$ rpki-client -vvf rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft File: qJaxcL8NiHI_NsesIIeFSqKEvXE.mft (raw, json) Hash identifier: HFZwSrZDAYZbAXJ3JcUgtSVm/mSd06QwbHQ2sxcQgfA= Subject key identifier: 9F:35:0C:34:8E:FE:37:22:CF:26:5F:77:40:FF:F6:82:01:63:85:63 Authority key identifier: A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 Certificate issuer: /CN=A913DF3B/serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Certificate serial: 053A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft Manifest number: 0535 Signing time: Thu 24 Apr 2025 23:15:41 +0000 Manifest this update: Thu 24 Apr 2025 23:15:40 +0000 Manifest next update: Thu 01 May 2025 23:15:40 +0000 Files and hashes: 1: qJaxcL8NiHI_NsesIIeFSqKEvXE.crl (hash: ltx0eOLWn9x6SuXY3xHCU38TCyaC4jwKHzwmD+mqF6U=) 2: 8D7E9B7EF03D11EB804DF61FC4F9AE02.roa (hash: K0g8xWII4g0z2vzjoBYClHiJj2EJk6kk9zBp36ie6T4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1338 (0x53a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913DF3B, serialNumber=A896B170BF0D88723F36C7AC2087854AA284BD71 Validity Not Before: Apr 24 23:15:40 2025 GMT Not After : May 1 23:15:40 2025 GMT Subject: CN=680ac61d-d8e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e5:e2:24:25:0c:81:cc:b5:39:98:a9:3f:7c: 7b:19:bb:86:d6:c0:93:d2:70:67:3e:9f:97:01:c6: 37:38:6e:da:62:06:11:d3:e1:e1:4f:0e:8b:be:77: 0f:a6:0a:38:73:96:6a:3f:b0:af:ea:a8:26:88:7d: cd:b9:ce:10:da:d2:f7:cb:73:08:61:ec:26:d5:7a: 24:56:f5:2c:44:22:a7:ae:66:b2:68:b1:46:74:35: 45:be:c0:25:8b:f3:36:88:08:aa:81:4f:51:79:ee: 49:7e:4c:ab:d9:78:51:ec:11:75:7a:8f:de:a9:7d: 3a:b3:c3:35:7e:17:d1:b2:48:df:be:f7:d4:83:ce: 6e:c9:80:b7:18:c7:9e:63:7c:a8:84:d7:c9:5d:3f: 9a:4a:3b:d8:84:ff:75:bd:fd:c7:c0:d3:8f:70:1c: ac:b7:3f:53:b8:e4:dd:70:a2:33:7e:33:5b:d3:8a: 21:a7:2f:75:cc:fe:34:e0:0d:3e:55:1b:81:f5:ca: 87:c2:a5:86:18:3b:35:c6:7e:b0:7d:62:5a:26:b5: 53:c2:d6:47:53:82:af:a6:ac:30:aa:ef:79:a0:dd: 3e:ec:f1:e2:00:3c:02:c8:c5:a3:00:6c:04:73:6e: 87:6b:da:11:a7:b9:af:2e:9d:0e:6f:cf:29:d5:ed: b7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:35:0C:34:8E:FE:37:22:CF:26:5F:77:40:FF:F6:82:01:63:85:63 X509v3 Authority Key Identifier: keyid:A8:96:B1:70:BF:0D:88:72:3F:36:C7:AC:20:87:85:4A:A2:84:BD:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJaxcL8NiHI_NsesIIeFSqKEvXE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DF3B/CDBA812EF03A11EB8D30E058C4F9AE02/qJaxcL8NiHI_NsesIIeFSqKEvXE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:82:43:33:99:be:00:ad:e3:97:51:ce:3e:71:a0:0e:ae:2f: dd:be:c3:f3:c2:0f:01:1c:80:9d:8e:34:f4:37:2f:fc:41:f0: 47:c1:5a:28:6c:b6:1f:55:04:11:a1:64:d0:2c:5d:97:97:b9: 63:1a:a7:b7:1d:f3:37:ba:54:04:62:1d:8a:61:c3:87:61:bb: 4d:da:ee:38:f2:e6:67:b2:e6:f8:49:f1:2b:f0:1a:bc:76:4d: 4d:ce:0d:e0:a9:16:fd:56:09:69:69:5b:dc:4f:2e:e3:1a:81: 2e:c6:e2:9d:ec:8a:1e:7a:48:5c:29:e5:dd:18:c6:6e:d7:d1: fd:13:36:3d:be:59:99:ec:b5:3e:cf:cb:5e:c3:bf:18:ec:62: 64:62:25:11:f0:ab:94:f2:ec:b8:73:c4:75:aa:39:de:e4:b3: 62:5f:e3:46:26:94:50:e6:a8:55:2e:5e:0d:30:fb:b8:ec:70: 88:6a:69:40:ae:ca:93:c0:c7:33:06:98:4e:0d:f6:7d:41:d0: 90:ca:f4:79:b7:11:97:25:c2:9f:20:0a:f0:88:a7:1e:a8:31: 73:31:d1:d8:42:73:30:64:72:5d:2a:65:b0:10:fe:28:93:85: 9c:cb:60:3c:68:07:3a:f3:23:1b:f4:a1:10:0c:e3:72:75:7b: eb:b3:44:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0RGM0IxMTAvBgNVBAUTKEE4OTZCMTcwQkYwRDg4NzIzRjM2QzdBQzIwODc4NTRB QTI4NEJENzEwHhcNMjUwNDI0MjMxNTQwWhcNMjUwNTAxMjMxNTQwWjAYMRYwFAYD VQQDEw02ODBhYzYxZC1kOGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOXiJCUMgcy1OZipP3x7GbuG1sCT0nBnPp+XAcY3OG7aYgYR0+HhTw6LvncP pgo4c5ZqP7Cv6qgmiH3Nuc4Q2tL3y3MIYewm1XokVvUsRCKnrmayaLFGdDVFvsAl i/M2iAiqgU9Ree5Jfkyr2XhR7BF1eo/eqX06s8M1fhfRskjfvvfUg85uyYC3GMee Y3yohNfJXT+aSjvYhP91vf3HwNOPcBystz9TuOTdcKIzfjNb04ohpy91zP404A0+ VRuB9cqHwqWGGDs1xn6wfWJaJrVTwtZHU4Kvpqwwqu95oN0+7PHiADwCyMWjAGwE c26Ha9oRp7mvLp0Ob88p1e235wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ81DDSO /jcizyZfd0D/9oIBY4VjMB8GA1UdIwQYMBaAFKiWsXC/DYhyPzbHrCCHhUqihL1x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREYzQi9DREJBODEyRUYw M0ExMUVCOEQzMEUwNThDNEY5QUUwMi9xSmF4Y0w4TmlISV9Oc2VzSUllRlNxS0V2 WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FKYXhjTDhOaUhJX05zZXNJSWVGU3FLRXZYRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz REYzQi9DREJBODEyRUYwM0ExMUVCOEQzMEUwNThDNEY5QUUwMi9xSmF4Y0w4TmlI SV9Oc2VzSUllRlNxS0V2WEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNgkMzmb4AreOXUc4+caAOri/dvsPzwg8BHICdjjT0Ny/8QfBHwVoo bLYfVQQRoWTQLF2Xl7ljGqe3HfM3ulQEYh2KYcOHYbtN2u448uZnsub4SfEr8Bq8 dk1Nzg3gqRb9VglpaVvcTy7jGoEuxuKd7IoeekhcKeXdGMZu19H9EzY9vlmZ7LU+ z8tew78Y7GJkYiUR8KuU8uy4c8R1qjne5LNiX+NGJpRQ5qhVLl4NMPu47HCIamlA rsqTwMczBphODfZ9QdCQyvR5txGXJcKfIArwiKceqDFzMdHYQnMwZHJdKmWwEP4o k4Wcy2A8aAc68yMb9KEQDONydXvrs0Si -----END CERTIFICATE-----Generated at Sat Apr 26 12:59:22 2025 by rpki-client