$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft File: QNg3fKpabquREz6WLv9-IbURPbk.mft (raw, json) Hash identifier: xZcuXdeASUerR2Dh/xVBmyMeZKyTr2ks4tvTbFrM38I= Subject key identifier: 37:13:3E:10:3C:87:C0:8E:90:9A:BE:E1:39:23:A7:D8:42:B4:4C:CC Authority key identifier: 40:D8:37:7C:AA:5A:6E:AB:91:13:3E:96:2E:FF:7E:21:B5:11:3D:B9 Certificate issuer: /CN=A9145D4C/serialNumber=40D8377CAA5A6EAB91133E962EFF7E21B5113DB9 Certificate serial: 021A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft Manifest number: 0212 Signing time: Fri 25 Apr 2025 01:46:51 +0000 Manifest this update: Fri 25 Apr 2025 01:46:50 +0000 Manifest next update: Fri 02 May 2025 01:46:50 +0000 Files and hashes: 1: QNg3fKpabquREz6WLv9-IbURPbk.crl (hash: JWSX+HKG7/jrMhpW2kYPec7wL9GJ57EsKyEhulTl7Kg=) 2: 5E24BEAADA7C11ED8156D867C4F9AE02.roa (hash: ktK9vCE7vIpwa3GinrPFia6DHxl96KzteCFThN1eca8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.crl rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:46:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 538 (0x21a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D4C, serialNumber=40D8377CAA5A6EAB91133E962EFF7E21B5113DB9 Validity Not Before: Apr 25 01:46:50 2025 GMT Not After : May 2 01:46:50 2025 GMT Subject: CN=680ae98b-0d58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ca:fb:07:03:dc:03:70:a0:4c:ac:dc:b6:50: 1c:e5:d2:ab:8c:23:af:87:b0:ff:d9:bb:e8:50:5b: 53:cc:86:76:f8:e4:98:37:49:45:47:19:3c:7b:57: 96:e0:5a:99:df:04:89:47:a2:0f:05:7c:69:8b:97: ad:ec:ae:71:3b:c8:7f:ee:42:ad:28:44:34:00:ce: d0:26:7f:6b:b0:fc:66:c8:21:60:ef:ef:ba:98:5c: c9:74:70:b7:28:76:c4:f5:9e:d6:e4:4b:31:94:a1: f1:09:51:d3:15:1f:d5:b5:94:45:52:8e:ad:ff:b3: 0b:8a:bb:9f:f6:63:7d:97:db:ef:01:a4:c9:19:f5: ff:79:e7:6f:1a:39:b1:26:c7:e8:85:61:88:e3:bb: 37:4b:18:4e:87:1e:6b:28:49:da:4a:4f:22:91:29: 47:c1:97:d4:3a:e0:04:d8:96:bd:7c:0b:01:67:4f: 80:71:04:f9:14:8e:c8:af:86:6c:10:fe:af:67:8d: 64:eb:f1:b8:1b:71:9e:12:03:93:51:3d:8f:15:24: 0d:de:b6:4b:3f:99:0e:ac:d7:65:f1:91:03:ef:a6: 56:a3:63:98:c3:42:18:92:1d:28:fe:39:be:6d:68: 45:55:10:d8:08:3f:78:da:9b:4f:e5:1f:7e:83:f7: a3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:13:3E:10:3C:87:C0:8E:90:9A:BE:E1:39:23:A7:D8:42:B4:4C:CC X509v3 Authority Key Identifier: keyid:40:D8:37:7C:AA:5A:6E:AB:91:13:3E:96:2E:FF:7E:21:B5:11:3D:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNg3fKpabquREz6WLv9-IbURPbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D4C/F422FD12325811EDBD16D624C4F9AE02/QNg3fKpabquREz6WLv9-IbURPbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:7a:4f:c9:9b:a8:72:58:9f:ad:37:7d:ec:2c:fb:9a:f7:a0: