$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft File: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft (raw, json) Hash identifier: Jw7fjnEUjNglbluNuIrhxuJjCl8eG5QESmHOnmpSmFA= Subject key identifier: 13:B7:87:A9:65:90:40:25:80:51:13:71:FA:9E:C8:E6:51:F8:1C:88 Authority key identifier: 40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 Certificate issuer: /CN=A91BB492/serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Certificate serial: 12 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft Manifest number: 12 Signing time: Fri 25 Apr 2025 07:02:37 +0000 Manifest this update: Fri 25 Apr 2025 07:02:37 +0000 Manifest next update: Fri 02 May 2025 07:02:36 +0000 Files and hashes: 1: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl (hash: BpNZBclsAweVHsFPIe+VloA/Io/UaMXXxmfHeX0H088=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB492, serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Validity Not Before: Apr 25 07:02:37 2025 GMT Not After : May 2 07:02:36 2025 GMT Subject: CN=680b338d-015d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:68:c2:15:50:86:6c:75:cf:a6:b6:b7:88:90: 8c:d4:9a:8a:ec:c8:01:2c:66:d6:82:20:5f:5f:c2: 27:e5:9c:7d:2b:6b:aa:5f:12:fb:6d:f7:3c:d4:f4: 82:cd:f3:b2:1a:fd:3d:e7:6b:9a:b4:99:23:b8:19: a9:0b:82:62:16:20:04:5a:c5:af:5a:e9:88:bd:87: 03:c8:82:d4:57:f8:2c:07:d1:9d:19:79:1c:a0:49: fc:9c:e8:e8:d8:59:53:69:cd:ee:ca:d2:3a:d5:98: 60:1a:7b:56:23:d5:27:14:26:1c:52:d0:6c:de:52: 8f:c7:2a:34:03:06:c5:db:de:d5:43:68:94:a1:f1: e0:de:8e:2a:e5:d1:a3:b0:da:ef:80:30:83:99:8b: c1:c4:11:82:fc:8f:09:23:0d:63:f0:ae:3f:bb:73: 7d:45:e1:c1:4d:b2:13:97:98:23:a3:60:a9:e0:45: 4c:7b:a9:7f:bc:70:44:a2:4e:f7:af:74:25:fc:98: 40:7d:aa:d4:45:5f:77:4d:72:67:e8:a5:fd:f8:87: 58:db:a3:71:f0:75:76:65:b2:d4:9b:32:57:8a:fd: c6:32:fd:e7:33:e1:b4:5b:0f:76:05:fa:52:50:8a: 86:ea:c3:99:60:79:e6:4f:26:d2:0b:dc:da:69:80: 42:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:B7:87:A9:65:90:40:25:80:51:13:71:FA:9E:C8:E6:51:F8:1C:88 X509v3 Authority Key Identifier: keyid:40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:f2:85:34:dc:3f:57:06:5b:8f:ca:ce:b5:98:c1:fd:fe:66: d2:39:38:7a:d0:fe:2f:ce:26:65:4c:aa:85:50:19:fb:94:da: df:f7:3f:16:dd:ec:3e:27:da:52:4e:80:72:85:15:89:46:54: 8b:ac:0f:45:7a:a2:cb:c2:25:20:1f:7a:bf:ac:16:7c:92:cf: 49:86:7e:06:c4:8d:88:d2:52:22:97:f7:06:ca:42:a0:7d:43: d2:86:bc:31:46:93:db:f1:03:e1:f2:99:ba:a4:73:c6:9e:25: f1:53:cf:c4:eb:43:03:27:55:b7:90:8d:d8:97:ad:37:02:5f: 0a:27:fc:d8:d0:40:45:77:93:1e:49:88:03:62:36:72:f2:e3: 89:a4:ec:71:d2:07:af:2e:d7:93:2a:60:93:7f:71:de:b5:34: 44:da:74:a1:03:91:b3:08:4e:b1:e7:81:98:6a:dd:28:18:9a: 9b:89:a7:de:c0:bd:e6:a5:65:2a:9c:b2:06:18:ae:5f:f3:c1: d2:28:e8:57:41:66:99:c4:4c:ce:f6:8c:dd:4e:ff:dc:3e:94: 8d:bc:11:b0:a9:01:7f:9b:e4:17:db:1e:55:04:68:9b:1d:08: a2:43:3c:33:9c:e1:33:88:09:35:1b:25:dd:57:4b:a2:d2:f4: a1:3d:ee:13 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QjQ5MjExMC8GA1UEBRMoNDBFNEJEMzZBRTE1MDc3RkU1OTk4NUQxMzcwRDVENjQ2 NzBBODhEOTAeFw0yNTA0MjUwNzAyMzdaFw0yNTA1MDIwNzAyMzZaMBgxFjAUBgNV BAMTDTY4MGIzMzhkLTAxNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBaMIVUIZsdc+mtreIkIzUmorsyAEsZtaCIF9fwiflnH0ra6pfEvtt9zzU9ILN 87Ia/T3na5q0mSO4GakLgmIWIARaxa9a6Yi9hwPIgtRX+CwH0Z0ZeRygSfyc6OjY WVNpze7K0jrVmGAae1Yj1ScUJhxS0GzeUo/HKjQDBsXb3tVDaJSh8eDejirl0aOw 2u+AMIOZi8HEEYL8jwkjDWPwrj+7c31F4cFNshOXmCOjYKngRUx7qX+8cESiTvev dCX8mEB9qtRFX3dNcmfopf34h1jbo3HwdXZlstSbMleK/cYy/ecz4bRbD3YF+lJQ iobqw5lgeeZPJtIL3NppgELJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUE7eHqWWQ QCWAURNx+p7I5lH4HIgwHwYDVR0jBBgwFoAUQOS9Nq4VB3/lmYXRNw1dZGcKiNkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCNDkyLzJDMEIzMkQ4MDkz NjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNfbG1ZWFJOdzFkWkdjS2lO ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUU9TOU5xNFZCM19sbVlYUk53MWRaR2NLaU5rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJC NDkyLzJDMEIzMkQ4MDkzNjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNf bG1ZWFJOdzFkWkdjS2lOay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADPyhTTcP1cGW4/KzrWYwf3+ZtI5OHrQ/i/OJmVMqoVQGfuU2t/3Pxbd 7D4n2lJOgHKFFYlGVIusD0V6osvCJSAfer+sFnySz0mGfgbEjYjSUiKX9wbKQqB9 Q9KGvDFGk9vxA+Hymbqkc8aeJfFTz8TrQwMnVbeQjdiXrTcCXwon/NjQQEV3kx5J iANiNnLy44mk7HHSB68u15MqYJN/cd61NETadKEDkbMITrHngZhq3SgYmpuJp97A vealZSqcsgYYrl/zwdIo6FdBZpnETM72jN1O/9w+lI28EbCpAX+b5BfbHlUEaJsd CKJDPDOc4TOICTUbJd1XS6LS9KE97hM= -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:21 2025 by rpki-client