$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft File: z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft (raw, json) Hash identifier: +b5s+uoTbLm0VWBcdvm0FK9IoP4XyjeYb07m7OG+kmw= Subject key identifier: FA:6F:E9:2A:F4:2F:9B:0A:A9:D5:67:63:2D:CF:59:5B:B2:D9:B6:30 Authority key identifier: CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 Certificate issuer: /CN=A91E7ED9/serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Certificate serial: 0800 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft Manifest number: 07FA Signing time: Thu 24 Apr 2025 20:44:57 +0000 Manifest this update: Thu 24 Apr 2025 20:44:57 +0000 Manifest next update: Thu 01 May 2025 20:44:57 +0000 Files and hashes: 1: z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl (hash: aOG5vRTVy2OFe8k1yKMOn0pA0EkEhw6Tm8Ml9jYMmB8=) 2: DE349762DBA311EA8DE35866C4F9AE02.roa (hash: W9BGV+7n/b6h+ZEgu/zCV5dkMkakdYDRjim1ueZv/vs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:44:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2048 (0x800) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7ED9, serialNumber=CF668374EC75AB5CACD2EA730515F7B7764DD921 Validity Not Before: Apr 24 20:44:57 2025 GMT Not After : May 1 20:44:57 2025 GMT Subject: CN=680aa2c9-e1de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:85:88:78:6d:57:f6:7a:90:b5:1f:eb:5f:4b: f7:61:63:16:c0:71:04:13:b0:e2:bb:9c:fa:f1:ea: 4e:41:8b:a7:fe:7d:6e:10:5d:4b:3b:98:91:1b:6f: 72:66:7b:16:db:69:49:62:e6:f1:70:9d:dc:35:20: fb:e2:16:5e:8c:84:2f:32:f7:90:5b:ee:55:ae:04: 05:2b:d1:fb:ef:91:b9:5c:78:e8:fe:a5:46:ee:05: ab:6c:13:76:e8:05:d9:e7:5e:4c:9f:9d:1e:a4:cf: 78:e4:a1:2f:18:a3:8a:c8:45:de:6f:05:5d:bb:a5: a2:dd:3d:d9:81:26:74:02:a2:c9:99:93:4e:25:63: b6:d4:fb:4e:a9:85:d6:1e:ce:cc:bc:cf:28:46:eb: 9d:fd:a7:35:16:b7:3a:fa:5e:99:01:75:7f:da:29: 72:62:20:75:5e:42:f2:e7:b3:d3:a0:c0:fa:6c:93: 82:87:7c:e0:d9:cc:44:8d:7d:78:14:71:c9:0f:53: 6c:5e:be:22:b2:39:8b:03:8a:1a:f0:a9:d3:49:e7: cf:ae:6d:48:fd:7d:7c:18:e3:d8:20:0e:04:49:53: 4a:e0:00:4e:ed:ca:9e:22:c6:2a:92:97:a3:67:11: 8f:47:e5:1b:20:32:c4:d1:03:01:42:43:aa:5a:a6: 52:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:6F:E9:2A:F4:2F:9B:0A:A9:D5:67:63:2D:CF:59:5B:B2:D9:B6:30 X509v3 Authority Key Identifier: keyid:CF:66:83:74:EC:75:AB:5C:AC:D2:EA:73:05:15:F7:B7:76:4D:D9:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z2aDdOx1q1ys0upzBRX3t3ZN2SE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7ED9/F8E0B3B2DBA211EAA88F2066C4F9AE02/z2aDdOx1q1ys0upzBRX3t3ZN2SE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:9e:41:84:52:4f:57:ce:96:26:c4:cf:91:20:54:c1:ae:fa: 