$ rpki-client -vvf rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft File: QELW5jee2AQkizYN7Zhe9_VlIBE.mft (raw, json) Hash identifier: 6/fsoHfRIu7tQhK/tPeFoGzsVKT/cMy8btZ+nEbIpYg= Subject key identifier: 2B:05:2D:54:8C:F1:BB:E7:D8:5C:D5:63:50:6B:AD:5F:56:DC:01:39 Authority key identifier: 40:42:D6:E6:37:9E:D8:04:24:8B:36:0D:ED:98:5E:F7:F5:65:20:11 Certificate issuer: /CN=A9148465/serialNumber=4042D6E6379ED804248B360DED985EF7F5652011 Certificate serial: 0224 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft Manifest number: 0221 Signing time: Fri 25 Apr 2025 01:44:19 +0000 Manifest this update: Fri 25 Apr 2025 01:44:18 +0000 Manifest next update: Fri 02 May 2025 01:44:18 +0000 Files and hashes: 1: QELW5jee2AQkizYN7Zhe9_VlIBE.crl (hash: o4O44z4D9tz4IuLoGdGL9HHdCTilG6E+DOzyWsCouRA=) 2: 7777513828C011EDBEC6D287C4F9AE02.roa (hash: h0fnCGAOQUeiPHljhB1IRW0HYQzSPeOqHRhSNrIf9GY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.crl rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:44:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 548 (0x224) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148465, serialNumber=4042D6E6379ED804248B360DED985EF7F5652011 Validity Not Before: Apr 25 01:44:18 2025 GMT Not After : May 2 01:44:18 2025 GMT Subject: CN=680ae8f3-61b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:45:09:8b:7b:95:e5:e6:29:11:e8:4e:77:f8: 9a:38:7a:d2:ea:b5:2c:9c:99:c8:e8:f6:b6:8d:46: 17:e2:d6:4c:92:26:42:65:2d:51:17:7f:6c:84:51: 26:fe:ae:a5:38:6f:ce:f0:0b:43:38:4e:11:df:09: 3b:7a:5b:a4:1c:37:0a:92:1c:c5:5a:c1:ef:90:5f: 5c:78:a0:de:7f:6f:49:51:29:73:85:d1:1a:e2:10: a2:16:89:c2:e7:df:79:68:9f:51:87:29:29:77:7f: 87:d1:20:bd:cb:ce:64:74:37:89:a8:84:14:6a:92: 55:0b:f9:54:f3:71:2f:45:35:d4:88:72:e4:a2:aa: cb:77:60:bf:2f:5a:65:6a:26:d8:6b:49:89:9e:06: 5f:f7:e2:8c:e4:04:07:0e:d6:6e:33:3e:cb:cf:55: 3a:d0:d6:bb:0d:c7:25:f7:4e:83:f3:09:a8:8c:07: 30:ea:b7:8c:e7:bb:6f:6c:4e:28:54:60:ba:a9:56: 9c:86:4f:60:5a:15:11:97:4f:cd:91:e6:7a:a3:23: 26:42:f6:ab:37:af:03:12:0c:7a:81:ea:bb:a9:e0: fc:2a:f3:d2:37:10:fb:28:51:b7:24:4b:82:46:11: 17:f6:cb:ea:62:00:9e:c0:f6:d7:d9:c8:8e:d2:c8: 13:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:05:2D:54:8C:F1:BB:E7:D8:5C:D5:63:50:6B:AD:5F:56:DC:01:39 X509v3 Authority Key Identifier: keyid:40:42:D6:E6:37:9E:D8:04:24:8B:36:0D:ED:98:5E:F7:F5:65:20:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:4d:7f:fa:ef:95:f9:6a:0f:b1:73:57:48:24:a2:a6:60:6a: 