$ rpki-client -vvf rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.mft File: ZEfjYbGkSWugEo32lWV0SOleK5U.mft (raw, json) Hash identifier: wFHnVq1Z4xvi7hXya9h5ZJHaBVO6ZuXwET8I6rOmh1g= Subject key identifier: 64:26:60:84:5D:E5:36:41:2F:36:A9:AF:FE:74:7D:94:19:9C:35:64 Authority key identifier: 64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95 Certificate issuer: /CN=A917F879/serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95 Certificate serial: 09B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.mft Manifest number: 09A8 Signing time: Mon 28 Apr 2025 20:26:21 +0000 Manifest this update: Mon 28 Apr 2025 20:26:21 +0000 Manifest next update: Mon 05 May 2025 20:26:21 +0000 Files and hashes: 1: ZEfjYbGkSWugEo32lWV0SOleK5U.crl (hash: JFnyZBzgtpaww2JAuHjB1OkGYrhNM1r9ntiDr5gRLas=) 2: 8A6AA178556111EDB7E45424C4F9AE02.roa (hash: Lv3s/tDzwoH6gl7nLzqYDd9D8Hirj2BDnbGE+1t61zg=) 3: 894FFF40556111EDB7E45424C4F9AE02.roa (hash: J0+zE9SmlQGpzIqcvJUCPulCa8uAwpw7BcVDFzghz4Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.crl rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 20:26:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2482 (0x9b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F879, serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95 Validity Not Before: Apr 28 20:26:21 2025 GMT Not After : May 5 20:26:21 2025 GMT Subject: CN=680fe46d-fb98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5f:de:f6:89:e3:e3:a6:32:66:fe:60:d6:9c: d3:9e:35:a3:7e:90:1b:eb:16:02:59:aa:db:29:7e: da:cd:6b:e4:36:ff:c4:f8:55:d2:93:8f:fa:00:e0: ee:4b:93:68:45:f0:5e:a9:0d:d7:25:37:17:c2:a0: 80:6b:93:21:19:14:20:a3:2e:d6:6c:f8:5c:2f:c1: 1b:f5:aa:ca:6f:96:14:55:78:3b:df:22:de:dc:5c: 70:59:98:19:6f:33:22:a6:4d:59:b5:f1:81:b5:f5: 76:ba:07:a5:bc:ef:85:66:e6:f7:c9:74:d9:77:95: 99:9b:f9:56:6b:b8:4d:fc:08:42:56:57:ad:04:3b: cc:8f:c3:0b:05:98:fe:19:3a:70:e3:89:e0:6c:60: c9:c9:76:59:8d:1f:89:96:93:54:2b:88:b2:2c:f3: e4:77:1c:ad:a9:52:7b:3a:f9:ed:6e:59:44:87:6d: 87:d4:db:67:6e:37:56:4e:b4:03:22:32:83:22:fb: c5:98:c7:91:d4:71:15:69:c0:c1:76:53:ba:19:1b: 9d:fb:1a:dc:de:1c:d4:3b:24:cc:62:b6:b3:3f:31: 2b:f1:1d:0a:86:de:b9:2a:46:80:5f:9c:75:50:2c: 32:1d:c4:ae:66:df:0f:b1:ea:83:57:c9:4c:e0:3a: c6:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:26:60:84:5D:E5:36:41:2F:36:A9:AF:FE:74:7D:94:19:9C:35:64 X509v3 Authority Key Identifier: keyid:64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:b4:bc:5e:f3:4c:51:d0:01:50:3f:48:25:63:8f:88:6d:66: