$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft File: zFfgNkMaXqPBcqpyg0Aa88StXFk.mft (raw, json) Hash identifier: xwXWqn3Ta/zWXD8R0G6cbIEV8tqd86ElpHOsLMIzoNs= Subject key identifier: F5:08:2A:77:26:BE:21:C7:98:20:8A:EC:1C:34:C0:36:91:E4:D7:A5 Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 08E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft Manifest number: 08D8 Signing time: Thu 24 Apr 2025 20:19:44 +0000 Manifest this update: Thu 24 Apr 2025 20:19:43 +0000 Manifest next update: Thu 01 May 2025 20:19:43 +0000 Files and hashes: 1: zFfgNkMaXqPBcqpyg0Aa88StXFk.crl (hash: Ujv5s+a/Wn6DwfC0ZdlHvwKxQyRU45xF014wCQJsT20=) 2: 6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa (hash: SybMfJLj0+vEkXuaQthUd0H8Z1vNjBlLLQ9rhZgOuPQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:19:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2278 (0x8e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78, serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Apr 24 20:19:43 2025 GMT Not After : May 1 20:19:43 2025 GMT Subject: CN=680a9ce0-af1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:67:b9:e7:c4:8d:c3:1b:9a:9e:2a:d7:36:54: ba:1b:26:de:c5:11:b9:90:b4:89:03:1c:cb:61:71: d1:1f:c9:4b:61:30:49:e8:99:a2:17:4e:7b:90:06: 73:62:c9:38:f2:0c:11:8a:89:dd:58:29:af:3a:61: bf:a2:ef:0c:5a:63:61:5b:ca:c3:dd:5b:6b:f6:27: b0:a3:3d:2c:fa:9d:5e:16:59:50:02:29:ce:90:bd: d8:a4:76:5d:c9:ab:d1:f2:01:66:4e:20:46:dd:a1: f1:77:71:92:46:b8:16:5e:41:b3:8b:1c:16:e2:fb: ac:7d:57:6b:61:18:31:06:15:1f:2e:4c:ca:b5:6f: 99:3a:bf:e3:8d:d6:34:e8:cf:34:a7:1e:85:cb:a5: 1b:85:75:7f:6a:cc:3a:27:09:7e:88:eb:2d:1f:82: 72:e0:c3:20:37:72:62:a8:d4:a9:14:cd:c4:36:9b: 85:83:9a:7d:36:7a:5b:3e:d3:e3:c3:ef:ee:ad:20: b9:87:36:52:3c:71:fb:72:df:45:70:7b:c7:39:28: 5f:62:65:eb:63:16:10:f3:39:d6:d3:92:44:65:d7: 17:f3:b3:b8:43:4b:25:e3:0d:00:74:1c:11:9e:6f: 33:50:b0:b7:b8:b3:bc:6b:69:24:a4:65:00:1b:9f: fe:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:08:2A:77:26:BE:21:C7:98:20:8A:EC:1C:34:C0:36:91:E4:D7:A5 X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:47:6b:b0:75:33:48:76:78:7b:7f:52:81:e0:01:36:1b:73: 84:82:a1:13:68:8f:4c:b7:02:c9:22:f4:0c:30:a2:0b:7e:8d: 02:1e:3b:5d:f9:63:3c:93:58:a4:6a:6b:8a:2c:40:78:9f:64: d4:5d:d5:bd:89:98:c3:18:8b:a7:ca:5d:80:3d:c5:db:2b:52: 20:97:c3:68:67:af:a2:6e:ee:23:ab:47:b3:bd:7b:e3:17:ba: b2:a9:48:0a:2a:a0:58:9e:3b:38:79:19:50:04:40:b7:ec:44: 36:be:98:d0:23:82:ac:56:e9:ee:80:0b:44:83:92:2c:f1:45: af:8a:62:5b:cb:a5:34:f4:fa:97:d1:1a:25:42:89:f5:33:bd: 72:2c:f9:65:c4:22:63:8b:50:d9:4d:c4:f6:f0:c7:34:e3:5f: 8c:30:a0:30:5e:56:3c:1d:00:89:0b:58:7f:50:83:fa:ac:46: b9:42:49:73:5b:9d:a6:70:77:f0:e7:d8:49:fe:36:15:41:9e: 11:b5:01:d9:44:3c:1c:0c:36:cf:46:80:a2:99:21:b6:14:c8: 30:29:db:81:ee:39:b1:8b:77:3d:f9:9f:6e:29:48:e0:4f:35: c2:f9:a2:2c:25:18:82:06:81:f1:c3:4b:06:82:e6:6b:59:73: d6:61:a8:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjUwNDI0MjAxOTQzWhcNMjUwNTAxMjAxOTQzWjAYMRYwFAYD VQQDEw02ODBhOWNlMC1hZjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Ge558SNwxuanirXNlS6GybexRG5kLSJAxzLYXHRH8lLYTBJ6JmiF057kAZz Ysk48gwRiondWCmvOmG/ou8MWmNhW8rD3Vtr9iewoz0s+p1eFllQAinOkL3YpHZd yavR8gFmTiBG3aHxd3GSRrgWXkGzixwW4vusfVdrYRgxBhUfLkzKtW+ZOr/jjdY0 6M80px6Fy6UbhXV/asw6Jwl+iOstH4Jy4MMgN3JiqNSpFM3ENpuFg5p9NnpbPtPj w+/urSC5hzZSPHH7ct9FcHvHOShfYmXrYxYQ8znW05JEZdcX87O4Q0sl4w0AdBwR nm8zULC3uLO8a2kkpGUAG5/+FwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPUIKncm viHHmCCK7Bw0wDaR5NelMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhx UEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9R2uwdTNIdnh7f1KB4AE2G3OEgqETaI9MtwLJIvQMMKILfo0CHjtd +WM8k1ikamuKLEB4n2TUXdW9iZjDGIunyl2APcXbK1Igl8NoZ6+ibu4jq0ezvXvj F7qyqUgKKqBYnjs4eRlQBEC37EQ2vpjQI4KsVunugAtEg5Is8UWvimJby6U09PqX 0RolQon1M71yLPllxCJji1DZTcT28Mc041+MMKAwXlY8HQCJC1h/UIP6rEa5Qklz W52mcHfw59hJ/jYVQZ4RtQHZRDwcDDbPRoCimSG2FMgwKduB7jmxi3c9+Z9uKUjg TzXC+aIsJRiCBoHxw0sGguZrWXPWYagy -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:28 2025 by rpki-client