$ rpki-client -vvf rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.mft File: q-I6igEe0yhhVdpR9a14wbb8yT0.mft (raw, json) Hash identifier: gmiGjc0s05hXuuXRWr34fIbUF0RLy3Sn0XmYDyTTwVc= Subject key identifier: 74:4F:4F:D2:30:D6:25:D9:37:D1:07:D5:27:A4:55:E9:7F:67:5B:EE Authority key identifier: AB:E2:3A:8A:01:1E:D3:28:61:55:DA:51:F5:AD:78:C1:B6:FC:C9:3D Certificate issuer: /CN=A91DAAAF/serialNumber=ABE23A8A011ED3286155DA51F5AD78C1B6FCC93D Certificate serial: 016C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q-I6igEe0yhhVdpR9a14wbb8yT0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.mft Manifest number: 016A Signing time: Fri 25 Apr 2025 03:00:59 +0000 Manifest this update: Fri 25 Apr 2025 03:00:58 +0000 Manifest next update: Fri 02 May 2025 03:00:58 +0000 Files and hashes: 1: q-I6igEe0yhhVdpR9a14wbb8yT0.crl (hash: 8MfUVvpGpl6JPn3nHc1Y/zfLBT0jwSL95YDVn24TVYM=) 2: 34EEA87C040511EEA466E336C4F9AE02.roa (hash: 5uqHr9WzaI9hGdiEKRKQvARm6NgS6ujezLHWBDKu2RQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.crl rsync://rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q-I6igEe0yhhVdpR9a14wbb8yT0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 364 (0x16c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DAAAF, serialNumber=ABE23A8A011ED3286155DA51F5AD78C1B6FCC93D Validity Not Before: Apr 25 03:00:58 2025 GMT Not After : May 2 03:00:58 2025 GMT Subject: CN=680afaea-a42b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cf:09:18:b7:7e:b8:39:b6:b3:f5:a4:fe:a7: 8f:fa:1d:d5:6d:c2:7f:f5:ff:c1:81:26:04:ca:4f: e3:05:be:1b:bf:c9:38:b1:8f:3d:d8:79:37:d9:c5: d2:54:73:a6:f5:b6:33:a8:3f:2a:10:9a:f3:15:08: 01:cb:6e:29:6b:1e:13:b0:1c:b5:1e:11:d5:f0:63: ce:b5:de:b8:a0:bf:da:a9:68:27:6a:be:aa:c1:72: 46:25:ce:8d:ae:88:af:01:97:86:4e:03:ec:36:6d: 43:b1:e3:e4:cc:03:b4:11:4c:b4:57:76:45:b9:08: c3:e3:1c:42:79:79:cb:83:34:28:16:ea:b0:d8:55: cb:34:63:dd:fd:e3:a2:5d:ed:7d:c4:2d:ff:6d:de: 01:8f:10:86:b2:5f:e3:4f:74:8a:4c:ca:58:86:74: e7:86:ce:61:57:46:ec:15:ea:0a:ff:10:79:79:b9: 0d:d7:79:37:c0:68:f6:c1:ef:c9:89:d1:4f:d9:6d: e8:6a:68:8c:5d:4b:dd:9e:c9:4e:9f:cc:ab:90:f6: 8e:7e:dd:78:30:6a:b8:f4:70:ae:71:bf:6d:cb:fd: b4:53:de:e4:ae:ac:15:d4:16:d3:24:56:07:20:c2: 6f:3d:3e:81:b9:d7:98:68:76:e9:ff:00:34:e6:d6: 0a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:4F:4F:D2:30:D6:25:D9:37:D1:07:D5:27:A4:55:E9:7F:67:5B:EE X509v3 Authority Key Identifier: