$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft File: QNg3fKpabquREz6WLv9-IbURPbk.mft (raw, json) Hash identifier: fDceVYHClEs07vEDg24/MMDxuMMevtsTGrPwXPp9gGQ= Subject key identifier: F2:F6:9B:8C:CD:43:D2:8D:9A:49:BD:0D:2B:04:4A:79:E9:A8:CC:95 Authority key identifier: 40:D8:37:7C:AA:5A:6E:AB:91:13:3E:96:2E:FF:7E:21:B5:11:3D:B9 Certificate issuer: /CN=A9145D4C/serialNumber=40D8377CAA5A6EAB91133E962EFF7E21B5113DB9 Certificate serial: 0233 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft Manifest number: 022B Signing time: Sun 15 Jun 2025 01:37:29 +0000 Manifest this update: Sun 15 Jun 2025 01:37:28 +0000 Manifest next update: Sun 22 Jun 2025 01:37:28 +0000 Files and hashes: 1: QNg3fKpabquREz6WLv9-IbURPbk.crl (hash: zmXOCNCe36vM3HwIO1lTTBp26xlRXvkyIGy0bmWcvBE=) 2: 5E24BEAADA7C11ED8156D867C4F9AE02.roa (hash: ktK9vCE7vIpwa3GinrPFia6DHxl96KzteCFThN1eca8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.crl rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 01:37:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 563 (0x233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D4C, serialNumber=40D8377CAA5A6EAB91133E962EFF7E21B5113DB9 Validity Not Before: Jun 15 01:37:28 2025 GMT Not After : Jun 22 01:37:28 2025 GMT Subject: CN=684e23d8-9903 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d2:25:9f:33:fe:05:78:53:72:b7:72:74:39: eb:f3:d8:a0:7b:7c:5a:b3:77:e6:a6:b9:05:99:f3: 58:95:27:8d:41:33:54:c4:1a:89:ff:c3:1d:3c:cd: e2:6f:7b:77:c5:1f:50:27:bc:06:d6:d8:79:72:4f: 89:2d:a4:58:a4:37:22:dc:d6:85:03:b6:b0:3e:9e: e4:6b:a0:03:40:bd:e9:28:79:ea:a7:05:43:90:82: 31:13:b0:36:08:17:41:5e:07:22:ea:bb:a1:e3:37: e2:6a:2c:19:68:ba:0f:24:3c:c7:ee:76:88:88:d4: 1e:be:02:3a:8f:12:98:7b:4b:89:40:69:71:d2:2e: 8c:d9:7b:36:6a:a4:fd:03:52:79:36:26:f6:55:e7: c2:20:97:42:3a:42:7d:40:50:ab:50:cb:5b:0a:78: 68:5c:b7:d2:47:7c:81:8c:26:c9:3a:dd:24:be:8f: d5:f5:f3:33:fe:cf:73:a4:55:4b:6a:b6:77:91:9c: 3d:40:5a:37:3e:4e:f0:9c:62:31:ad:44:69:84:72: 4b:07:cf:b5:f9:2d:e5:9e:23:e7:a3:e2:00:7f:62: dc:f4:7b:fd:c4:6f:81:85:9c:03:9e:c4:a5:b1:cc: f7:3e:0d:ce:8a:27:21:f9:4f:b6:89:8b:f5:1c:9a: d3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:F6:9B:8C:CD:43:D2:8D:9A:49:BD:0D:2B:04:4A:79:E9:A8:CC:95 X509v3 Authority Key Identifier: keyid:40:D8:37:7C:AA:5A:6E:AB:91:13:3E:96:2E:FF:7E:21:B5:11:3D:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:3e:26:3b:68:e2:34:4b:7e:f4:c4:8c:fd:f4:7a:d0:f6:42: 