$ rpki-client -vvf rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.mft File: Qyo25tVwCwvKzOD0FXauaxPK08A.mft (raw, json) Hash identifier: tu9S1ZacWLBURUgRWKOwgWpDyaRj7H/s5T/VCHqRA18= Subject key identifier: 52:A3:CB:99:56:21:71:02:B9:B2:B8:B4:5A:11:88:17:34:A7:82:2D Authority key identifier: 43:2A:36:E6:D5:70:0B:0B:CA:CC:E0:F4:15:76:AE:6B:13:CA:D3:C0 Certificate issuer: /CN=A91627B1/serialNumber=432A36E6D5700B0BCACCE0F41576AE6B13CAD3C0 Certificate serial: 0129 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qyo25tVwCwvKzOD0FXauaxPK08A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.mft Manifest number: 0127 Signing time: Fri 13 Jun 2025 03:35:10 +0000 Manifest this update: Fri 13 Jun 2025 03:35:09 +0000 Manifest next update: Fri 20 Jun 2025 03:35:09 +0000 Files and hashes: 1: Qyo25tVwCwvKzOD0FXauaxPK08A.crl (hash: FT7PbzOY3pB67boQl/nMODsWNnqdViGq82OD1qPU8YQ=) 2: 3ED152FE82A411EE87690C58C4F9AE02.roa (hash: +vHH0mUjaHjNGLcgyypJ8y/RcZMmCEJZHVNAnsairms=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.crl rsync://rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qyo25tVwCwvKzOD0FXauaxPK08A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 03:35:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 297 (0x129) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91627B1, serialNumber=432A36E6D5700B0BCACCE0F41576AE6B13CAD3C0 Validity Not Before: Jun 13 03:35:09 2025 GMT Not After : Jun 20 03:35:09 2025 GMT Subject: CN=684b9c6d-a302 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a3:e5:c8:86:67:00:b7:f1:1a:bc:89:28:3d: ee:a4:16:91:bc:3f:19:b1:f2:6c:a1:b6:ce:81:ae: 5a:6e:d5:82:83:8c:fa:a3:fb:b9:6a:9d:16:4e:9a: 97:f6:77:8b:75:de:88:0c:03:d8:21:d5:13:fd:eb: cf:58:af:fb:95:7d:8f:ab:32:b1:39:f6:2b:0d:48: 33:41:47:fe:59:1c:11:c7:99:bf:a8:e9:49:cc:d8: 38:63:d8:16:86:85:5d:e7:03:b6:7b:a6:e2:7f:b8: 68:cd:ad:9c:28:25:91:07:9e:04:90:3f:df:95:9f: 80:04:96:c2:1b:44:d4:9b:52:a5:46:49:0e:82:b2: 4c:ef:7e:60:21:7d:4f:77:ec:3e:46:b2:62:8a:23: 7c:6c:da:2e:3f:45:b8:e7:f1:cd:92:e4:45:54:e4: 01:76:39:ed:fd:ac:6c:28:4f:ba:5c:59:1e:a3:98: 64:ed:40:9d:75:32:41:d7:e4:0b:f1:29:6b:2b:f2: 35:d7:2d:50:d3:1a:9b:d1:6c:c3:d2:2d:59:63:3b: 9d:11:27:b7:e7:61:6b:13:85:15:1e:1d:f8:aa:92: c8:41:9d:30:3d:50:6d:80:ba:3c:85:6e:d1:03:24: d0:02:5c:a1:48:da:2c:71:7d:4f:07:99:c7:85:37: 46:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:A3:CB:99:56:21:71:02:B9:B2:B8:B4:5A:11:88:17:34:A7:82:2D X509v3 Authority Key Identifier: