:80:4c: ab:25:7a:8d:ef:c8:b5:6a:6a:de:f0:86:6f:28:dc:d9:f2:d9: 78:a5:e8:67:8c:fe:d6:72:3e:11:16:53:fa:3c:99:82:d5:68: 05:62:b3:3e:c0:0c:c1:31:93:7e:ad:2b:07:7b:c2:25:9f:fc: ca:ee:38:15:25:31:d8:e8:d7:52:3f:95:66:cb:89:57:8e:af: 6f:c9:4b:c7:54:55:c4:09:8e:48:e7:40:92:0b:a9:1a:ad:7b: 71:07:ca:91:99:f0:f9:3e:fa:bc:19:5e:87:1c:6b:c6:20:1f: 15:4b:af:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FBNEUxMTAvBgNVBAUTKDY3MjEyNEY2MzNDODkxOUNBNUQ3NjZEODlFOUNDRkYw QjIxRjBDOEQwHhcNMjUwNDI0MTcwMjQwWhcNMjUwNTAxMTcwMjQwWjAYMRYwFAYD VQQDEw02ODBhNmViMC04M2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzBcWRJhZzit12lKrVp1zMDLszpPNhg7DpKt05dAmeFjsm5G4E1jFaUQeRHJ6 GQWxcnv/JGhDBJ3wWsLh2FzqGmXSftjHnBc9o5fTqVgivLV8Akz2Hncw6c2+4Gag +NOPfecbBCkrCIlrCrCIxor9H3JlY2Fs/xWPXtsiuC47KO9GcP87aXQgIPx2+UaZ lkhvxsU6ex8K6YMyNVql74uOQwLEa1Z5H/NvbQtOZpxXEq/TO8X1yqZ5EHY4ImOC RSjVtwRZm4zZkvxA03bT3Zu+MmLfukBj2Xise0AmCtiZyqB91ITnfxlEl0gEuSPf b5VwUNkOvE3yd3ZyUStNuquGWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBD2XBZh d7lvPmy180B64j99ccSuMB8GA1UdIwQYMBaAFGchJPYzyJGcpddm2J6cz/CyHwyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUE0RS81NUU5Nzk1QUE5 NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWtaeWwxMmJZbnB6UDhMSWZE STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p5RWs5alBJa1p5bDEyYllucHpQOExJZkRJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUE0RS81NUU5Nzk1QUE5NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWta eWwxMmJZbnB6UDhMSWZESTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbUYbMKyNQyPlTG6gQX5rChbZI98QCDsBUUR+3Il5LVSv9BdRs3LTq bocqPTMwrrRCu3xY1c5yCLs5/IBuw0mUmPjHNSnw8XlZGK2itgyZt07JLUPn8q27 xqVFyGzFkAVMX/79CeiBiIOluj3e0IPhDZoiW/gDUp8zH11j3YfzQ/qlvO35YZ97 KIUWAsA+gEyrJXqN78i1amre8IZvKNzZ8tl4pehnjP7Wcj4RFlP6PJmC1WgFYrM+ wAzBMZN+rSsHe8Iln/zK7jgVJTHY6NdSP5Vmy4lXjq9vyUvHVFXECY5I50CSC6ka rXtxB8qRmfD5Pvq8GV6HHGvGIB8VS69P -----END CERTIFICATE-----Generated at Sat Apr 26 03:43:55 2025 by rpki-client