5d:61:cf:3f:04:69:9c:a5:f4:8f:51:62:4d:16:28:d7:f6:ff: 5f:58:b2:94:cf:45:94:89:52:71:bc:32:81:b4:82:c2:d4:fe: 56:d1:b0:04:95:2f:92:f6:f9:3e:92:60:5c:2f:ec:3e:61:c7: ef:a2:c0:f1:a4:54:3f:fe:73:cc:d6:90:84:ea:bc:6b:61:a5: 8d:3f:4d:34:02:48:c2:3d:e5:51:97:68:db:8d:51:ad:fe:53: e6:25:8d:dd:0a:ab:0d:a8:4d:32:f6:c7:a4:5a:6e:2e:fe:5b: b9:d9:f1:a1:c3:e3:b6:0d:1d:bc:5b:22:f3:84:2a:20:16:a4: ab:e4:9b:75:8a:82:52:8c:db:8e:68:29:8e:4b:0f:0d:ae:2b: 92:9f:05:c9:c5:65:8f:70:06:17:bb:a8:da:ec:33:8d:aa:0b: 74:31:b0:61:48:0c:3a:b4:60:88:8b:e9:6b:a8:f9:97:6d:94: d3:4c:97:87:7d:a4:5e:9a:71:d0:2f:82:4e:00:da:a8:d1:5f: c5:07:3b:cb:7c:39:a6:30:3c:8f:e0:d5:7d:0a:fc:50:0a:e8: 56:2b:2d:fd:78:04:4b:d2:a4:55:6a:2c:64:0c:ab:5c:54:4e: f3:48:ac:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVENEMxMTAvBgNVBAUTKDQwRDgzNzdDQUE1QTZFQUI5MTEzM0U5NjJFRkY3RTIx QjUxMTNEQjkwHhcNMjUwNjE1MDEzNzI4WhcNMjUwNjIyMDEzNzI4WjAYMRYwFAYD VQQDEw02ODRlMjNkOC05OTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9IlnzP+BXhTcrdydDnr89ige3xas3fmprkFmfNYlSeNQTNUxBqJ/8MdPM3i b3t3xR9QJ7wG1th5ck+JLaRYpDci3NaFA7awPp7ka6ADQL3pKHnqpwVDkIIxE7A2 CBdBXgci6ruh4zfiaiwZaLoPJDzH7naIiNQevgI6jxKYe0uJQGlx0i6M2Xs2aqT9 A1J5Nib2VefCIJdCOkJ9QFCrUMtbCnhoXLfSR3yBjCbJOt0kvo/V9fMz/s9zpFVL arZ3kZw9QFo3Pk7wnGIxrURphHJLB8+1+S3lniPno+IAf2Lc9Hv9xG+BhZwDnsSl scz3Pg3Oiich+U+2iYv1HJrT9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPL2m4zN Q9KNmkm9DSsESnnpqMyVMB8GA1UdIwQYMBaAFEDYN3yqWm6rkRM+li7/fiG1ET25 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQ0Qy9GNDIyRkQxMjMy NTgxMUVEQkQxNkQ2MjRDNEY5QUUwMi9RTmczZktwYWJxdVJFejZXTHY5LUliVVJQ YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOZzNmS3BhYnF1UkV6NldMdjktSWJVUlBiay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NUQ0Qy9GNDIyRkQxMjMyNTgxMUVEQkQxNkQ2MjRDNEY5QUUwMi9RTmczZktwYWJx dVJFejZXTHY5LUliVVJQYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOPiY7aOI0S370xIz99HrQ9kJdYc8/BGmcpfSPUWJNFijX9v9fWLKU z0WUiVJxvDKBtILC1P5W0bAElS+S9vk+kmBcL+w+YcfvosDxpFQ//nPM1pCE6rxr YaWNP000AkjCPeVRl2jbjVGt/lPmJY3dCqsNqE0y9sekWm4u/lu52fGhw+O2DR28 WyLzhCogFqSr5Jt1ioJSjNuOaCmOSw8NriuSnwXJxWWPcAYXu6ja7DONqgt0MbBh SAw6tGCIi+lrqPmXbZTTTJeHfaRemnHQL4JOANqo0V/FBzvLfDmmMDyP4NV9CvxQ CuhWKy39eARL0qRVaixkDKtcVE7zSKxW -----END CERTIFICATE-----Generated at Sun Jun 15 09:32:54 2025 by rpki-client