$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft File: zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft (raw, json) Hash identifier: swV/00eBaPanIdYTItN/tZQvchprycdqSROjoOobe28= Subject key identifier: A4:E6:0B:56:9F:EB:F1:4A:B6:79:31:25:51:0C:06:CF:CE:F5:D5:21 Authority key identifier: CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E Certificate issuer: /CN=A91FBA0C/serialNumber=CD5CD590913E4F89AF3D1CA6E29FAB3C067D214E Certificate serial: F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft Manifest number: F5 Signing time: Fri 25 Apr 2025 04:18:00 +0000 Manifest this update: Fri 25 Apr 2025 04:18:00 +0000 Manifest next update: Fri 02 May 2025 04:17:59 +0000 Files and hashes: 1: zVzVkJE-T4mvPRym4p-rPAZ9IU4.crl (hash: wxpBft7eUl3A7HBg3g0xeYtkIoNuJubCefqTtHpKpZ4=) 2: 91056478AF6A11EE93DDE73AC4F9AE02.roa (hash: ewevHTVGmqHpvpOV2d+aqrkd9ftzXTkReJQtB5PG940=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.crl rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:17:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 248 (0xf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBA0C, serialNumber=CD5CD590913E4F89AF3D1CA6E29FAB3C067D214E Validity Not Before: Apr 25 04:18:00 2025 GMT Not After : May 2 04:17:59 2025 GMT Subject: CN=680b0cf8-ae24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3e:d9:7d:7b:19:a6:3c:0d:d9:2c:8b:2f:97: 2a:4f:a2:e3:7f:66:06:c9:cc:21:a4:d3:a9:cb:49: 3f:d6:e3:24:a3:4e:88:4f:6f:8f:fe:14:4f:96:94: d1:8b:91:59:58:95:7a:6f:2e:90:a1:9b:11:f0:ba: 87:4b:9f:b0:34:aa:98:92:58:22:44:7a:d0:6f:27: c6:a4:a1:0a:46:6e:b9:54:43:73:bc:bb:06:52:57: bc:13:e3:a8:f3:86:44:94:45:13:d3:a3:2e:25:4a: ac:e5:01:a5:03:fe:f9:2e:f0:19:a1:9d:0f:1d:2b: a5:de:ea:9d:a2:f5:b0:5b:24:17:a6:c8:a6:70:15: 7e:03:41:d9:d6:ad:42:cb:a4:be:ae:f8:02:f8:66: 3f:40:14:b8:a9:b0:8a:36:f0:5e:c4:41:2e:ea:f2: cd:c2:ca:ea:e8:e5:0c:c9:77:cb:65:6d:78:f8:dd: 4b:1a:3f:69:b8:fc:36:b3:af:20:73:4d:d3:56:47: 94:6d:0d:47:ed:43:38:5d:5f:df:54:a3:b9:63:9e: cd:b8:78:81:c2:0b:29:7a:fd:20:7c:25:3b:22:d3: f0:f4:1f:61:97:50:2c:52:50:8a:78:96:82:7e:c0: 04:7d:0a:44:bc:8d:7f:7a:6e:9e:22:cb:bd:c4:91: 0a:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:E6:0B:56:9F:EB:F1:4A:B6:79:31:25:51:0C:06:CF:CE:F5:D5:21 X509v3 Authority Key Identifier: keyid:CD:5C:D5:90:91:3E:4F:89:AF:3D:1C:A6:E2:9F:AB:3C:06:7D:21:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVzVkJE-T4mvPRym4p-rPAZ9IU4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBA0C/41531B0CAECD11EE86F1B249C4F9AE02/zVzVkJE-T4mvPRym4p-rPAZ9IU4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:03:8f:33:92:77:3f:ca:aa:d2:2b:89:d1:d0:28:f9:33:b3: db:13:d3:9e:ca:17:17:52:70:22:ab:ae:38:f4:bb:36:e0:5a: 22:7b:a7:8d:75:9e:06:62:00:37:e6:4d:8a:ee:ae:2b:1a:7a: 03:24:e5:eb:e3:2d:01:a1:f3:86:15:99:18:0e:2d:d5:91:d0: 24:91:47:cd:3c:0f:f3:33:83:d8:9c:ca:88:1d:b6:c0:28:96: b8:bd:a0:ae:5c:eb:50:79:e5:98:2d:90:05:9d:76:a8:ac:a7: d6:16:60:01:9d:af:67:3b:2b:c2:d8:ef:42:dd:32:6a:f2:66: 07:75:f4:11:f4:df:45:86:10:43:e9:f7:f4:27:4b:98:c1:52: ef:ba:03:5a:a7:8f:6c:0d:10:ac:d0:48:57:ea:0b:91:b0:73: 9d:39:64:17:04:64:07:d6:01:b1:ac:90:df:7b:18:42:8e:31: 24:04:da:da:21:bc:be:01:21:fe:38:3d:4a:60:56:c0:49:89: 6c:01:39:9e:98:6c:26:4e:ad:58:ea:c8:69:48:5c:c0:d6:ba: d1:a0:80:fa:e1:a1:00:42:e4:04:30:1c:3a:9e:9d:2e:45:4e: 64:1c:35:29:8b:36:09:3a:4a:56:3b:7a:a5:01:23:d8:72:e7: fb:ac:03:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJBMEMxMTAvBgNVBAUTKENENUNENTkwOTEzRTRGODlBRjNEMUNBNkUyOUZBQjND MDY3RDIxNEUwHhcNMjUwNDI1MDQxODAwWhcNMjUwNTAyMDQxNzU5WjAYMRYwFAYD VQQDEw02ODBiMGNmOC1hZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsD7ZfXsZpjwN2SyLL5cqT6Ljf2YGycwhpNOpy0k/1uMko06IT2+P/hRPlpTR i5FZWJV6by6QoZsR8LqHS5+wNKqYklgiRHrQbyfGpKEKRm65VENzvLsGUle8E+Oo 84ZElEUT06MuJUqs5QGlA/75LvAZoZ0PHSul3uqdovWwWyQXpsimcBV+A0HZ1q1C y6S+rvgC+GY/QBS4qbCKNvBexEEu6vLNwsrq6OUMyXfLZW14+N1LGj9puPw2s68g c03TVkeUbQ1H7UM4XV/fVKO5Y57NuHiBwgspev0gfCU7ItPw9B9hl1AsUlCKeJaC fsAEfQpEvI1/em6eIsu9xJEK2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKTmC1af 6/FKtnkxJVEMBs/O9dUhMB8GA1UdIwQYMBaAFM1c1ZCRPk+Jrz0cpuKfqzwGfSFO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkEwQy80MTUzMUIwQ0FF Q0QxMUVFODZGMUIyNDlDNEY5QUUwMi96VnpWa0pFLVQ0bXZQUnltNHAtclBBWjlJ VTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pWelZrSkUtVDRtdlBSeW00cC1yUEFaOUlVNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkEwQy80MTUzMUIwQ0FFQ0QxMUVFODZGMUIyNDlDNEY5QUUwMi96VnpWa0pFLVQ0 bXZQUnltNHAtclBBWjlJVTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmA48zknc/yqrSK4nR0Cj5M7PbE9OeyhcXUnAiq6449Ls24Foie6eN dZ4GYgA35k2K7q4rGnoDJOXr4y0BofOGFZkYDi3VkdAkkUfNPA/zM4PYnMqIHbbA KJa4vaCuXOtQeeWYLZAFnXaorKfWFmABna9nOyvC2O9C3TJq8mYHdfQR9N9FhhBD 6ff0J0uYwVLvugNap49sDRCs0EhX6guRsHOdOWQXBGQH1gGxrJDfexhCjjEkBNra Iby+ASH+OD1KYFbASYlsATmemGwmTq1Y6shpSFzA1rrRoID64aEAQuQEMBw6np0u RU5kHDUpizYJOkpWO3qlASPYcuf7rAOT -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:59 2025 by rpki-client