fa:99:fa:4c:33:ea:17:89:9b:b7:5a:43:6a:36:df:29:8f:8b: 62:91:96:2e:6f:7a:c4:c9:dd:be:68:2c:c4:51:12:01:21:a5: 80:89:c7:8d:9c:db:03:80:ec:40:fc:ff:2b:4e:ce:cc:c6:35: bd:72:41:5b:f9:8d:91:f9:3a:c7:42:d6:3e:d5:d6:ea:00:70: 09:e3:3a:11:9c:a8:16:5b:a5:8c:00:0e:66:3c:c5:90:ca:52: 6e:0e:71:01:d3:ad:01:30:30:e1:29:0e:1d:f6:54:b2:ac:74: 43:5f:48:d2:cb:f3:28:7f:5d:68:18:07:0a:a1:43:42:c8:c8: 67:a1:8d:67:eb:fb:84:84:8e:7e:f4:c2:c4:15:13:a5:b6:3a: eb:cf:dc:0f:25:9f:62:70:a1:13:58:53:36:c2:1b:90:e6:4c: e0:3a:12:4a:b3:37:46:d5:20:2b:e9:79:5d:51:97:08:fb:44: 72:e7:b0:f9:51:aa:d2:40:64:2e:29:05:0a:06:6a:fb:8b:34: 7b:29:82:c9:dd:d0:e3:c5:5b:46:e3:be:7f:f0:94:43:be:3e: 26:29:59:59:07:92:63:0d:fd:de:9e:f3:ed:e0:56:b6:fe:64: e4:8c:0a:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCbIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y4NzkxMTAvBgNVBAUTKDY0NDdFMzYxQjFBNDQ5NkJBMDEyOERGNjk1NjU3NDQ4 RTk1RTJCOTUwHhcNMjUwNDI4MjAyNjIxWhcNMjUwNTA1MjAyNjIxWjAYMRYwFAYD VQQDEw02ODBmZTQ2ZC1mYjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxl/e9onj46YyZv5g1pzTnjWjfpAb6xYCWarbKX7azWvkNv/E+FXSk4/6AODu S5NoRfBeqQ3XJTcXwqCAa5MhGRQgoy7WbPhcL8Eb9arKb5YUVXg73yLe3FxwWZgZ bzMipk1ZtfGBtfV2ugelvO+FZub3yXTZd5WZm/lWa7hN/AhCVletBDvMj8MLBZj+ GTpw44ngbGDJyXZZjR+JlpNUK4iyLPPkdxytqVJ7OvntbllEh22H1NtnbjdWTrQD IjKDIvvFmMeR1HEVacDBdlO6GRud+xrc3hzUOyTMYrazPzEr8R0Kht65KkaAX5x1 UCwyHcSuZt8PseqDV8lM4DrGpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGQmYIRd 5TZBLzapr/50fZQZnDVkMB8GA1UdIwQYMBaAFGRH42GxpElroBKN9pVldEjpXiuV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Rjg3OS9BQUZDRUYwQTgz NDkxMUVBODlERTY5N0JDNEY5QUUwMi9aRWZqWWJHa1NXdWdFbzMybFdWMFNPbGVL NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pFZmpZYkdrU1d1Z0VvMzJsV1YwU09sZUs1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Rjg3OS9BQUZDRUYwQTgzNDkxMUVBODlERTY5N0JDNEY5QUUwMi9aRWZqWWJHa1NX dWdFbzMybFdWMFNPbGVLNVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1tLxe80xR0AFQP0glY4+IbWb6mfpMM+oXiZu3WkNqNt8pj4tikZYu b3rEyd2+aCzEURIBIaWAiceNnNsDgOxA/P8rTs7MxjW9ckFb+Y2R+TrHQtY+1dbq AHAJ4zoRnKgWW6WMAA5mPMWQylJuDnEB060BMDDhKQ4d9lSyrHRDX0jSy/Mof11o GAcKoUNCyMhnoY1n6/uEhI5+9MLEFROltjrrz9wPJZ9icKETWFM2whuQ5kzgOhJK szdG1SAr6XldUZcI+0Ry57D5UarSQGQuKQUKBmr7izR7KYLJ3dDjxVtG475/8JRD vj4mKVlZB5JjDf3envPt4Fa2/mTkjAo0 -----END CERTIFICATE-----Generated at Mon Apr 28 23:05:36 2025 by rpki-client on console.sobornost.net