$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft File: BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft (raw, json) Hash identifier: ERuB0t6m/hQNEBZ3u2sd3ZkyyesSD79rQ5+DTQAMm8M= Subject key identifier: 67:FF:A9:BF:7D:E6:36:82:EE:50:E2:0D:EA:62:47:86:FE:BF:12:C2 Authority key identifier: 05:0D:C0:3B:5D:59:45:A3:3E:AB:95:18:17:F1:67:9B:D9:10:C6:AC Certificate issuer: /CN=A91AB8D7/serialNumber=050DC03B5D5945A33EAB951817F1679BD910C6AC Certificate serial: 01B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft Manifest number: 01AF Signing time: Fri 25 Apr 2025 02:26:08 +0000 Manifest this update: Fri 25 Apr 2025 02:26:07 +0000 Manifest next update: Fri 02 May 2025 02:26:07 +0000 Files and hashes: 1: BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.crl (hash: RqDWo8aejTq71CSZVWbo8sRyIMcWgl91mohn+jc8Xn8=) 2: 1ED3BAF898A011ED9D31B05CC4F9AE02.roa (hash: uh86cXyNLUaa3Xl47qiV2uyaXTpPI55uWsM8f80qnzg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.crl rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:26:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB8D7, serialNumber=050DC03B5D5945A33EAB951817F1679BD910C6AC Validity Not Before: Apr 25 02:26:07 2025 GMT Not After : May 2 02:26:07 2025 GMT Subject: CN=680af2c0-fae6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:a5:92:eb:30:9c:cc:7d:84:e0:04:6a:9e:09: 18:05:84:31:14:0b:43:79:5d:6d:da:26:ad:9c:0c: 2a:cf:c4:0c:6e:12:5f:3e:2f:01:7e:df:45:c7:43: 36:71:0c:99:c9:3a:97:ab:73:f0:3f:a7:54:8a:2e: 43:b0:1b:d2:81:85:46:dd:27:37:3b:b8:fc:73:06: c4:03:cc:5d:0a:e5:74:c7:3b:98:f6:8d:a0:8c:47: 7d:cc:46:7e:5b:b2:f7:e5:de:00:44:f6:8a:e2:52: 41:b2:6b:c8:04:5a:96:60:a6:8b:7c:53:6f:bc:ee: be:2e:1e:c0:24:11:6a:fb:27:80:ba:14:f1:0f:46: 2b:10:6c:55:be:7c:f7:7b:9f:ea:5f:63:38:d1:90: d8:67:72:4c:96:e4:43:26:67:55:18:78:8c:8a:46: 68:cf:fd:7e:83:15:b6:16:ad:c1:7e:17:b7:6d:78: 62:c2:d0:c4:b3:fb:a8:bb:ce:9d:65:7a:1a:b8:b0: 59:34:52:88:bc:8c:90:fc:fc:1d:98:ca:af:da:6d: 5f:38:a8:6f:79:e6:0a:b5:de:85:99:45:e4:c4:0d: 37:2f:11:1e:b0:2b:e4:78:0b:9f:a1:8e:99:44:3e: c1:4a:af:4a:ac:10:a3:51:44:1b:a4:6b:4c:3b:3a: 0f:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:FF:A9:BF:7D:E6:36:82:EE:50:E2:0D:EA:62:47:86:FE:BF:12:C2 X509v3 Authority Key Identifier: keyid:05:0D:C0:3B:5D:59:45:A3:3E:AB:95:18:17:F1:67:9B:D9:10:C6:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB8D7/B67F301A989D11EDB4E30F5CC4F9AE02/BQ3AO11ZRaM-q5UYF_Fnm9kQxqw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:4f:da:6d:5e:4b:83:f8:6c:0a:ca:c7:1b:ef:a6:4a:80:80: b4:9a:3a:2d:c5:df:40:2e:f4:5f:b6:0a:b2:e2:86:97:2a:1e: 42:80:1b:40:da:87:b7:cd:18:86:63:a3:08:de:35:ef:fa:d5: 51:d2:8e:b4:a9:e1:cb:02:a0:4a:82:5c:22:d7:12:d5:23:8e: 46:96:f5:a4:ed:32:fe:bf:66:ff:87:2c:ae:9f:e4:e7:14:8e: f6:0f:06:2b:9d:b3:32:75:d7:55:71:ca:5d:5c:91:c9:f4:aa: 45:c1:64:4d:43:47:bd:1b:87:e7:1f:6b:dc:96:6c:09:dd:56: d2:99:44:8e:70:48:51:08:00:7e:a3:7d:25:8d:7d:b8:70:9c: 5e:c6:c2:27:13:3d:72:f7:c6:21:4a:e2:fe:17:c9:ac:e1:d8: 09:7f:2d:22:f7:fb:26:de:39:d6:41:60:00:20:9b:d4:1b:ec: 90:09:b8:2a:28:9d:e0:81:4d:eb:bf:fb:b4:04:66:aa:ad:f5: c0:6f:e4:89:14:92:6d:b8:a7:5e:d6:b1:69:61:f8:9d:ae:e5: 89:a8:24:fa:3c:17:f0:67:4d:fa:c4:c6:e8:84:a0:8c:e0:15: 8b:c2:64:ed:28:10:d3:bc:25:84:a4:69:18:ed:ce:0e:51:36: a2:03:09:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI4RDcxMTAvBgNVBAUTKDA1MERDMDNCNUQ1OTQ1QTMzRUFCOTUxODE3RjE2NzlC RDkxMEM2QUMwHhcNMjUwNDI1MDIyNjA3WhcNMjUwNTAyMDIyNjA3WjAYMRYwFAYD VQQDEw02ODBhZjJjMC1mYWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+aWS6zCczH2E4ARqngkYBYQxFAtDeV1t2iatnAwqz8QMbhJfPi8Bft9Fx0M2 cQyZyTqXq3PwP6dUii5DsBvSgYVG3Sc3O7j8cwbEA8xdCuV0xzuY9o2gjEd9zEZ+ W7L35d4ARPaK4lJBsmvIBFqWYKaLfFNvvO6+Lh7AJBFq+yeAuhTxD0YrEGxVvnz3 e5/qX2M40ZDYZ3JMluRDJmdVGHiMikZoz/1+gxW2Fq3Bfhe3bXhiwtDEs/uou86d ZXoauLBZNFKIvIyQ/PwdmMqv2m1fOKhveeYKtd6FmUXkxA03LxEesCvkeAufoY6Z RD7BSq9KrBCjUUQbpGtMOzoPnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGf/qb99 5jaC7lDiDepiR4b+vxLCMB8GA1UdIwQYMBaAFAUNwDtdWUWjPquVGBfxZ5vZEMas MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjhENy9CNjdGMzAxQTk4 OUQxMUVEQjRFMzBGNUNDNEY5QUUwMi9CUTNBTzExWlJhTS1xNVVZRl9Gbm05a1F4 cXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRM0FPMTFaUmFNLXE1VVlGX0ZubTlrUXhxdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjhENy9CNjdGMzAxQTk4OUQxMUVEQjRFMzBGNUNDNEY5QUUwMi9CUTNBTzExWlJh TS1xNVVZRl9Gbm05a1F4cXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4T9ptXkuD+GwKyscb76ZKgIC0mjotxd9ALvRftgqy4oaXKh5CgBtA 2oe3zRiGY6MI3jXv+tVR0o60qeHLAqBKglwi1xLVI45GlvWk7TL+v2b/hyyun+Tn FI72DwYrnbMydddVccpdXJHJ9KpFwWRNQ0e9G4fnH2vclmwJ3VbSmUSOcEhRCAB+ o30ljX24cJxexsInEz1y98YhSuL+F8ms4dgJfy0i9/sm3jnWQWAAIJvUG+yQCbgq KJ3ggU3rv/u0BGaqrfXAb+SJFJJtuKde1rFpYfidruWJqCT6PBfwZ036xMbohKCM 4BWLwmTtKBDTvCWEpGkY7c4OUTaiAwmQ -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:50 2025 by rpki-client