$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.mft File: Qql4rYPdXtKaTl3bYbVvExelpaQ.mft (raw, json) Hash identifier: 0ozJzYp9vfmUn1Qx7SKD7l9su/bh4ASwUEp2dr44reM= Subject key identifier: DD:5A:BB:B9:6C:AB:E8:87:60:F6:4F:D6:7F:04:BB:50:AE:3E:D9:C8 Authority key identifier: 42:A9:78:AD:83:DD:5E:D2:9A:4E:5D:DB:61:B5:6F:13:17:A5:A5:A4 Certificate issuer: /CN=A91D4803/serialNumber=42A978AD83DD5ED29A4E5DDB61B56F1317A5A5A4 Certificate serial: 0528 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qql4rYPdXtKaTl3bYbVvExelpaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.mft Manifest number: 0521 Signing time: Thu 24 Apr 2025 23:20:10 +0000 Manifest this update: Thu 24 Apr 2025 23:20:09 +0000 Manifest next update: Thu 01 May 2025 23:20:09 +0000 Files and hashes: 1: Qql4rYPdXtKaTl3bYbVvExelpaQ.crl (hash: o9Zifn6ti8dmR1WtzGerHA2IpcKO86PwU3KzExuI8kg=) 2: 2B1B8C92F9E511EBBB9B5D22C4F9AE02.roa (hash: hZNj0hXIhx7iHvLN1BguzuArYcQdXQGnTsHHjJIXTSA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.crl rsync://rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qql4rYPdXtKaTl3bYbVvExelpaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:20:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1320 (0x528) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4803, serialNumber=42A978AD83DD5ED29A4E5DDB61B56F1317A5A5A4 Validity Not Before: Apr 24 23:20:09 2025 GMT Not After : May 1 23:20:09 2025 GMT Subject: CN=680ac72a-b34e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:63:9c:04:7a:24:19:67:f7:ba:ff:7c:d3:e9: a0:0c:0d:87:0e:5e:da:47:9f:82:d5:86:bc:2a:c1: 71:98:a2:4c:5b:f0:75:3f:48:90:ea:39:02:fa:ed: d9:39:87:2e:d6:71:5a:03:76:da:f5:84:f2:c0:4f: a1:28:a3:39:46:9b:3a:55:55:28:5b:e9:ec:3d:5f: 3a:a5:7c:cd:a2:60:48:57:84:93:a3:16:71:89:0d: 74:07:00:34:f8:92:38:c5:66:26:e2:e5:58:5b:65: 26:af:65:92:c5:08:58:7f:20:0f:ce:87:99:f9:f3: 5f:bb:85:cc:68:4d:e0:83:b9:a2:56:78:3c:bc:a4: ac:a2:42:b6:a4:a8:78:09:26:e4:15:b2:d3:18:08: 19:e2:71:c9:da:5f:6a:80:e6:c1:47:26:99:e3:a3: ba:11:d2:f1:ff:64:28:bd:1c:00:fd:27:9e:70:e6: 28:db:ce:4c:5c:a7:05:09:93:89:e3:fe:73:f9:53: e9:3d:8b:51:6b:dc:c9:e2:37:e3:68:f9:aa:eb:c4: 0b:6a:16:ae:46:e5:40:34:61:fd:25:11:b1:ec:4c: 3c:29:74:bd:7a:97:52:05:07:d9:42:aa:01:b8:64: 36:97:a9:ff:b7:1f:ea:ef:39:b8:5b:cb:65:1c:7e: 97:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:5A:BB:B9:6C:AB:E8:87:60:F6:4F:D6:7F:04:BB:50:AE:3E:D9:C8 X509v3 Authority Key Identifier: