$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft File: ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft (raw, json) Hash identifier: M8/YSC8HTLWj5IbmZg9iv1LcMU7/5TmA/mltQje5Hzk= Subject key identifier: A1:BF:A0:D0:9B:D9:34:24:06:03:92:64:85:31:22:63:4D:97:69:0A Authority key identifier: 65:54:2C:EC:28:11:1F:C5:4B:A3:D2:AE:E3:3F:4C:E8:7B:7F:90:AD Certificate issuer: /CN=A91E4743/serialNumber=65542CEC28111FC54BA3D2AEE33F4CE87B7F90AD Certificate serial: 0898 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft Manifest number: 088F Signing time: Thu 24 Apr 2025 20:27:20 +0000 Manifest this update: Thu 24 Apr 2025 20:27:19 +0000 Manifest next update: Thu 01 May 2025 20:27:19 +0000 Files and hashes: 1: ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl (hash: 9m4fKjWOQEQoMvLrCCoPkR3rC87obeLdUScdSsyi2pY=) 2: 1B2E0738BB7011EA93F7DE4EC4F9AE02.roa (hash: Kkq3FSGMJtrxAckL14K8lEjZBbSHWGV4MxpopXgePZY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:27:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2200 (0x898) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4743, serialNumber=65542CEC28111FC54BA3D2AEE33F4CE87B7F90AD Validity Not Before: Apr 24 20:27:19 2025 GMT Not After : May 1 20:27:19 2025 GMT Subject: CN=680a9ea7-5bc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:09:a1:d6:d1:d6:ac:bb:37:df:fb:48:75:28: c9:0a:14:47:de:a3:a7:da:df:69:4d:7d:49:90:10: 10:86:e2:e0:95:10:02:bf:77:3e:64:1d:f5:56:8f: 8a:0b:c2:fc:02:0a:be:54:16:8f:d4:5b:6a:66:5d: 6a:1e:40:0c:84:39:cd:10:05:69:52:27:0a:e2:92: c3:29:e1:73:a9:af:9c:77:98:a5:f8:dd:8c:fe:ee: 90:da:ef:b1:98:c3:fe:76:37:8c:b1:c4:7a:e0:8b: 99:fc:10:25:93:4a:3e:a9:14:9a:1c:13:b8:fe:2a: e1:1b:fb:2b:06:fe:27:c1:cf:a7:74:27:9f:46:63: d2:95:3b:13:79:42:1a:08:0a:0e:ad:51:99:52:62: cf:65:21:a7:64:5d:c0:cb:d3:c7:f3:2f:37:4b:26: 75:c0:03:4a:61:d4:d1:3d:8c:be:dd:9c:12:44:05: 1b:11:bf:22:1b:b1:90:1f:07:e9:b2:82:fa:e5:c3: 2a:be:64:dc:98:9b:a8:b0:85:28:ba:90:a6:c5:26: 08:a5:76:6d:f6:76:7b:d0:fc:b7:1b:71:a9:09:e3: 4f:da:60:c5:b0:23:06:49:0b:96:39:21:55:3a:2c: 1e:46:93:81:1c:98:f5:53:bc:df:85:a6:bc:a7:50: ab:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:BF:A0:D0:9B:D9:34:24:06:03:92:64:85:31:22:63:4D:97:69:0A X509v3 Authority Key Identifier: keyid:65:54:2C:EC:28:11:1F:C5:4B:A3:D2:AE:E3:3F:4C:E8:7B:7F:90:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4743/670F8092BB6F11EA961FB84EC4F9AE02/ZVQs7CgRH8VLo9Ku4z9M6Ht_kK0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:40:b0:09:b8:b7:85:b1:19:ce:5c:0d:d9:36:6c:14:59:93: fc:34:8b:4e:3e:05:c1:62:73:9a:dd:7e:de:74:30:0e:ae:a8: 56:a3:db:1e:9a:5f:b2:65:27:23:63:30:60:9a:47:bf:36:19: 04:07:ec:b1:53:95:b9:fc:a4:1e:e1:2a:c3:0a:20:b7:73:c3: 5f:d4:6d:05:d6:c3:a7:5a:e4:79:bc:53:67:d1:32:73:77:dd: d1:63:93:c0:e9:57:9d:63:28:77:29:64:f1:e1:39:80:29:e4: af:3b:ba:62:72:3a:d3:e7:6c:c1:b6:7b:ec:96:22:7e:b9:f7: 3a:a4:83:c6:fa:ff:32:ee:f4:df:d6:1f:4c:84:36:b7:2a:75: ac:33:77:5c:4b:6b:f8:45:77:99:74:d0:a4:75:96:1a:28:95: f3:c2:77:f0:b5:a0:fd:f9:75:db:07:ba:b8:6b:9b:ed:53:87: 16:32:06:dd:88:d5:27:ab:a8:1d:90:9f:e1:2b:0e:17:0b:e4: 70:2f:53:77:30:5f:3d:e0:7e:26:d3:4b:1e:18:20:65:eb:99: db:18:4d:76:5c:bf:99:d4:bc:a2:19:87:d2:03:a5:d0:91:c7: 5f:6d:81:1e:9e:02:ce:b5:48:ba:08:5e:e4:c6:ef:65:6a:5d: 25:24:01:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ3NDMxMTAvBgNVBAUTKDY1NTQyQ0VDMjgxMTFGQzU0QkEzRDJBRUUzM0Y0Q0U4 N0I3RjkwQUQwHhcNMjUwNDI0MjAyNzE5WhcNMjUwNTAxMjAyNzE5WjAYMRYwFAYD VQQDEw02ODBhOWVhNy01YmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2gmh1tHWrLs33/tIdSjJChRH3qOn2t9pTX1JkBAQhuLglRACv3c+ZB31Vo+K C8L8Agq+VBaP1FtqZl1qHkAMhDnNEAVpUicK4pLDKeFzqa+cd5il+N2M/u6Q2u+x mMP+djeMscR64IuZ/BAlk0o+qRSaHBO4/irhG/srBv4nwc+ndCefRmPSlTsTeUIa CAoOrVGZUmLPZSGnZF3Ay9PH8y83SyZ1wANKYdTRPYy+3ZwSRAUbEb8iG7GQHwfp soL65cMqvmTcmJuosIUoupCmxSYIpXZt9nZ70Py3G3GpCeNP2mDFsCMGSQuWOSFV OiweRpOBHJj1U7zfhaa8p1CrowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKG/oNCb 2TQkBgOSZIUxImNNl2kKMB8GA1UdIwQYMBaAFGVULOwoER/FS6PSruM/TOh7f5Ct MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDc0My82NzBGODA5MkJC NkYxMUVBOTYxRkI4NEVDNEY5QUUwMi9aVlFzN0NnUkg4VkxvOUt1NHo5TTZIdF9r SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pWUXM3Q2dSSDhWTG85S3U0ejlNNkh0X2tLMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDc0My82NzBGODA5MkJCNkYxMUVBOTYxRkI4NEVDNEY5QUUwMi9aVlFzN0NnUkg4 VkxvOUt1NHo5TTZIdF9rSzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIQLAJuLeFsRnOXA3ZNmwUWZP8NItOPgXBYnOa3X7edDAOrqhWo9se ml+yZScjYzBgmke/NhkEB+yxU5W5/KQe4SrDCiC3c8Nf1G0F1sOnWuR5vFNn0TJz d93RY5PA6VedYyh3KWTx4TmAKeSvO7picjrT52zBtnvsliJ+ufc6pIPG+v8y7vTf 1h9MhDa3KnWsM3dcS2v4RXeZdNCkdZYaKJXzwnfwtaD9+XXbB7q4a5vtU4cWMgbd iNUnq6gdkJ/hKw4XC+RwL1N3MF894H4m00seGCBl65nbGE12XL+Z1LyiGYfSA6XQ kcdfbYEengLOtUi6CF7kxu9lal0lJAFi -----END CERTIFICATE-----Generated at Sat Apr 26 18:14:10 2025 by rpki-client