keyid:AB:E2:3A:8A:01:1E:D3:28:61:55:DA:51:F5:AD:78:C1:B6:FC:C9:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q-I6igEe0yhhVdpR9a14wbb8yT0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DAAAF/56B01DC0F85111EDA86FC820C4F9AE02/q-I6igEe0yhhVdpR9a14wbb8yT0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:44:42:4c:f4:63:89:e2:e9:66:24:fa:da:90:a5:bb:e4:7d: 62:69:78:08:d3:29:9f:07:e1:77:e2:cd:e0:fb:32:d5:87:4d: f5:16:ec:af:81:16:db:bb:97:2c:2c:67:18:d6:17:7a:69:6c: 90:3b:ac:64:de:42:85:c3:3d:7e:a3:dd:0c:75:4c:ab:ce:b8: 24:b5:b5:ab:b6:fa:02:f3:cf:99:4b:97:81:1c:c2:df:49:e5: 5a:88:f8:ee:89:7d:67:aa:18:93:e1:c3:9b:35:32:c4:22:1b: d3:cc:3a:68:ab:d7:28:9b:f1:4a:79:e1:29:01:be:77:2c:86: 2b:1f:85:cc:d1:eb:e1:0f:3e:01:53:f0:a7:8a:2c:10:50:e1: 93:60:ec:39:a3:f9:b3:39:ef:ae:f6:25:16:23:1a:c1:be:fe: bb:2b:4b:9f:b2:21:52:17:b9:d8:51:45:e0:e7:40:34:c4:6f: 1c:4e:15:56:e1:b5:fa:1e:4d:be:ab:9f:ff:de:70:a7:be:03: 07:87:b3:ba:49:59:cc:50:87:40:df:3a:a6:0d:4d:19:76:4e: 11:d7:52:39:0c:b5:bd:8f:a7:d0:60:8e:cb:26:2c:72:2e:5d: f9:53:09:f6:30:5a:17:96:02:5a:f6:94:08:73:77:de:03:97: 03:e7:b9:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REFBQUYxMTAvBgNVBAUTKEFCRTIzQThBMDExRUQzMjg2MTU1REE1MUY1QUQ3OEMx QjZGQ0M5M0QwHhcNMjUwNDI1MDMwMDU4WhcNMjUwNTAyMDMwMDU4WjAYMRYwFAYD VQQDEw02ODBhZmFlYS1hNDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw88JGLd+uDm2s/Wk/qeP+h3VbcJ/9f/BgSYEyk/jBb4bv8k4sY892Hk32cXS VHOm9bYzqD8qEJrzFQgBy24pax4TsBy1HhHV8GPOtd64oL/aqWgnar6qwXJGJc6N roivAZeGTgPsNm1DsePkzAO0EUy0V3ZFuQjD4xxCeXnLgzQoFuqw2FXLNGPd/eOi Xe19xC3/bd4BjxCGsl/jT3SKTMpYhnTnhs5hV0bsFeoK/xB5ebkN13k3wGj2we/J idFP2W3oamiMXUvdnslOn8yrkPaOft14MGq49HCucb9ty/20U97krqwV1BbTJFYH IMJvPT6BudeYaHbp/wA05tYKCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHRPT9Iw 1iXZN9EH1SekVel/Z1vuMB8GA1UdIwQYMBaAFKviOooBHtMoYVXaUfWteMG2/Mk9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQUFBRi81NkIwMURDMEY4 NTExMUVEQTg2RkM4MjBDNEY5QUUwMi9xLUk2aWdFZTB5aGhWZHBSOWExNHdiYjh5 VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3EtSTZpZ0VlMHloaFZkcFI5YTE0d2JiOHlUMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QUFBRi81NkIwMURDMEY4NTExMUVEQTg2RkM4MjBDNEY5QUUwMi9xLUk2aWdFZTB5 aGhWZHBSOWExNHdiYjh5VDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3REJM9GOJ4ulmJPrakKW75H1iaXgI0ymfB+F34s3g+zLVh031Fuyv gRbbu5csLGcY1hd6aWyQO6xk3kKFwz1+o90MdUyrzrgktbWrtvoC88+ZS5eBHMLf SeVaiPjuiX1nqhiT4cObNTLEIhvTzDpoq9com/FKeeEpAb53LIYrH4XM0evhDz4B U/CniiwQUOGTYOw5o/mzOe+u9iUWIxrBvv67K0ufsiFSF7nYUUXg50A0xG8cThVW 4bX6Hk2+q5//3nCnvgMHh7O6SVnMUIdA3zqmDU0Zdk4R11I5DLW9j6fQYI7LJixy Ll35Uwn2MFoXlgJa9pQIc3feA5cD57lG -----END CERTIFICATE-----Generated at Sat Apr 26 12:23:33 2025 by rpki-client