$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft File: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft (raw, json) Hash identifier: ABAagfdXu97TGBdYnSWRGf6Xw4VwmYlIwgXNMrCLWPA= Subject key identifier: 58:5A:DE:3F:D8:53:B5:D6:F0:1D:98:EB:EA:DE:BC:FD:0B:43:75:C4 Authority key identifier: 40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 Certificate issuer: /CN=A91BB492/serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft Manifest number: 2A Signing time: Fri 13 Jun 2025 06:40:03 +0000 Manifest this update: Fri 13 Jun 2025 06:40:03 +0000 Manifest next update: Fri 20 Jun 2025 06:40:02 +0000 Files and hashes: 1: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl (hash: kFFET4sNiQaYqjqSzoPltY9KI2BdyO96/4DC31BQGu0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 06:40:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB492, serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Validity Not Before: Jun 13 06:40:03 2025 GMT Not After : Jun 20 06:40:02 2025 GMT Subject: CN=684bc7c3-cd41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e0:fb:9b:65:d6:66:ce:21:99:ae:eb:7e:62: 15:0a:cc:87:99:69:ac:11:df:65:de:76:b2:ce:2c: fd:27:5f:a8:74:89:31:d2:80:37:15:bb:4c:a1:e0: 62:c9:e6:b3:47:88:8a:38:b2:f5:9b:ab:1d:b0:ce: 9c:38:cd:c5:5b:83:48:a4:3b:5c:c4:e9:6c:43:94: 06:24:d2:21:c1:11:de:2c:c9:ed:fa:c3:44:11:9f: e9:02:c3:e8:ac:55:a9:ac:fe:2d:44:f2:71:fc:9f: a7:01:b0:74:b2:01:56:48:34:2a:f8:5a:dc:35:86: 17:76:d8:ef:07:3e:2d:29:e8:d0:88:2c:7c:fb:e1: 6e:bf:8c:e7:df:f3:7f:5e:f8:de:cd:d5:c4:62:2d: 4e:76:d7:f1:40:72:84:f1:7b:01:9a:95:b4:d7:1c: 80:df:ac:b2:9d:ff:2e:30:c7:21:ac:d7:1a:af:3d: 02:d8:e1:5f:18:ce:45:d9:6b:e2:da:07:c9:94:fe: 79:ca:66:72:7f:5a:d1:9b:3e:6c:e4:f5:50:78:8f: 93:06:37:bd:6e:22:ce:fe:47:49:28:60:66:8b:bc: 13:40:c5:26:bf:60:ed:cc:ce:37:98:44:58:17:6f: 31:b6:da:a4:07:dc:5a:d0:d7:b7:7a:47:bb:89:7b: 8a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:5A:DE:3F:D8:53:B5:D6:F0:1D:98:EB:EA:DE:BC:FD:0B:43:75:C4 X509v3 Authority Key Identifier: keyid:40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:4e:4f:bf:e9:08:4c:f3:1c:e5:42:d3:b5:61:ad:b4:21:88: 65:6e:c2:98:ea:5d:56:bd:b8:ae:62:0e:9b:43:2f:66:22:8e: 05:08:ab:58:a1:8e:a6:56:fa:0d:27:0f:88:ff:84:74:b4:48: f5:7c:4f:35:b2:30:d0:df:73:ae:8d:59:1a:23:20:72:ad:46: 55:08:bf:1b:53:da:19:7a:ec:6b:3c:30:81:d8:55:15:5e:ae: 07:46:69:b9:a5:b0:26:2e:23:fc:7a:7d:fc:12:2c:6d:fa:20: 4d:ac:41:a9:d1:ec:54:38:ee:5c:80:9f:a1:91:a0:2d:80:81: 7b:02:bd:20:71:9b:00:cc:5f:f6:f5:fe:5f:52:74:9b:b8:72: 16:e4:e4:6f:cb:9a:e2:39:41:0d:cd:ed:7b:51:37:8f:46:da: 93:3e:bc:af:1b:5a:30:c4:81:2e:7a:3c:37:7b:23:a0:b2:e9: fe:91:6b:75:ca:34:8e:3e:6f:32:ed:65:1f:29:4a:a2:69:fe: 4c:c2:03:37:19:09:e6:52:61:c2:c1:58:30:f0:1b:33:b8:a5: 3e:42:f9:ac:52:3d:44:87:e1:6a:90:26:8f:e8:86:9b:02:53: 89:dc:5f:a8:66:a4:ab:ac:e5:22:fa:8e:35:d1:f0:3a:bd:3a: c8:2c:db:a9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QjQ5MjExMC8GA1UEBRMoNDBFNEJEMzZBRTE1MDc3RkU1OTk4NUQxMzcwRDVENjQ2 NzBBODhEOTAeFw0yNTA2MTMwNjQwMDNaFw0yNTA2MjAwNjQwMDJaMBgxFjAUBgNV BAMTDTY4NGJjN2MzLWNkNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDg4PubZdZmziGZrut+YhUKzIeZaawR32XedrLOLP0nX6h0iTHSgDcVu0yh4GLJ 5rNHiIo4svWbqx2wzpw4zcVbg0ikO1zE6WxDlAYk0iHBEd4sye36w0QRn+kCw+is Vams/i1E8nH8n6cBsHSyAVZINCr4Wtw1hhd22O8HPi0p6NCILHz74W6/jOff839e +N7N1cRiLU521/FAcoTxewGalbTXHIDfrLKd/y4wxyGs1xqvPQLY4V8YzkXZa+La B8mU/nnKZnJ/WtGbPmzk9VB4j5MGN71uIs7+R0koYGaLvBNAxSa/YO3MzjeYRFgX bzG22qQH3FrQ17d6R7uJe4rDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWFreP9hT tdbwHZjr6t68/QtDdcQwHwYDVR0jBBgwFoAUQOS9Nq4VB3/lmYXRNw1dZGcKiNkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCNDkyLzJDMEIzMkQ4MDkz NjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNfbG1ZWFJOdzFkWkdjS2lO ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUU9TOU5xNFZCM19sbVlYUk53MWRaR2NLaU5rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJC NDkyLzJDMEIzMkQ4MDkzNjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNf bG1ZWFJOdzFkWkdjS2lOay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAENOT7/pCEzzHOVC07VhrbQhiGVuwpjqXVa9uK5iDptDL2YijgUIq1ih jqZW+g0nD4j/hHS0SPV8TzWyMNDfc66NWRojIHKtRlUIvxtT2hl67Gs8MIHYVRVe rgdGabmlsCYuI/x6ffwSLG36IE2sQanR7FQ47lyAn6GRoC2AgXsCvSBxmwDMX/b1 /l9SdJu4chbk5G/LmuI5QQ3N7XtRN49G2pM+vK8bWjDEgS56PDd7I6Cy6f6Ra3XK NI4+bzLtZR8pSqJp/kzCAzcZCeZSYcLBWDDwGzO4pT5C+axSPUSH4WqQJo/ohpsC U4ncX6hmpKus5SL6jjXR8Dq9Osgs26k= -----END CERTIFICATE-----Generated at Sun Jun 15 08:29:06 2025 by rpki-client