$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft File: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft (raw, json) Hash identifier: FY3moABEzCIgavIqsRXUsSv3kFEfZavkAMTBa7aj0uU= Subject key identifier: A2:8B:55:CA:EF:02:7A:CB:0A:9B:A3:B3:B3:BD:F1:62:F7:E8:C6:AB Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Certificate serial: 0AB3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft Manifest number: 0A0C Signing time: Thu 24 Apr 2025 19:57:28 +0000 Manifest this update: Thu 24 Apr 2025 19:57:27 +0000 Manifest next update: Thu 01 May 2025 19:57:27 +0000 Files and hashes: 1: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl (hash: TI19c7ep/u56oFKGhg7rZBwa8qbm2cmYf+mETHov/hA=) 2: C3E2252E205F11EE8117111CC4F9AE02.roa (hash: b89a9XRc4AM1AMlF52w1xwkFcE20RCssOx3I+fNCh44=) 3: 8626FFC65AE511EBA452D33EC4F9AE02.roa (hash: p+jw9LTgVlA4Fas32lm4S+s3Nf7H/SOUto4eg7ZR3k4=) 4: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (hash: 544CGw77adzKZSVB6a/EsmcNRdkcJyyJICXTpEPCpPk=) 5: 84023C06D24611EABDDF5344C4F9AE02.roa (hash: 1tQbOZGCpdjO+Y55KBqDyrU6PI7sCOp/TxXvN4NzOO0=) 6: 553170245AC511EBA052F663C4F9AE02.roa (hash: zZIIEfeakO+43e0JDOBIzAkL5O9TeO1Bv2dEETveidg=) 7: 61EFB2ACAC3611EDA5995F3FC4F9AE02.roa (hash: 4F/pO+DMZTaTanjCd4dRpqI6rwchzZD2B/zrGpX4dy4=) 8: DCF88EAE5ED811EBAB677671C4F9AE02.roa (hash: +xAAC0Q1keCic3iZwKSmyffjMCHYPPvNkq4JH4+m/zo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:57:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2739 (0xab3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Validity Not Before: Apr 24 19:57:27 2025 GMT Not After : May 1 19:57:27 2025 GMT Subject: CN=680a97a8-e703 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:fb:e4:f9:76:74:3f:d1:29:3f:7e:ad:5f:f9: 46:50:04:e9:fc:55:42:65:a1:10:6a:ab:80:52:97: 22:a4:b0:17:e6:b4:b9:b7:8e:89:14:6c:ae:7c:85: d1:a8:01:5e:5b:0e:9c:95:9f:b7:f9:5a:ae:58:75: 1f:f7:03:a4:19:c7:4c:ca:55:c6:ab:a3:8d:90:4a: b4:c3:1c:83:f8:99:38:02:ef:9f:91:95:a6:0a:7b: 04:0b:4c:fd:58:b6:a2:04:37:68:9b:c8:a8:ed:f0: 86:44:31:13:b3:25:4e:a0:f3:d3:79:df:09:66:53: 2f:ec:1e:5c:7a:27:71:20:64:f3:ae:ec:bc:67:ef: 76:79:a5:78:79:77:98:09:62:c6:d3:50:5b:a5:d0: 05:14:ee:43:5b:dd:dd:3a:82:4f:31:13:94:62:64: 44:1b:66:a8:ee:35:96:8f:8f:81:95:bf:a3:1f:2d: 0b:0c:b5:56:f9:77:a1:56:37:b4:c7:03:05:9c:bf: ae:c6:e1:e0:48:5d:9d:80:da:a0:fe:c1:9e:ab:5c: 50:ae:da:2a:7a:33:6b:1a:24:34:dd:74:42:f4:cf: