$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft File: zFfgNkMaXqPBcqpyg0Aa88StXFk.mft (raw, json) Hash identifier: oZaWJvrgfbFSMM+ncCe+55Xrrx3ArMaNbDMmHANoXiE= Subject key identifier: 9D:D3:28:14:24:2C:AF:BC:F2:6C:D7:D1:16:BC:1B:B7:6F:11:0C:CA Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 08FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft Manifest number: 08F1 Signing time: Thu 12 Jun 2025 20:09:55 +0000 Manifest this update: Thu 12 Jun 2025 20:09:54 +0000 Manifest next update: Thu 19 Jun 2025 20:09:54 +0000 Files and hashes: 1: zFfgNkMaXqPBcqpyg0Aa88StXFk.crl (hash: dFYiGopUCv4bw0/PYLpqzO1nJEn7WXJmkMyhF6N3em4=) 2: 6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa (hash: SybMfJLj0+vEkXuaQthUd0H8Z1vNjBlLLQ9rhZgOuPQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 20:09:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2303 (0x8ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78, serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Jun 12 20:09:54 2025 GMT Not After : Jun 19 20:09:54 2025 GMT Subject: CN=684b3412-c42f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:dc:72:6d:04:7a:1d:6a:59:f6:c7:4c:1a:e8: 9f:53:f1:23:6f:f0:47:9b:16:0f:da:d0:35:4f:d6: d8:9e:f7:7d:9e:a9:25:d3:34:b3:e0:5c:7a:33:54: 81:33:45:25:7c:87:af:db:d0:08:a7:c3:e9:79:9e: aa:81:0c:9f:35:7e:6f:94:02:93:6f:97:5d:b9:b7: 4b:7a:9c:8f:a3:f4:9a:1d:31:46:ab:a0:20:43:b0: 51:58:37:6c:40:92:6e:5d:f9:3c:ca:a3:fe:9d:82: d6:97:24:e4:fb:85:13:6e:c8:72:33:01:d8:8e:20: 87:8d:da:35:9a:b4:30:b5:42:23:3c:b8:99:3f:0d: 23:42:2b:56:35:31:ae:71:df:b9:63:ac:64:f0:1c: 22:1b:24:4c:f0:13:99:f3:5a:45:39:b3:0c:8c:b3: f3:ee:b4:fe:de:96:47:67:fa:eb:81:7e:b0:f5:c2: f0:56:c5:c4:9f:1e:dd:aa:de:29:52:c4:a7:ab:98: 89:6f:a0:5d:74:77:99:6c:01:40:ef:b5:4c:68:16: 21:b6:c3:e3:25:e9:9c:9b:06:81:80:0a:aa:36:c3: 34:b7:ea:9b:31:a3:ec:ec:a3:3b:34:6e:b1:0c:18: ce:a5:cf:94:94:9e:7e:90:4e:2b:db:51:85:cf:60: f7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D3:28:14:24:2C:AF:BC:F2:6C:D7:D1:16:BC:1B:B7:6F:11:0C:CA X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:29:ec:58:95:d9:73:1b:38:97:78:d3:8a:77:10:73:95:97: f7:ad:96:b3:24:d7:b3:e0:ab:c1:c5:2c:ec:69:3f:d4:e9:9f: 09:9c:4a:d3:d1:cf:ac:6b:b7:19:a9:06:00:ee:bf:83:fe:36: 6f:0e:88:a3:ae:f8:90:f8:bc:bd:fc:19:09:1b:a1:19:f8:d7: 06:04:dc:9b:d5:bc:78:34:29:86:7e:ed:e1:8f:bc:f5:a6:e5: 8f:44:a0:57:ea:53:04:3e:07:34:1e:e2:e6:1b:7d:0d:52:65: af:76:d9:8c:b0:6e:19:31:28:b1:1f:86:35:6c:c2:1e:30:31: eb:e8:fb:cf:27:b6:a2:fc:50:8c:22:2e:56:bd:d3:3a:90:03: cc:64:9f:27:56:21:9b:91:48:86:4d:4b:60:16:a3:74:e6:c8: af:3d:4f:5d:1e:ca:df:a2:7a:1b:38:90:1a:01:19:9d:05:12: 80:16:b4:f8:b1:d6:23:75:02:aa:d7:34:73:19:0a:31:0c:cd: 1d:7f:5b:c0:e5:22:95:cc:50:6d:3d:f8:2a:79:59:2c:a7:e0: 6f:4e:cc:e8:a4:63:7e:2e:f2:14:5f:87:87:cd:31:42:01:b4: fc:ba:06:88:cb:56:b5:c7:d4:eb:ee:55:be:d7:0c:f1:59:9a: 68:86:1d:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjUwNjEyMjAwOTU0WhcNMjUwNjE5MjAwOTU0WjAYMRYwFAYD VQQDEw02ODRiMzQxMi1jNDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9xybQR6HWpZ9sdMGuifU/Ejb/BHmxYP2tA1T9bYnvd9nqkl0zSz4Fx6M1SB M0UlfIev29AIp8PpeZ6qgQyfNX5vlAKTb5ddubdLepyPo/SaHTFGq6AgQ7BRWDds QJJuXfk8yqP+nYLWlyTk+4UTbshyMwHYjiCHjdo1mrQwtUIjPLiZPw0jQitWNTGu cd+5Y6xk8BwiGyRM8BOZ81pFObMMjLPz7rT+3pZHZ/rrgX6w9cLwVsXEnx7dqt4p UsSnq5iJb6BddHeZbAFA77VMaBYhtsPjJemcmwaBgAqqNsM0t+qbMaPs7KM7NG6x DBjOpc+UlJ5+kE4r21GFz2D3LQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ3TKBQk LK+88mzX0Ra8G7dvEQzKMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhx UEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAKexYldlzGziXeNOKdxBzlZf3rZazJNez4KvBxSzsaT/U6Z8JnErT 0c+sa7cZqQYA7r+D/jZvDoijrviQ+Ly9/BkJG6EZ+NcGBNyb1bx4NCmGfu3hj7z1 puWPRKBX6lMEPgc0HuLmG30NUmWvdtmMsG4ZMSixH4Y1bMIeMDHr6PvPJ7ai/FCM Ii5WvdM6kAPMZJ8nViGbkUiGTUtgFqN05sivPU9dHsrfonobOJAaARmdBRKAFrT4 sdYjdQKq1zRzGQoxDM0df1vA5SKVzFBtPfgqeVksp+BvTszopGN+LvIUX4eHzTFC AbT8ugaIy1a1x9Tr7lW+1wzxWZpohh1F -----END CERTIFICATE-----Generated at Sat Jun 14 19:32:25 2025 by rpki-client