06:02:d1:01:af:25:34:54:9e:d9:55:99:40:18:0d:4d:18:07: 39:9e:9d:c5:22:38:06:a7:cd:d5:3a:9a:b5:5a:6e:fe:5b:14: 83:c2:f4:6c:06:44:81:67:09:2a:71:9e:76:cc:f4:c6:98:74: f5:f2:a2:16:7e:dd:dd:34:c1:8a:92:86:e0:ea:95:da:e5:37: b0:69:91:e1:40:08:6c:3e:2b:f4:6d:04:18:e9:5d:4e:7a:5c: be:25:39:c1:92:90:25:0c:df:2a:69:a1:60:62:0e:c6:3b:63: 51:c6:f7:13:07:db:31:2f:cf:c1:35:dd:16:f6:9e:31:15:cb: bc:16:ad:37:9e:0c:0d:f6:15:1b:f6:84:b3:7c:e5:9f:71:bf: 4a:53:c5:18:1e:1d:6d:dc:b5:9f:a2:12:89:f1:da:27:cd:a8: 91:3a:0b:c9:e7:ae:5a:39:6a:47:b8:32:19:b5:98:a6:dc:c5: 3a:e6:9f:29:56:ef:f7:22:fa:7a:2b:77:d7:ca:5c:cd:c7:6a: 20:4c:af:d5:c0:9f:6a:b2:67:b9:ba:0a:81:2e:17:1d:5e:e4: d2:7d:bf:cb:74:0c:cd:93:31:b4:8a:67:be:3a:55:66:96:80: 2b:76:dc:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdFRDkxMTAvBgNVBAUTKENGNjY4Mzc0RUM3NUFCNUNBQ0QyRUE3MzA1MTVGN0I3 NzY0REQ5MjEwHhcNMjUwNDI0MjA0NDU3WhcNMjUwNTAxMjA0NDU3WjAYMRYwFAYD VQQDEw02ODBhYTJjOS1lMWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4WIeG1X9nqQtR/rX0v3YWMWwHEEE7Diu5z68epOQYun/n1uEF1LO5iRG29y ZnsW22lJYubxcJ3cNSD74hZejIQvMveQW+5VrgQFK9H775G5XHjo/qVG7gWrbBN2 6AXZ515Mn50epM945KEvGKOKyEXebwVdu6Wi3T3ZgSZ0AqLJmZNOJWO21PtOqYXW Hs7MvM8oRuud/ac1Frc6+l6ZAXV/2ilyYiB1XkLy57PToMD6bJOCh3zg2cxEjX14 FHHJD1NsXr4isjmLA4oa8KnTSefPrm1I/X18GOPYIA4ESVNK4ABO7cqeIsYqkpej ZxGPR+UbIDLE0QMBQkOqWqZS7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPpv6Sr0 L5sKqdVnYy3PWVuy2bYwMB8GA1UdIwQYMBaAFM9mg3TsdatcrNLqcwUV97d2Tdkh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0VEOS9GOEUwQjNCMkRC QTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXExeXMwdXB6QlJYM3QzWk4y U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3oyYURkT3gxcTF5czB1cHpCUlgzdDNaTjJTRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0VEOS9GOEUwQjNCMkRCQTIxMUVBQTg4RjIwNjZDNEY5QUUwMi96MmFEZE94MXEx eXMwdXB6QlJYM3QzWk4yU0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcnkGEUk9XzpYmxM+RIFTBrvoGAtEBryU0VJ7ZVZlAGA1NGAc5np3F IjgGp83VOpq1Wm7+WxSDwvRsBkSBZwkqcZ52zPTGmHT18qIWft3dNMGKkobg6pXa 5TewaZHhQAhsPiv0bQQY6V1Oely+JTnBkpAlDN8qaaFgYg7GO2NRxvcTB9sxL8/B Nd0W9p4xFcu8Fq03ngwN9hUb9oSzfOWfcb9KU8UYHh1t3LWfohKJ8donzaiROgvJ 565aOWpHuDIZtZim3MU65p8pVu/3Ivp6K3fXylzNx2ogTK/VwJ9qsme5ugqBLhcd XuTSfb/LdAzNkzG0ime+OlVmloArdtwo -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:46 2025 by rpki-client