keyid:42:A9:78:AD:83:DD:5E:D2:9A:4E:5D:DB:61:B5:6F:13:17:A5:A5:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qql4rYPdXtKaTl3bYbVvExelpaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4803/80F034BEF9E111EBA32CE21BC4F9AE02/Qql4rYPdXtKaTl3bYbVvExelpaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:02:0b:e0:af:05:2b:52:a0:53:f0:0a:22:4c:6b:d7:59:55: c5:20:b6:63:2a:52:f9:9c:72:74:e9:24:ac:ae:7e:c4:89:7a: 97:4b:dc:b4:cc:3c:69:47:7a:a4:b6:f5:5f:f1:a6:83:8c:b3: 96:49:ff:e2:8b:c3:c0:6c:45:6f:d6:d9:95:c3:b9:b2:16:d4: b1:4d:71:a7:6c:45:09:16:3b:d9:07:5e:e3:c9:ab:ca:0e:54: 76:9a:63:17:b5:75:b6:54:ae:ac:9e:c6:47:89:a3:97:f8:a0: 88:be:86:6c:4e:01:09:88:9e:ae:67:f8:96:05:e4:ca:ba:c9: 9d:2f:fc:e7:ab:73:6f:3b:6f:25:42:d9:50:f8:1e:9c:16:2d: 6e:f0:0b:4b:b3:fb:7c:d9:a8:ae:15:94:49:e6:a5:96:47:91: b5:07:48:1f:a6:0d:62:52:23:7b:69:1c:a8:7e:d5:c8:4f:04: 3e:90:39:4c:b7:cf:1e:d4:a5:1e:87:1f:88:b6:ed:bb:7f:73: 15:6c:0c:70:c0:e5:6f:e7:b0:c8:45:dd:f3:58:4c:fb:cf:4b: 47:23:1c:33:c3:a6:f8:a2:27:db:ee:33:24:dd:75:55:99:18: 67:39:2c:de:02:2f:f0:9b:01:ed:b3:65:0c:0a:5e:f0:79:bb: ca:f4:35:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ4MDMxMTAvBgNVBAUTKDQyQTk3OEFEODNERDVFRDI5QTRFNUREQjYxQjU2RjEz MTdBNUE1QTQwHhcNMjUwNDI0MjMyMDA5WhcNMjUwNTAxMjMyMDA5WjAYMRYwFAYD VQQDEw02ODBhYzcyYS1iMzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3WOcBHokGWf3uv980+mgDA2HDl7aR5+C1Ya8KsFxmKJMW/B1P0iQ6jkC+u3Z OYcu1nFaA3ba9YTywE+hKKM5Rps6VVUoW+nsPV86pXzNomBIV4SToxZxiQ10BwA0 +JI4xWYm4uVYW2Umr2WSxQhYfyAPzoeZ+fNfu4XMaE3gg7miVng8vKSsokK2pKh4 CSbkFbLTGAgZ4nHJ2l9qgObBRyaZ46O6EdLx/2QovRwA/SeecOYo285MXKcFCZOJ 4/5z+VPpPYtRa9zJ4jfjaPmq68QLahauRuVANGH9JRGx7Ew8KXS9epdSBQfZQqoB uGQ2l6n/tx/q7zm4W8tlHH6X8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN1au7ls q+iHYPZP1n8Eu1CuPtnIMB8GA1UdIwQYMBaAFEKpeK2D3V7Smk5d22G1bxMXpaWk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDgwMy84MEYwMzRCRUY5 RTExMUVCQTMyQ0UyMUJDNEY5QUUwMi9RcWw0cllQZFh0S2FUbDNiWWJWdkV4ZWxw YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FxbDRyWVBkWHRLYVRsM2JZYlZ2RXhlbHBhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDgwMy84MEYwMzRCRUY5RTExMUVCQTMyQ0UyMUJDNEY5QUUwMi9RcWw0cllQZFh0 S2FUbDNiWWJWdkV4ZWxwYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzAgvgrwUrUqBT8AoiTGvXWVXFILZjKlL5nHJ06SSsrn7EiXqXS9y0 zDxpR3qktvVf8aaDjLOWSf/ii8PAbEVv1tmVw7myFtSxTXGnbEUJFjvZB17jyavK DlR2mmMXtXW2VK6snsZHiaOX+KCIvoZsTgEJiJ6uZ/iWBeTKusmdL/znq3NvO28l QtlQ+B6cFi1u8AtLs/t82aiuFZRJ5qWWR5G1B0gfpg1iUiN7aRyoftXITwQ+kDlM t88e1KUehx+Itu27f3MVbAxwwOVv57DIRd3zWEz7z0tHIxwzw6b4oifb7jMk3XVV mRhnOSzeAi/wmwHts2UMCl7webvK9DWC -----END CERTIFICATE-----Generated at Sat Apr 26 15:23:06 2025 by rpki-client