$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: f1ZKD8qOmnimLWWTLI2LgTedSpJQ5C4Ggw54hNeP/c8= Subject key identifier: 00:CB:FD:7C:C6:D4:F8:63:20:64:AE:E6:21:E5:1D:A6:51:13:36:35 Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 3487 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 347C Signing time: Thu 24 Apr 2025 15:08:08 +0000 Manifest this update: Thu 24 Apr 2025 15:08:08 +0000 Manifest next update: Thu 01 May 2025 15:08:08 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: DDDQXWRUi8WwsGnLuS2Z7BCVftXUpw1rgEqXzErlyVg=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:08:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13447 (0x3487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Apr 24 15:08:08 2025 GMT Not After : May 1 15:08:08 2025 GMT Subject: CN=680a53d8-e443 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:83:57:59:c2:da:12:4c:06:c7:7d:03:02:c9: b2:3b:c1:f2:d0:cd:92:cd:6f:5d:84:bc:9d:98:c7: bf:3f:92:c9:45:04:e3:ce:26:a2:0c:bd:f6:9f:66: 10:b6:f0:b5:eb:cb:16:13:50:fd:3f:63:99:03:a5: b3:f5:c2:8d:1f:68:20:c7:80:03:a0:49:7b:76:28: d5:1d:25:8f:6d:91:b6:f0:66:dc:db:9a:b1:91:eb: 87:e7:b5:ef:03:48:b5:ea:8d:83:fb:6e:4a:cf:e8: d6:e3:68:bf:97:93:d0:c8:0a:03:a8:9c:63:77:81: 42:20:b0:1e:61:ca:e0:a7:67:a0:83:0f:21:03:be: 57:46:78:48:8b:47:a2:fc:41:75:c9:23:b8:2c:a5: 98:5c:b9:c6:e6:73:ee:66:81:a1:af:ab:b6:62:7d: 53:ca:2e:fd:ab:ad:7a:e0:43:31:93:41:d1:b9:9e: 68:11:64:00:ff:0c:72:0d:71:8f:07:83:d2:ed:d0: 88:ec:18:96:22:e8:bb:d8:9f:39:c3:c5:29:2b:dd: d7:3a:b5:58:ab:13:ef:2e:2d:64:1c:a9:d4:44:0d: fa:c0:cc:ad:8c:1f:ad:ec:45:c6:9a:a8:7d:7c:28: bc:17:71:01:c4:dd:ab:bc:3f:83:4d:23:84:be:e9: f8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:CB:FD:7C:C6:D4:F8:63:20:64:AE:E6:21:E5:1D:A6:51:13:36:35 X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:aa:47:51:ff:9f:8e:dd:73:f7:47:5f:09:50:08:64:e3:3c: 43:65:23:be:5a:0b:6b:96:90:63:3f:f9:d8:3a:2d:18:ee:9f: 59:5d:0e:99:80:25:44:be:74:d6:22:c7:16:3a:e5:e5:d3:d1: 73:1f:85:ed:ad:c5:f1:63:65:ee:56:ac:d2:19:9a:a7:01:24: 2f:8c:0b:98:03:1b:1f:ca:55:c2:45:12:28:2c:f6:78:15:df: 83:c6:be:17:d1:e9:e7:0e:f2:08:9b:fc:d8:f8:b0:04:44:2e: 5d:61:97:9c:8b:5a:d2:6a:7d:8a:b2:bc:82:46:54:d5:5d:e6: 8f:ab:89:34:fc:96:53:a7:f9:a3:6e:8d:3b:7e:2f:7b:71:42: f9:1a:7f:1a:84:19:e2:38:2a:ec:a3:af:de:96:49:89:69:c7: c9:8a:f8:71:35:6c:f2:5b:61:a8:b8:2c:48:03:98:94:0c:77: 77:af:68:30:9a:65:d2:c1:53:3d:0f:16:c8:51:ba:b7:04:d7: 18:7e:7e:61:4a:2b:1b:bb:d1:e4:75:b7:6a:2b:cc:5d:04:0b: 0f:f2:48:ac:c7:1a:d0:17:ef:e0:44:b8:bd:7b:f9:26:e5:8e: eb:b6:5b:c8:1f:fe:d8:14:1f:81:d7:5c:60:b7:66:77:71:a2: 4f:c1:a7:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwNDI0MTUwODA4WhcNMjUwNTAxMTUwODA4WjAYMRYwFAYD VQQDEw02ODBhNTNkOC1lNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvYNXWcLaEkwGx30DAsmyO8Hy0M2SzW9dhLydmMe/P5LJRQTjziaiDL32n2YQ tvC168sWE1D9P2OZA6Wz9cKNH2ggx4ADoEl7dijVHSWPbZG28Gbc25qxkeuH57Xv A0i16o2D+25Kz+jW42i/l5PQyAoDqJxjd4FCILAeYcrgp2eggw8hA75XRnhIi0ei /EF1ySO4LKWYXLnG5nPuZoGhr6u2Yn1Tyi79q6164EMxk0HRuZ5oEWQA/wxyDXGP B4PS7dCI7BiWIui72J85w8UpK93XOrVYqxPvLi1kHKnURA36wMytjB+t7EXGmqh9 fCi8F3EBxN2rvD+DTSOEvun4xQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFADL/XzG 1PhjIGSu5iHlHaZREzY1MB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaqkdR/5+O3XP3R18JUAhk4zxDZSO+WgtrlpBjP/nYOi0Y7p9ZXQ6Z gCVEvnTWIscWOuXl09FzH4XtrcXxY2XuVqzSGZqnASQvjAuYAxsfylXCRRIoLPZ4 Fd+Dxr4X0ennDvIIm/zY+LAERC5dYZeci1rSan2KsryCRlTVXeaPq4k0/JZTp/mj bo07fi97cUL5Gn8ahBniOCrso6/elkmJacfJivhxNWzyW2GouCxIA5iUDHd3r2gw mmXSwVM9DxbIUbq3BNcYfn5hSisbu9HkdbdqK8xdBAsP8kisxxrQF+/gRLi9e/km 5Y7rtlvIH/7YFB+B11xgt2Z3caJPwafR -----END CERTIFICATE-----Generated at Sat Apr 26 04:24:51 2025 by rpki-client