fa:83:12:cd:db:c7:ee:eb:9f:ae:a7:47:ff:03:78: 19:d8:04:69:1f:1b:43:f9:1f:b5:54:65:a6:8a:8d: 80:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:8B:55:CA:EF:02:7A:CB:0A:9B:A3:B3:B3:BD:F1:62:F7:E8:C6:AB X509v3 Authority Key Identifier: keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:3b:88:ca:70:3f:ee:f5:61:86:b9:7e:a0:59:5c:6d:fb:fa: bc:b7:32:32:1e:47:8e:f3:a4:f6:65:dd:b1:fa:49:ba:7a:7e: 26:90:ca:98:5c:a6:94:34:31:6d:c4:22:e6:58:cc:38:f4:d2: 0b:0d:97:ba:70:b4:3e:d3:bc:53:16:6e:0f:b2:d8:66:8f:34: ce:83:e1:56:08:38:35:72:e1:7b:d5:f8:40:c1:5c:c1:6d:fc: 61:49:23:3c:f8:9b:e0:a9:a7:0e:68:d0:4c:66:4b:65:ee:6b: 7d:3a:94:23:8c:e2:f5:4f:f2:e3:6b:55:0f:36:1e:1c:4d:4e: e7:41:2c:32:03:3f:e0:1f:83:c2:ad:2f:f4:21:bf:c7:e1:92: cb:98:df:3b:92:cb:73:7b:57:59:49:8a:2d:52:3c:7f:8a:85: 3d:d2:82:46:4d:4a:37:32:16:9e:72:e2:ee:7d:ec:be:f7:be: 41:82:94:26:d5:c0:8e:4a:08:76:96:ed:08:74:52:1e:59:11: 20:45:76:15:2a:83:61:46:14:f4:0f:76:13:44:9c:83:30:e3: 76:4b:c2:59:be:79:68:97:dc:20:a9:78:12:ab:a3:d6:dd:68: 5b:73:7e:62:1e:fc:af:fa:7d:4f:c0:ec:97:eb:7c:1d:d0:b6: 7d:88:90:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE NTQ0QTYyQTYwHhcNMjUwNDI0MTk1NzI3WhcNMjUwNTAxMTk1NzI3WjAYMRYwFAYD VQQDEw02ODBhOTdhOC1lNzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnPvk+XZ0P9EpP36tX/lGUATp/FVCZaEQaquAUpcipLAX5rS5t46JFGyufIXR qAFeWw6clZ+3+VquWHUf9wOkGcdMylXGq6ONkEq0wxyD+Jk4Au+fkZWmCnsEC0z9 WLaiBDdom8io7fCGRDETsyVOoPPTed8JZlMv7B5ceidxIGTzruy8Z+92eaV4eXeY CWLG01BbpdAFFO5DW93dOoJPMROUYmREG2ao7jWWj4+Blb+jHy0LDLVW+XehVje0 xwMFnL+uxuHgSF2dgNqg/sGeq1xQrtoqejNrGiQ03XRC9M/6gxLN28fu65+up0f/ A3gZ2ARpHxtD+R+1VGWmio2AjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKKLVcrv AnrLCpujs7O98WL36MarMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1 MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NjQ3Qy80MzdDQzQwNjg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhL ZEJ4cUpKM0FGYWJWUktZcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJO4jKcD/u9WGGuX6gWVxt+/q8tzIyHkeO86T2Zd2x+km6en4mkMqY XKaUNDFtxCLmWMw49NILDZe6cLQ+07xTFm4PsthmjzTOg+FWCDg1cuF71fhAwVzB bfxhSSM8+JvgqacOaNBMZktl7mt9OpQjjOL1T/Lja1UPNh4cTU7nQSwyAz/gH4PC rS/0Ib/H4ZLLmN87kstze1dZSYotUjx/ioU90oJGTUo3MhaecuLufey+975BgpQm 1cCOSgh2lu0IdFIeWREgRXYVKoNhRhT0D3YTRJyDMON2S8JZvnlol9wgqXgSq6PW 3Whbc35iHvyv+n1PwOyX63wd0LZ9iJCB -----END CERTIFICATE-----Generated at Sat Apr 26 15:09:40 2025 by rpki-client