82:e0:a0:20:86:4a:72:22:ba:9f:9e:f8:88:d4:08:47:04:74: bd:98:8e:e6:55:08:9c:83:eb:10:06:06:44:5c:0b:af:dc:c0: e6:bc:5e:55:b8:a8:6b:87:5f:f1:32:91:93:06:da:17:9d:d4: c3:4f:ae:1d:db:d4:98:e9:af:ef:ca:d8:11:ee:fb:8c:75:16: bf:f0:93:f5:4d:78:c9:0a:aa:24:74:9f:be:72:d0:92:b7:db: 62:f9:cd:b4:37:df:ae:c7:11:74:0b:11:c7:51:a2:9f:d7:be: c1:71:dc:e1:23:29:9e:7b:a9:e3:b8:d5:49:43:6e:97:31:c1: 18:93:de:27:73:1b:61:96:fb:99:70:57:60:cb:93:db:bb:5f: 70:ab:31:d3:dd:5e:d3:9e:7d:f5:6f:0d:69:cc:0a:61:21:bf: e4:af:71:71:ed:1b:5a:92:3d:7b:ad:5f:97:bf:fe:88:d5:bf: 6b:54:21:82:65:2d:8a:37:b9:34:ed:0e:c1:b1:f8:ce:67:c5: 48:7d:79:a1:b8:57:08:d9:34:b7:24:8d:86:a6:d2:8c:e0:ee: 0f:fb:93:d8:85:df:7c:e2:28:e6:ea:d4:ca:ad:7e:4a:4f:14: f8:fa:cb:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDg0NjUxMTAvBgNVBAUTKDQwNDJENkU2Mzc5RUQ4MDQyNDhCMzYwREVEOTg1RUY3 RjU2NTIwMTEwHhcNMjUwNDI1MDE0NDE4WhcNMjUwNTAyMDE0NDE4WjAYMRYwFAYD VQQDEw02ODBhZThmMy02MWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl0UJi3uV5eYpEehOd/iaOHrS6rUsnJnI6Pa2jUYX4tZMkiZCZS1RF39shFEm /q6lOG/O8AtDOE4R3wk7elukHDcKkhzFWsHvkF9ceKDef29JUSlzhdEa4hCiFonC 5995aJ9Rhykpd3+H0SC9y85kdDeJqIQUapJVC/lU83EvRTXUiHLkoqrLd2C/L1pl aibYa0mJngZf9+KM5AQHDtZuMz7Lz1U60Na7Dccl906D8wmojAcw6reM57tvbE4o VGC6qVachk9gWhURl0/NkeZ6oyMmQvarN68DEgx6geq7qeD8KvPSNxD7KFG3JEuC RhEX9svqYgCewPbX2ciO0sgTNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCsFLVSM 8bvn2FzVY1BrrV9W3AE5MB8GA1UdIwQYMBaAFEBC1uY3ntgEJIs2De2YXvf1ZSAR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0ODQ2NS9ENjBGMDI3MjI4 QkIxMUVEQTU5QzMwODFDNEY5QUUwMi9RRUxXNWplZTJBUWtpellON1poZTlfVmxJ QkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FFTFc1amVlMkFRa2l6WU43WmhlOV9WbElCRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 ODQ2NS9ENjBGMDI3MjI4QkIxMUVEQTU5QzMwODFDNEY5QUUwMi9RRUxXNWplZTJB UWtpellON1poZTlfVmxJQkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBTX/675X5ag+xc1dIJKKmYGqC4KAghkpyIrqfnviI1AhHBHS9mI7m VQicg+sQBgZEXAuv3MDmvF5VuKhrh1/xMpGTBtoXndTDT64d29SY6a/vytgR7vuM dRa/8JP1TXjJCqokdJ++ctCSt9ti+c20N9+uxxF0CxHHUaKf177BcdzhIymee6nj uNVJQ26XMcEYk94ncxthlvuZcFdgy5Pbu19wqzHT3V7Tnn31bw1pzAphIb/kr3Fx 7Rtakj17rV+Xv/6I1b9rVCGCZS2KN7k07Q7BsfjOZ8VIfXmhuFcI2TS3JI2GptKM 4O4P+5PYhd984ijm6tTKrX5KTxT4+suR -----END CERTIFICATE-----Generated at Sat Apr 26 15:08:58 2025 by rpki-client