$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft File: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft (raw, json) Hash identifier: LvAURxuc7RFkRV+nsdTENIyDRNfSaPrhlD8PoGwp19c= Subject key identifier: A4:B9:A1:29:E2:E4:75:FD:F9:0C:A5:7E:F9:56:D4:BC:F4:41:36:01 Authority key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 Certificate issuer: /CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Certificate serial: 127B Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft Manifest number: 4709 Signing time: Sat 26 Apr 2025 14:20:58 +0000 Manifest this update: Sat 26 Apr 2025 14:20:57 +0000 Manifest next update: Sat 03 May 2025 14:20:57 +0000 Files and hashes: 1: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl (hash: 74BjDbsa18fPEIMLXPw3ABFo/lwIZdXZ79hufCqzjoI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:20:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4731 (0x127b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Validity Not Before: Apr 26 14:20:57 2025 GMT Not After : May 3 14:20:57 2025 GMT Subject: CN=680cebca-0886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7b:ae:97:e6:e1:88:01:ba:51:73:c1:8f:d9: b1:cb:ff:02:be:56:15:90:a7:3d:86:5f:13:ec:85: 67:93:69:40:00:90:07:43:57:7e:ac:b7:43:a8:05: 47:3e:2f:b8:42:71:ab:45:8c:8d:46:b9:32:9d:07: bf:d7:e6:df:3f:cb:19:e9:69:5f:cb:e1:30:aa:42: 6c:f4:56:bb:6c:ef:b9:77:41:26:f3:af:00:75:23: c6:48:a9:94:7f:ca:ae:7a:f2:9c:ae:81:88:26:78: a6:40:7b:82:e1:c4:62:a7:fc:20:bc:42:96:1d:9c: e7:ef:2f:dd:cd:d1:43:f6:f6:ec:ee:1b:7b:7b:9e: ed:ae:0a:b3:10:28:68:64:de:13:6b:93:3f:e5:54: f9:23:c6:d4:71:bb:bd:b2:f7:98:e9:22:62:08:d8: 1f:0c:a1:48:19:df:fd:bf:b5:48:6d:5c:17:83:86: a6:9a:92:8b:6f:b6:ce:a5:9f:45:3c:6c:b1:d4:ab: 04:d7:6f:8b:ea:54:b2:45:c9:02:77:e2:fe:2b:32: 96:bf:0b:8b:b3:03:bd:97:37:5d:3a:95:b1:47:39: fb:ba:82:f3:55:97:90:cc:85:f8:2d:69:4a:8a:da: d7:26:93:9a:be:2b:d0:fa:25:22:76:d2:18:eb:c3: 3f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:B9:A1:29:E2:E4:75:FD:F9:0C:A5:7E:F9:56:D4:BC:F4:41:36:01 X509v3 Authority Key Identifier: keyid:41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:4b:fa:0d:10:e2:b2:83:2e:46:ef:fa:be:c4:f4:ad:3c:af: 49:7b:f3:88:62:19:8f:32:2e:86:83:94:09:4d:87:72:26:f4: 62:da:56:45:fc:7b:f9:02:e8:24:57:14:40:c3:b7:19:72:66: 12:32:66:10:5e:c5:b4:d5:4a:17:7f:86:b9:bc:f5:a7:7f:1c: 7d:c8:c2:1e:fc:3e:aa:63:6c:38:17:e3:af:eb:7c:90:76:98: 13:8f:cd:d8:9d:66:c6:60:4d:72:8b:e2:df:aa:a7:6d:fc:b5: fd:40:d8:4f:46:f7:98:f3:52:32:05:3d:1b:c1:c7:ab:4e:aa: 90:cc:77:20:9c:10:a7:15:68:28:e9:b7:6a:91:69:7f:cb:89: a2:31:d7:fa:c1:47:3f:9c:c2:8a:f6:f4:3a:01:b2:ab:cd:89: 07:57:12:cf:db:28:e6:10:cc:97:82:b5:44:43:a2:d4:04:0d: 62:4b:1c:f0:6c:9c:f8:53:11:9a:99:46:99:da:6d:e9:f3:6a: 0a:ac:da:22:2d:95:f6:00:09:58:87:af:73:96:79:a9:8f:24: bd:b8:b2:9f:2d:c2:fe:53:10:d6:98:62:17:f7:d6:8e:ea:1b: 65:44:26:9d:04:99:21:9f:b1:80:60:e7:9d:d1:f9:90:a4:43: dd:09:f5:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVENjExMTAvBgNVBAUTKDQxNkQ2Q0Q2MDM5MEZCN0M5NkVENzlENzhDRTc2RjU0 QUZDRjQ0NTgwHhcNMjUwNDI2MTQyMDU3WhcNMjUwNTAzMTQyMDU3WjAYMRYwFAYD VQQDEw02ODBjZWJjYS0wODg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAznuul+bhiAG6UXPBj9mxy/8CvlYVkKc9hl8T7IVnk2lAAJAHQ1d+rLdDqAVH Pi+4QnGrRYyNRrkynQe/1+bfP8sZ6Wlfy+EwqkJs9Fa7bO+5d0Em868AdSPGSKmU f8quevKcroGIJnimQHuC4cRip/wgvEKWHZzn7y/dzdFD9vbs7ht7e57trgqzECho ZN4Ta5M/5VT5I8bUcbu9sveY6SJiCNgfDKFIGd/9v7VIbVwXg4ammpKLb7bOpZ9F PGyx1KsE12+L6lSyRckCd+L+KzKWvwuLswO9lzddOpWxRzn7uoLzVZeQzIX4LWlK itrXJpOavivQ+iUidtIY68M/YwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKS5oSni 5HX9+QylfvlW1Lz0QTYBMB8GA1UdIwQYMBaAFEFtbNYDkPt8lu1514znb1Svz0RY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQ2MS8yQTdDN0Q5ODFE NzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0zeVc3WG5Yak9kdlZLX1BS RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1FXMXMxZ09RLTN5VzdYblhqT2R2VktfUFJGZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUQ2MS8yQTdDN0Q5ODFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0z eVc3WG5Yak9kdlZLX1BSRmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqS/oNEOKygy5G7/q+xPStPK9Je/OIYhmPMi6Gg5QJTYdyJvRi2lZF /Hv5AugkVxRAw7cZcmYSMmYQXsW01UoXf4a5vPWnfxx9yMIe/D6qY2w4F+Ov63yQ dpgTj83YnWbGYE1yi+Lfqqdt/LX9QNhPRveY81IyBT0bwcerTqqQzHcgnBCnFWgo 6bdqkWl/y4miMdf6wUc/nMKK9vQ6AbKrzYkHVxLP2yjmEMyXgrVEQ6LUBA1iSxzw bJz4UxGamUaZ2m3p82oKrNoiLZX2AAlYh69zlnmpjyS9uLKfLcL+UxDWmGIX99aO 6htlRCadBJkhn7GAYOed0fmQpEPdCfW9 -----END CERTIFICATE-----Generated at Mon Apr 28 03:24:47 2025 by rpki-client