$ rpki-client -vvf rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft File: z3nGX0tVAQ-yXObEW4yRnbCToy0.mft (raw, json) Hash identifier: NqqT1MP/XKHJuYM1ukvPJgWjbTTB9uAy8QQ6dXK975A= Subject key identifier: AA:AB:72:89:7B:FD:9C:0F:94:98:BA:92:36:3E:6B:68:27:A9:64:AC Authority key identifier: CF:79:C6:5F:4B:55:01:0F:B2:5C:E6:C4:5B:8C:91:9D:B0:93:A3:2D Certificate issuer: /CN=A912E87E/serialNumber=CF79C65F4B55010FB25CE6C45B8C919DB093A32D Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft Manifest number: 58 Signing time: Sun 27 Apr 2025 06:00:32 +0000 Manifest this update: Sun 27 Apr 2025 06:00:31 +0000 Manifest next update: Sun 04 May 2025 06:00:31 +0000 Files and hashes: 1: z3nGX0tVAQ-yXObEW4yRnbCToy0.crl (hash: WYS+Ln/z5A2RAW5zu0tdT74kcCxiSCNEG/ZuV0WGz2Y=) 2: A48892E4DE4A11EFACE66748C4F9AE02.roa (hash: pAKMszCIjt6MmJA/GOLnpRTl7JGqEZooCz2JSaSabrA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.crl rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E87E, serialNumber=CF79C65F4B55010FB25CE6C45B8C919DB093A32D Validity Not Before: Apr 27 06:00:31 2025 GMT Not After : May 4 06:00:31 2025 GMT Subject: CN=680dc800-11c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f5:07:d1:dc:b3:c1:0e:00:2d:f6:c5:48:60: 01:bf:63:1f:7a:e7:94:93:fa:fa:41:45:03:6d:cf: 56:ff:b9:d4:7e:6f:b9:df:5d:6b:03:83:df:30:35: 21:36:b8:47:36:39:52:b6:9c:0d:c9:de:32:91:05: a9:cc:9b:21:74:bf:42:ca:fa:d6:6c:00:c0:7a:0f: 8d:a1:2c:7b:73:95:67:ec:0d:85:f4:4b:b5:b4:ef: 0e:96:fd:a0:94:bb:52:79:18:92:70:f9:d9:cb:e9: 0f:a8:40:ff:bc:1b:67:17:2f:32:f2:2a:ad:eb:49: c0:5d:ec:23:99:f8:0d:af:23:8c:19:26:05:3d:fb: 94:35:1d:2f:cb:2e:81:61:04:05:66:48:71:3f:a4: 20:da:8f:ff:24:4b:72:dc:e2:45:62:82:36:90:1a: 6d:ad:f5:bf:d6:93:94:c0:88:27:dd:2a:1a:33:75: a1:20:cc:a2:a8:ee:a3:7b:05:fc:03:0a:ad:bc:d7: 70:9b:c0:d5:8e:ad:b6:a9:4f:db:aa:37:81:d9:3d: 02:5b:d0:4e:38:1b:45:99:71:b1:18:c9:f9:36:2b: ac:f9:80:06:9e:45:26:1a:33:ba:09:10:b5:3a:a1: 90:3c:02:00:56:6f:68:55:74:02:f1:8a:3a:be:7e: 2a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:AB:72:89:7B:FD:9C:0F:94:98:BA:92:36:3E:6B:68:27:A9:64:AC X509v3 Authority Key Identifier: keyid:CF:79:C6:5F:4B:55:01:0F:B2:5C:E6:C4:5B:8C:91:9D:B0:93:A3:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3nGX0tVAQ-yXObEW4yRnbCToy0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E87E/8428B9E6A1CF11EF878E6061C4F9AE02/z3nGX0tVAQ-yXObEW4yRnbCToy0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:84:6e:99:52:6d:11:a1:0f:8c:7c:38:f9:28:cb:f7:00:34: