$ rpki-client -vvf rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft File: KQX7MhK9YWRvt69jPqGiV7w6Pew.mft (raw, json) Hash identifier: dOD541ttdvF/hAIB26L2rXmcPz5u10brniHJ38LD0ts= Subject key identifier: EC:F6:AA:6C:8B:FF:3D:9D:3F:A1:65:40:5E:27:40:35:08:48:02:D3 Authority key identifier: 29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC Certificate issuer: /CN=A9156971/serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Certificate serial: 347C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft Manifest number: 3477 Signing time: Thu 24 Apr 2025 14:43:21 +0000 Manifest this update: Thu 24 Apr 2025 14:43:20 +0000 Manifest next update: Thu 01 May 2025 14:43:20 +0000 Files and hashes: 1: KQX7MhK9YWRvt69jPqGiV7w6Pew.crl (hash: EaFEHPU3x9LvqSGFHGQ0crfEOXirqpFyQO2yGinghz0=) 2: 4AF78A4AFEC611EF86B4765BC4F9AE02.roa (hash: fSvzoyKPYxxU75rpRzS9/7MEh8nKxr1lS94jPbqL5BE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:43:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13436 (0x347c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156971, serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Validity Not Before: Apr 24 14:43:20 2025 GMT Not After : May 1 14:43:20 2025 GMT Subject: CN=680a4e08-7ba2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:52:dd:59:58:32:55:26:61:ab:36:5f:4d:97: 0c:2f:ae:4b:2c:48:9d:65:0e:24:57:43:4b:00:46: d9:c3:10:db:d2:cc:41:1c:67:49:0c:ad:ad:fb:e8: a8:99:8f:60:5f:e2:88:c3:5f:d9:f2:2d:eb:ef:14: 1d:b7:81:60:c8:28:eb:30:0f:45:86:c9:60:22:79: 4a:ff:ab:93:8e:09:1e:3d:e7:88:48:6d:bc:df:9b: f3:bd:37:74:d3:d2:08:38:3f:39:41:b6:78:03:29: d0:aa:67:e4:a2:37:c1:6d:ed:9a:16:c9:5c:f5:4d: e8:60:26:49:ce:21:e1:79:56:ca:93:1d:91:39:ca: bf:88:64:8a:c0:04:b6:b5:74:09:9f:1c:de:32:c0: ea:ab:dc:71:9f:2f:24:b6:18:d2:d6:6f:a6:a4:c3: 21:7c:d9:cd:d5:48:52:33:13:6f:87:a4:12:fe:fc: d2:dd:d9:5f:c2:72:b4:09:50:08:07:21:f4:9e:45: 72:48:29:2e:88:e2:6c:bb:04:09:3c:87:d5:0e:d7: c9:09:4f:59:44:15:4a:d7:e8:22:c6:3a:b4:20:a8: 87:2f:e1:7b:df:a8:7e:0a:23:07:13:f3:a5:1a:f4: f6:93:43:2c:12:9c:9d:e1:bc:e9:a0:a9:1c:4c:53: f7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:F6:AA:6C:8B:FF:3D:9D:3F:A1:65:40:5E:27:40:35:08:48:02:D3 X509v3 Authority Key Identifier: keyid:29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:6d:03:59:e6:c9:81:ff:13:35:99:7d:40:0e:84:4b:a5:4a: 38:db:18:d1:f6:a2:53:97:8f:a2:fb:c1:ca:76:1c:44:16:12: a3:75:73:1d:0c:73:01:b8:d5:6e:f4:c0:53:d5:37:4c:1e:bf: be:cd:89:32:2e:0d:06:23:a4:0a:37:43:54:51:d7:f9:1f:be: 0b:4d:89:76:10:94:12:1f:f8:db:d5:1e:73:95:57:9a:39:9b: 3d:44:42:d5:cb:89:b2:94:ae:a2:e0:3e:c0:a4:2a:48:bb:d8: df:f8:54:df:4a:bc:14:28:ac:9e:de:bc:2f:1c:92:61:b8:98: 8e:2e:bd:1d:56:44:7d:91:08:99:df:11:a2:99:b1:16:8d:f6: 3c:75:7a:ab:fa:f4:33:e6:de:6c:bd:be:cb:a2:15:9a:96:35: cd:e0:81:9c:c6:93:32:b9:58:23:b5:1d:3d:f4:e7:20:e3:75: c2:a1:f7:a1:c6:dc:c8:06:27:91:7f:d1:6e:39:de:f0:74:34: 15:7b:8c:93:80:78:ce:3b:95:36:57:50:b0:0c:8e:a4:8c:57: c2:f7:7d:87:06:75:7e:3e:8f:21:23:c2:1c:6b:d3:aa:d5:43: 55:f4:05:69:4f:fa:33:9c:dc:10:f8:11:b4:96:70:d0:24:82: c7:59:f4:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY5NzExMTAvBgNVBAUTKDI5MDVGQjMyMTJCRDYxNjQ2RkI3QUY2MzNFQTFBMjU3 QkMzQTNERUMwHhcNMjUwNDI0MTQ0MzIwWhcNMjUwNTAxMTQ0MzIwWjAYMRYwFAYD VQQDEw02ODBhNGUwOC03YmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAylLdWVgyVSZhqzZfTZcML65LLEidZQ4kV0NLAEbZwxDb0sxBHGdJDK2t++io mY9gX+KIw1/Z8i3r7xQdt4FgyCjrMA9FhslgInlK/6uTjgkePeeISG2835vzvTd0 09IIOD85QbZ4AynQqmfkojfBbe2aFslc9U3oYCZJziHheVbKkx2ROcq/iGSKwAS2 tXQJnxzeMsDqq9xxny8kthjS1m+mpMMhfNnN1UhSMxNvh6QS/vzS3dlfwnK0CVAI ByH0nkVySCkuiOJsuwQJPIfVDtfJCU9ZRBVK1+gixjq0IKiHL+F736h+CiMHE/Ol GvT2k0MsEpyd4bzpoKkcTFP3HwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOz2qmyL /z2dP6FlQF4nQDUISALTMB8GA1UdIwQYMBaAFCkF+zISvWFkb7evYz6hole8Oj3s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Njk3MS80OEMyMjE4NjFE OTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlXUnZ0NjlqUHFHaVY3dzZQ ZXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRWDdNaEs5WVdSdnQ2OWpQcUdpVjd3NlBldy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Njk3MS80OEMyMjE4NjFEOTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlX UnZ0NjlqUHFHaVY3dzZQZXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALbQNZ5smB/xM1mX1ADoRLpUo42xjR9qJTl4+i+8HKdhxEFhKjdXMd DHMBuNVu9MBT1TdMHr++zYkyLg0GI6QKN0NUUdf5H74LTYl2EJQSH/jb1R5zlVea OZs9RELVy4mylK6i4D7ApCpIu9jf+FTfSrwUKKye3rwvHJJhuJiOLr0dVkR9kQiZ 3xGimbEWjfY8dXqr+vQz5t5svb7LohWaljXN4IGcxpMyuVgjtR099Ocg43XCofeh xtzIBieRf9FuOd7wdDQVe4yTgHjOO5U2V1CwDI6kjFfC932HBnV+Po8hI8Ica9Oq 1UNV9AVpT/oznNwQ+BG0lnDQJILHWfQL -----END CERTIFICATE-----Generated at Sat Apr 26 05:05:22 2025 by rpki-client