$ rpki-client -vvf rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft File: qafXPj7Y1cRm3LxsIJzUNTzemM8.mft (raw, json) Hash identifier: 5UD08f0iXojDkBZ3+9DFr3i4lXh5fjxsDYPi1IJL1MU= Subject key identifier: 0E:C1:8F:D5:A4:69:43:4D:CA:63:A6:E6:3B:7C:54:39:35:E5:08:38 Authority key identifier: A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF Certificate issuer: /CN=A9143FC4/serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Certificate serial: 3432 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft Manifest number: 3432 Signing time: Thu 24 Apr 2025 15:20:22 +0000 Manifest this update: Thu 24 Apr 2025 15:20:22 +0000 Manifest next update: Thu 01 May 2025 15:20:22 +0000 Files and hashes: 1: qafXPj7Y1cRm3LxsIJzUNTzemM8.crl (hash: zfMn8UOK6BPI9aSZ2ScyOZo4FsSc2fq+OYKabC25I08=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13362 (0x3432) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143FC4, serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Validity Not Before: Apr 24 15:20:22 2025 GMT Not After : May 1 15:20:22 2025 GMT Subject: CN=680a56b6-e9f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:41:14:14:bf:ff:7f:77:73:84:5a:06:32:85: ac:a4:22:c2:d1:4d:87:dc:89:6b:7b:e6:ba:6e:15: cd:17:72:19:21:ec:86:26:03:5e:3c:e4:ff:e5:9d: 1c:0a:5d:c7:df:38:7c:6b:71:b0:c2:f4:f6:9d:00: dc:08:bd:0b:87:55:01:55:8c:51:fc:aa:b4:a6:5a: f4:59:4f:c2:4a:5f:df:47:11:21:72:b7:6c:bc:03: c3:dd:96:b6:55:6a:6c:b2:51:09:b3:90:03:53:15: 7d:69:a9:ce:8a:fa:87:5a:4e:f5:87:c1:39:c6:2e: 71:0c:c1:fd:28:49:76:93:9d:07:c8:fe:80:74:6b: de:25:cd:1a:c6:a3:f0:5e:d6:52:bd:c9:81:a4:c4: d5:f4:f1:9e:db:b6:75:73:be:fa:83:5e:81:eb:95: 42:50:cc:96:9f:75:48:f3:13:ce:aa:17:37:f9:c0: 94:df:06:7b:ab:5a:9b:a3:99:b2:63:b5:5c:66:bb: 15:32:bb:e7:2d:be:dd:b4:45:87:76:46:c3:4d:dc: 95:55:14:5b:bb:5e:48:6b:65:64:8d:39:c8:be:10: 2b:fc:71:63:8a:59:3e:86:02:fa:d9:9e:f2:15:7d: d3:80:a6:b3:39:5e:25:aa:58:9c:d1:f6:88:25:33: a0:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:C1:8F:D5:A4:69:43:4D:CA:63:A6:E6:3B:7C:54:39:35:E5:08:38 X509v3 Authority Key Identifier: keyid:A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:04:7f:0b:5a:cd:1d:fc:64:a6:5e:d9:23:98:3c:92:3b:95: 8c:73:b0:1c:5b:f7:75:09:6b:1e:85:cf:89:93:46:56:c7:2d: c3:49:36:05:60:c9:31:b2:fd:11:fe:d3:5b:b4:be:62:09:64: 5f:fe:7c:4f:c3:d2:14:73:78:23:bf:fc:a9:26:97:7c:3b:5d: 00:3c:00:42:06:26:c5:13:15:90:46:f9:cd:72:98:b3:ac:6f: e1:93:81:02:12:28:22:7d:fa:77:8a:04:a0:2b:1a:97:9b:54: c3:2b:8d:c1:ef:5b:24:c0:55:1b:74:6c:2c:00:aa:25:bb:62: a7:dc:2d:14:ca:63:96:7e:57:e7:6e:1f:f4:bb:68:38:c0:e3: a4:ce:f6:8d:90:2e:fd:18:4e:5d:d5:56:ba:f3:5e:5d:3f:e1: 9a:04:86:7e:c0:c8:e6:f0:d1:af:64:97:24:d0:34:7c:90:58: 3b:b4:aa:66:f0:63:06:7c:55:f9:1b:68:b1:e2:fb:2d:db:24: 74:ff:3c:57:8c:ef:08:a1:e3:ea:c8:ca:8f:62:2d:00:a7:0e: 60:b7:a5:38:e6:b8:b2:7c:88:85:46:5b:5e:61:fb:3c:5c:81: b2:ed:c0:8c:0f:b7:11:4d:da:e6:08:d6:7c:ba:e4:6e:81:0c: b6:06:16:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNGQzQxMTAvBgNVBAUTKEE5QTdENzNFM0VEOEQ1QzQ2NkRDQkM2QzIwOUNENDM1 M0NERTk4Q0YwHhcNMjUwNDI0MTUyMDIyWhcNMjUwNTAxMTUyMDIyWjAYMRYwFAYD VQQDEw02ODBhNTZiNi1lOWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA20EUFL//f3dzhFoGMoWspCLC0U2H3Ilre+a6bhXNF3IZIeyGJgNePOT/5Z0c Cl3H3zh8a3GwwvT2nQDcCL0Lh1UBVYxR/Kq0plr0WU/CSl/fRxEhcrdsvAPD3Za2 VWpsslEJs5ADUxV9aanOivqHWk71h8E5xi5xDMH9KEl2k50HyP6AdGveJc0axqPw XtZSvcmBpMTV9PGe27Z1c776g16B65VCUMyWn3VI8xPOqhc3+cCU3wZ7q1qbo5my Y7VcZrsVMrvnLb7dtEWHdkbDTdyVVRRbu15Ia2VkjTnIvhAr/HFjilk+hgL62Z7y FX3TgKazOV4lqlic0faIJTOgzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA7Bj9Wk aUNNymOm5jt8VDk15Qg4MB8GA1UdIwQYMBaAFKmn1z4+2NXEZty8bCCc1DU83pjP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0ZDNC9CMTY1QTNBODI5 NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFjUm0zTHhzSUp6VU5UemVt TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FhZlhQajdZMWNSbTNMeHNJSnpVTlR6ZW1NOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0ZDNC9CMTY1QTNBODI5NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFj Um0zTHhzSUp6VU5UemVtTTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbBH8LWs0d/GSmXtkjmDySO5WMc7AcW/d1CWsehc+Jk0ZWxy3DSTYF YMkxsv0R/tNbtL5iCWRf/nxPw9IUc3gjv/ypJpd8O10APABCBibFExWQRvnNcpiz rG/hk4ECEigiffp3igSgKxqXm1TDK43B71skwFUbdGwsAKolu2Kn3C0UymOWflfn bh/0u2g4wOOkzvaNkC79GE5d1Va6815dP+GaBIZ+wMjm8NGvZJck0DR8kFg7tKpm 8GMGfFX5G2ix4vst2yR0/zxXjO8IoePqyMqPYi0Apw5gt6U45riyfIiFRlteYfs8 XIGy7cCMD7cRTdrmCNZ8uuRugQy2BhbZ -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:47 2025 by rpki-client