f5:e9:52:c8:86:8f:94:ec:49:c0:fd:8d:31:6c:23:c8:31:55: 0c:49:8e:7d:19:f6:6c:d7:39:48:49:28:c5:7e:29:a6:1e:78: e1:bb:8c:d9:29:28:0f:95:07:ab:49:90:99:a2:37:c9:27:14: 80:8c:6c:2d:fc:e7:e9:7b:21:fb:b5:bd:d5:fd:85:e5:3c:dd: 4e:e8:4c:4e:37:ff:4c:ca:1e:eb:15:cb:f3:7e:50:bc:b9:d8: da:32:c0:f6:60:ec:fa:e8:ad:33:01:66:f0:26:9c:4d:33:36: b2:37:84:96:bd:86:ee:fc:4f:6d:6f:e2:b2:46:48:f3:71:26: 4c:56:ed:da:a6:9a:cd:bc:cc:f7:98:28:9f:71:bf:a3:37:e1: 43:4f:06:db:23:18:82:04:a9:42:74:73:61:d2:2d:18:8a:fe: 10:eb:99:51:bb:59:2b:e9:aa:5e:e7:56:d6:88:35:57:0d:1c: e8:c4:e1:a3:06:63:a3:c7:b4:9e:5d:9c:6a:51:bb:2f:da:10: 28:c3:d5:5a:44:59:e5:e9:d4:16:c2:23:df:e4:c0:dd:ca:92: ae:f2:e6:57:64:0c:e9:ff:6a:68:df:59:6c:07:44:c6:ee:7f: 77:b8:a6:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVENEMxMTAvBgNVBAUTKDQwRDgzNzdDQUE1QTZFQUI5MTEzM0U5NjJFRkY3RTIx QjUxMTNEQjkwHhcNMjUwNDI1MDE0NjUwWhcNMjUwNTAyMDE0NjUwWjAYMRYwFAYD VQQDEw02ODBhZTk4Yi0wZDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx8r7BwPcA3CgTKzctlAc5dKrjCOvh7D/2bvoUFtTzIZ2+OSYN0lFRxk8e1eW 4FqZ3wSJR6IPBXxpi5et7K5xO8h/7kKtKEQ0AM7QJn9rsPxmyCFg7++6mFzJdHC3 KHbE9Z7W5EsxlKHxCVHTFR/VtZRFUo6t/7MLiruf9mN9l9vvAaTJGfX/eedvGjmx JsfohWGI47s3SxhOhx5rKEnaSk8ikSlHwZfUOuAE2Ja9fAsBZ0+AcQT5FI7Ir4Zs EP6vZ41k6/G4G3GeEgOTUT2PFSQN3rZLP5kOrNdl8ZED76ZWo2OYw0IYkh0o/jm+ bWhFVRDYCD942ptP5R9+g/ejPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDcTPhA8 h8COkJq+4Tkjp9hCtEzMMB8GA1UdIwQYMBaAFEDYN3yqWm6rkRM+li7/fiG1ET25 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQ0Qy9GNDIyRkQxMjMy NTgxMUVEQkQxNkQ2MjRDNEY5QUUwMi9RTmczZktwYWJxdVJFejZXTHY5LUliVVJQ YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOZzNmS3BhYnF1UkV6NldMdjktSWJVUlBiay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NUQ0Qy9GNDIyRkQxMjMyNTgxMUVEQkQxNkQ2MjRDNEY5QUUwMi9RTmczZktwYWJx dVJFejZXTHY5LUliVVJQYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDek/Jm6hyWJ+tN33sLPua96D16VLIho+U7EnA/Y0xbCPIMVUMSY59 GfZs1zlISSjFfimmHnjhu4zZKSgPlQerSZCZojfJJxSAjGwt/OfpeyH7tb3V/YXl PN1O6ExON/9Myh7rFcvzflC8udjaMsD2YOz66K0zAWbwJpxNMzayN4SWvYbu/E9t b+KyRkjzcSZMVu3apprNvMz3mCifcb+jN+FDTwbbIxiCBKlCdHNh0i0Yiv4Q65lR u1kr6ape51bWiDVXDRzoxOGjBmOjx7SeXZxqUbsv2hAow9VaRFnl6dQWwiPf5MDd ypKu8uZXZAzp/2po31lsB0TG7n93uKZA -----END CERTIFICATE-----Generated at Sat Apr 26 03:56:43 2025 by rpki-client