bf:a3:7b:cc:a6:04:08:51:a2:21:3d:20:05:bf:e8:3b:eb:81: 35:c9:66:f2:be:40:c0:f2:e2:e1:c4:cd:dd:18:3a:ed:3b:9e: 00:16:32:52:fb:24:1f:d0:68:1e:3d:b3:2e:90:af:54:e2:fc: e4:36:1f:40:26:ab:e5:b0:d9:9c:05:fe:05:e4:89:ca:58:a9: 49:5e:5b:9a:ce:5d:65:25:9f:eb:b9:24:be:54:4e:7d:f6:7a: 00:54:b1:fd:24:6c:8f:ff:1b:a2:4d:82:18:c3:08:b9:38:59: 20:a9:65:b9:99:0c:c8:27:2f:19:f5:bb:1a:3c:2e:dc:0d:79: f3:c7:77:dd:54:1a:93:06:40:94:a1:bf:81:5a:15:50:89:0f: 70:f6:e3:a3:7c:2e:50:a3:bc:15:6b:03:54:d9:59:01:d2:f1: 3c:e9:cf:11:ab:5d:94:09:af:b1:4c:55:a1:4d:f1:fc:57:84: 02:93:52:a5:04:fe:b5:c1:8f:fd:70:11:49:2e:c9:66:f0:f7: dd:89:e7:4b:16:4e:54:59:62:bd:7e:c9:85:d6:3b:5c:7c:11: 23:c4:a1:08:d4:4e:d8:10:af:60:51:ec:53:15:a8:4a:f3:97: 31:2e:9b:93 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTg3RTExMC8GA1UEBRMoQ0Y3OUM2NUY0QjU1MDEwRkIyNUNFNkM0NUI4QzkxOURC MDkzQTMyRDAeFw0yNTA0MjcwNjAwMzFaFw0yNTA1MDQwNjAwMzFaMBgxFjAUBgNV BAMTDTY4MGRjODAwLTExYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQ9QfR3LPBDgAt9sVIYAG/Yx9655ST+vpBRQNtz1b/udR+b7nfXWsDg98wNSE2 uEc2OVK2nA3J3jKRBanMmyF0v0LK+tZsAMB6D42hLHtzlWfsDYX0S7W07w6W/aCU u1J5GJJw+dnL6Q+oQP+8G2cXLzLyKq3rScBd7COZ+A2vI4wZJgU9+5Q1HS/LLoFh BAVmSHE/pCDaj/8kS3Lc4kVigjaQGm2t9b/Wk5TAiCfdKhozdaEgzKKo7qN7BfwD Cq2813CbwNWOrbapT9uqN4HZPQJb0E44G0WZcbEYyfk2K6z5gAaeRSYaM7oJELU6 oZA8AgBWb2hVdALxijq+fip5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUqqtyiXv9 nA+UmLqSNj5raCepZKwwHwYDVR0jBBgwFoAUz3nGX0tVAQ+yXObEW4yRnbCToy0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFODdFLzg0MjhCOUU2QTFD RjExRUY4NzhFNjA2MUM0RjlBRTAyL3ozbkdYMHRWQVEteVhPYkVXNHlSbmJDVG95 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvejNuR1gwdFZBUS15WE9iRVc0eVJuYkNUb3kwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF ODdFLzg0MjhCOUU2QTFDRjExRUY4NzhFNjA2MUM0RjlBRTAyL3ozbkdYMHRWQVEt eVhPYkVXNHlSbmJDVG95MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADKEbplSbRGhD4x8OPkoy/cANL+je8ymBAhRoiE9IAW/6DvrgTXJZvK+ QMDy4uHEzd0YOu07ngAWMlL7JB/QaB49sy6Qr1Ti/OQ2H0Amq+Ww2ZwF/gXkicpY qUleW5rOXWUln+u5JL5UTn32egBUsf0kbI//G6JNghjDCLk4WSCpZbmZDMgnLxn1 uxo8LtwNefPHd91UGpMGQJShv4FaFVCJD3D246N8LlCjvBVrA1TZWQHS8TzpzxGr XZQJr7FMVaFN8fxXhAKTUqUE/rXBj/1wEUkuyWbw992J50sWTlRZYr1+yYXWO1x8 ESPEoQjUTtgQr2BR7FMVqErzlzEum5M= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:41 2025 by rpki-client on console.sobornost.net