$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft File: z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json) Hash identifier: GTZhy5ZWW9WkMmARh/uAHmXRJ8zEuwzsnPrgMrkVx6w= Subject key identifier: CD:21:FC:10:BE:3F:8D:67:F0:3B:7B:53:6D:A0:14:7F:B2:D0:77:67 Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE Certificate issuer: /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Certificate serial: 0859 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft Manifest number: 084F Signing time: Thu 24 Apr 2025 20:36:43 +0000 Manifest this update: Thu 24 Apr 2025 20:36:43 +0000 Manifest next update: Thu 01 May 2025 20:36:43 +0000 Files and hashes: 1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: 9cBESdU2R30wulTzjtuVAh8z9dKV5EN/8lqmqxJEVLk=) 2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: jP9WQeUuHByQOgvhcc4yViwwc1IsiLi4j4kFeZuXSLA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:36:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2137 (0x859) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Validity Not Before: Apr 24 20:36:43 2025 GMT Not After : May 1 20:36:43 2025 GMT Subject: CN=680aa0db-8024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cb:d3:7e:6f:99:1f:03:ec:cc:c6:29:0c:f9: c1:46:e5:41:45:dd:d0:86:07:c5:22:1a:9b:6b:b0: 35:1c:90:48:0b:ab:50:29:0d:b3:0c:b2:d7:2e:02: 92:fa:79:79:75:fd:42:d3:08:f1:49:90:b9:88:0a: 30:18:a6:67:51:bc:62:86:f3:be:ed:59:69:22:ec: 70:4d:76:bb:27:81:36:db:bd:7e:70:bd:00:03:70: 9b:05:e5:58:64:7b:cf:b7:8c:c3:20:38:ba:27:9c: ea:dd:6d:51:df:d7:6c:39:7d:3e:91:7d:d6:d8:30: aa:74:be:92:29:0c:f5:15:a5:4b:41:f8:23:97:7c: bf:8d:2b:af:1a:e5:da:2b:57:28:04:70:5e:c3:9c: 11:3f:18:84:e3:47:b1:50:24:48:d9:8c:33:e0:4c: 67:12:31:43:fd:78:22:7a:60:c4:f3:f6:71:39:28: c4:34:f0:ff:bb:0c:6b:16:46:3b:82:a4:66:2b:3f: da:91:f2:3a:51:dd:13:46:e3:e2:16:9e:02:41:d1: 7f:4f:5b:81:08:9f:33:dd:43:1c:51:26:cd:78:05: fe:07:d8:7f:0e:c9:a3:76:e7:20:05:a2:12:27:cf: 98:40:3a:c1:fc:71:5c:71:0b:58:b6:97:a3:3a:a5: f4:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:21:FC:10:BE:3F:8D:67:F0:3B:7B:53:6D:A0:14:7F:B2:D0:77:67 X509v3 Authority Key Identifier: keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:f5:b3:69:d0:d6:5c:08:a7:40:84:e9:57:bd:ac:0d:74:5e: 6e:b3:50:bf:5c:ae:a0:db:c7:a6:5b:fa:96:b5:7f:93:01:f0: f7:a6:d0:81:dd:a6:98:66:91:96:27:70:62:d1:8f:58:0c:01: c1:d0:05:05:ea:4e:75:a7:77:e8:7f:9b:1c:70:5a:c5:4b:5d: e1:e4:17:7a:1d:e4:eb:39:b8:94:15:8f:2e:01:48:9e:55:ce: 87:1b:6a:d9:27:45:1a:28:0b:25:c8:e0:5c:ad:49:b6:0f:5d: 7d:e2:ec:6d:43:7e:82:d9:84:7a:50:4d:88:f7:b5:fd:51:1c: 01:f2:1c:b8:52:24:03:3b:f3:3c:95:69:ae:0f:1e:bb:a5:32: a8:bf:be:ee:60:be:fe:01:f3:e5:75:32:9a:02:c7:21:da:7a: 9f:f3:39:8f:1a:42:89:b2:46:29:c1:93:79:8e:a0:a1:ab:5f: 88:27:7e:e8:88:06:05:7e:14:cb:a9:9e:a2:39:bd:3a:cc:be: ae:56:f8:66:1d:d3:82:68:a7:50:33:94:03:34:af:2e:3c:75: f9:19:22:69:2f:76:72:07:90:93:65:9f:36:2f:c7:4b:5e:a3: e9:fe:09:b5:8c:c9:ce:b4:f2:fe:18:6a:ee:d4:a5:84:fa:7b: 7d:e6:8e:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3 MUNCQTQ3QUUwHhcNMjUwNDI0MjAzNjQzWhcNMjUwNTAxMjAzNjQzWjAYMRYwFAYD VQQDEw02ODBhYTBkYi04MDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAocvTfm+ZHwPszMYpDPnBRuVBRd3QhgfFIhqba7A1HJBIC6tQKQ2zDLLXLgKS +nl5df1C0wjxSZC5iAowGKZnUbxihvO+7VlpIuxwTXa7J4E2271+cL0AA3CbBeVY ZHvPt4zDIDi6J5zq3W1R39dsOX0+kX3W2DCqdL6SKQz1FaVLQfgjl3y/jSuvGuXa K1coBHBew5wRPxiE40exUCRI2Ywz4ExnEjFD/XgiemDE8/ZxOSjENPD/uwxrFkY7 gqRmKz/akfI6Ud0TRuPiFp4CQdF/T1uBCJ8z3UMcUSbNeAX+B9h/DsmjducgBaIS J8+YQDrB/HFccQtYtpejOqX08QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0h/BC+ P41n8Dt7U22gFH+y0HdnMB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4 MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBK9bNp0NZcCKdAhOlXvawNdF5us1C/XK6g28emW/qWtX+TAfD3ptCB 3aaYZpGWJ3Bi0Y9YDAHB0AUF6k51p3fof5sccFrFS13h5Bd6HeTrObiUFY8uAUie Vc6HG2rZJ0UaKAslyOBcrUm2D1194uxtQ36C2YR6UE2I97X9URwB8hy4UiQDO/M8 lWmuDx67pTKov77uYL7+AfPldTKaAsch2nqf8zmPGkKJskYpwZN5jqChq1+IJ37o iAYFfhTLqZ6iOb06zL6uVvhmHdOCaKdQM5QDNK8uPHX5GSJpL3ZyB5CTZZ82L8dL XqPp/gm1jMnOtPL+GGru1KWE+nt95o5l -----END CERTIFICATE-----Generated at Sat Apr 26 15:09:02 2025 by rpki-client