keyid:43:2A:36:E6:D5:70:0B:0B:CA:CC:E0:F4:15:76:AE:6B:13:CA:D3:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qyo25tVwCwvKzOD0FXauaxPK08A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91627B1/8FAF2BDE82A311EEAC69F456C4F9AE02/Qyo25tVwCwvKzOD0FXauaxPK08A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:2b:2d:29:4a:a7:cc:dd:cf:47:23:10:17:f1:3a:f8:75:f8: 1f:bd:f1:44:66:39:1f:55:6e:0d:68:05:dd:0f:a5:a7:39:f8: ae:b7:2a:74:2b:65:28:b2:3c:3d:e2:55:1a:e9:49:ed:6c:ad: c8:30:82:2f:a7:b3:93:78:01:f0:cf:d2:16:06:a8:c3:be:48: 72:f7:e5:cd:a3:d3:d5:46:c1:d8:40:c4:82:f0:48:d1:ad:97: 06:42:a5:49:56:fa:53:b6:0d:b7:c1:2b:2f:22:e3:ac:31:75: 12:a2:da:42:b4:c4:1d:12:38:fa:1c:b9:ba:56:eb:6f:14:1b: 34:3e:de:91:d0:27:6f:50:2d:60:3c:30:24:76:98:4d:ff:3d: 64:e6:61:5b:7e:78:45:c5:d4:32:3a:27:fa:16:4f:47:ec:bf: 90:16:0a:e0:67:87:1b:bc:b9:01:2b:17:80:77:de:b9:03:db: 29:0a:03:02:18:63:a2:f8:04:be:cd:b2:ad:87:3a:a5:2b:3d: c0:25:4b:d6:0f:c5:26:fe:c0:0b:a3:e6:4c:6c:9a:ad:a9:cf: 32:a2:54:5a:d0:77:f5:dc:ef:ad:7e:d8:ee:1e:9a:1d:ed:1a: da:ca:86:f8:62:aa:21:56:3a:5d:8c:84:2a:e2:3b:2d:e6:df: 38:ea:75:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjI3QjExMTAvBgNVBAUTKDQzMkEzNkU2RDU3MDBCMEJDQUNDRTBGNDE1NzZBRTZC MTNDQUQzQzAwHhcNMjUwNjEzMDMzNTA5WhcNMjUwNjIwMDMzNTA5WjAYMRYwFAYD VQQDEw02ODRiOWM2ZC1hMzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoaPlyIZnALfxGryJKD3upBaRvD8ZsfJsobbOga5abtWCg4z6o/u5ap0WTpqX 9neLdd6IDAPYIdUT/evPWK/7lX2PqzKxOfYrDUgzQUf+WRwRx5m/qOlJzNg4Y9gW hoVd5wO2e6bif7hoza2cKCWRB54EkD/flZ+ABJbCG0TUm1KlRkkOgrJM735gIX1P d+w+RrJiiiN8bNouP0W45/HNkuRFVOQBdjnt/axsKE+6XFkeo5hk7UCddTJB1+QL 8SlrK/I11y1Q0xqb0WzD0i1ZYzudESe352FrE4UVHh34qpLIQZ0wPVBtgLo8hW7R AyTQAlyhSNoscX1PB5nHhTdGfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFKjy5lW IXECubK4tFoRiBc0p4ItMB8GA1UdIwQYMBaAFEMqNubVcAsLyszg9BV2rmsTytPA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjdCMS84RkFGMkJERTgy QTMxMUVFQUM2OUY0NTZDNEY5QUUwMi9ReW8yNXRWd0N3dkt6T0QwRlhhdWF4UEsw OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1F5bzI1dFZ3Q3d2S3pPRDBGWGF1YXhQSzA4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MjdCMS84RkFGMkJERTgyQTMxMUVFQUM2OUY0NTZDNEY5QUUwMi9ReW8yNXRWd0N3 dkt6T0QwRlhhdWF4UEswOEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCKy0pSqfM3c9HIxAX8Tr4dfgfvfFEZjkfVW4NaAXdD6WnOfiutyp0 K2Uosjw94lUa6UntbK3IMIIvp7OTeAHwz9IWBqjDvkhy9+XNo9PVRsHYQMSC8EjR rZcGQqVJVvpTtg23wSsvIuOsMXUSotpCtMQdEjj6HLm6VutvFBs0Pt6R0CdvUC1g PDAkdphN/z1k5mFbfnhFxdQyOif6Fk9H7L+QFgrgZ4cbvLkBKxeAd965A9spCgMC GGOi+AS+zbKthzqlKz3AJUvWD8Um/sALo+ZMbJqtqc8yolRa0Hf13O+tftjuHpod 7Rrayob4YqohVjpdjIQq4jst5t846nWT -----END CERTIFICATE-----Generated at Sat Jun 14 19:38:36 2025 by rpki-client