$ rpki-client -vvf rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.mft File: QLjSLvI7N7C55T88ThDWrj64qZ8.mft (raw, json) Hash identifier: UXYRAPWjVIirR6kxKMpzGFWkAaiTbCnDgAkK63fFgBI= Subject key identifier: 0D:C6:06:E9:69:63:0E:BC:D0:4C:5C:C2:4C:D8:68:CB:D5:4D:F5:50 Authority key identifier: 40:B8:D2:2E:F2:3B:37:B0:B9:E5:3F:3C:4E:10:D6:AE:3E:B8:A9:9F Certificate issuer: /CN=A91E689D/serialNumber=40B8D22EF23B37B0B9E53F3C4E10D6AE3EB8A99F Certificate serial: 3479 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.mft Manifest number: 3475 Signing time: Thu 24 Apr 2025 15:01:43 +0000 Manifest this update: Thu 24 Apr 2025 15:01:43 +0000 Manifest next update: Thu 01 May 2025 15:01:43 +0000 Files and hashes: 1: QLjSLvI7N7C55T88ThDWrj64qZ8.crl (hash: jGagZNKuNCUYBuXuOEMfRzdHbWxyOHVKw7BnI1m/3J4=) 2: 3773AC0C8B6111EFA3A49037C4F9AE02.roa (hash: wrgTGY4Zg1HcHZCDO+hkBCrj/kSRgwBrHyd97B10p9I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.crl rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13433 (0x3479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E689D, serialNumber=40B8D22EF23B37B0B9E53F3C4E10D6AE3EB8A99F Validity Not Before: Apr 24 15:01:43 2025 GMT Not After : May 1 15:01:43 2025 GMT Subject: CN=680a5257-3c6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:5c:5d:ce:73:aa:fa:d8:e7:64:0e:6c:68:62: 44:0d:46:74:66:49:73:dc:7f:3a:72:5e:80:14:be: ff:59:ae:52:c4:29:55:15:d3:81:a5:00:29:99:1e: 3c:40:4f:cc:a0:03:97:e4:7a:62:b6:a9:b5:65:2d: ac:a4:50:a5:e9:8f:c2:aa:d4:e9:4f:ff:1f:29:85: 1b:2c:b4:e1:01:32:75:42:ed:51:c5:5c:92:ad:90: 4a:97:b8:61:32:24:86:d0:56:7a:9b:81:5b:37:d9: 19:a7:cf:21:38:57:9d:ff:5b:2c:8d:a1:d5:d7:1f: b9:f2:64:26:0b:c2:0d:ed:2e:92:49:aa:23:cd:ec: 2f:4f:34:7e:b8:8d:65:78:3e:7f:02:35:7a:72:38: be:2a:97:f1:bf:83:ea:7f:5a:aa:9d:b7:93:b4:b5: 94:68:08:ad:f5:aa:3b:db:88:4b:f7:aa:0d:26:7f: 29:dd:ea:84:6c:30:21:14:15:81:16:af:2e:2d:7f: a4:22:79:bb:15:1e:2a:bb:92:84:44:15:e3:01:83: 36:f6:f8:fc:2b:f3:13:fb:e6:33:95:a9:b2:e3:13: 07:f9:51:ca:e3:0f:ca:cc:60:91:c4:29:9f:d2:b6: 95:d2:cd:f8:1d:cd:63:ec:ec:4b:2d:81:98:2b:7d: e0:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:C6:06:E9:69:63:0E:BC:D0:4C:5C:C2:4C:D8:68:CB:D5:4D:F5:50 X509v3 Authority Key Identifier: keyid:40:B8:D2:2E:F2:3B:37:B0:B9:E5:3F:3C:4E:10:D6:AE:3E:B8:A9:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QLjSLvI7N7C55T88ThDWrj64qZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E689D/C7C63DA81D9E11E283CEFA8E08B02CD2/QLjSLvI7N7C55T88ThDWrj64qZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:38:8d:18:1a:09:04:9f:57:04:3d:ae:de:1a:3a:8b:8b:9e: 7e:64:f7:4c:45:93:bc:2b:e6:09:80:ab:db:09:ef:a8:44:d7: 8a:af:6e:20:61:6d:51:0e:4f:fb:9a:50:8f:a5:ad:6f:e6:68: 15:7a:e0:62:02:ce:6b:a0:f0:56:cb:80:5d:19:b5:9f:43:29: b9:6f:b2:26:8f:c3:6b:68:da:40:1c:b2:de:05:1c:8d:d5:7e: 6f:df:be:9e:53:18:ed:0f:68:67:eb:ee:41:f8:b2:fb:1d:76: 39:8a:bb:7f:5c:28:f3:09:8a:82:80:47:1a:19:79:5e:7c:40: 9f:b2:24:c9:22:88:a4:7a:b3:a8:8c:ef:c2:28:81:f9:a3:ea: 76:47:fc:af:4d:ff:c6:ee:e8:85:1e:96:3f:3b:04:ac:84:f9: 68:58:29:00:0d:8f:c4:c5:9a:fb:47:be:3e:4f:13:4e:b2:e3: a0:ed:02:5b:b3:29:af:72:b7:c3:4a:b0:c5:29:16:be:91:b6: 05:8a:a4:a1:36:3e:93:26:2b:26:d9:ac:2e:31:34:f2:f9:dd: cd:56:78:0f:48:d6:66:64:2f:83:13:4c:2c:36:9b:b5:6d:32: 1a:0c:56:c5:72:44:78:d8:dd:21:19:1f:eb:f2:90:36:43:60: 0e:d3:15:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4OUQxMTAvBgNVBAUTKDQwQjhEMjJFRjIzQjM3QjBCOUU1M0YzQzRFMTBENkFF M0VCOEE5OUYwHhcNMjUwNDI0MTUwMTQzWhcNMjUwNTAxMTUwMTQzWjAYMRYwFAYD VQQDEw02ODBhNTI1Ny0zYzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq1xdznOq+tjnZA5saGJEDUZ0Zklz3H86cl6AFL7/Wa5SxClVFdOBpQApmR48 QE/MoAOX5Hpitqm1ZS2spFCl6Y/CqtTpT/8fKYUbLLThATJ1Qu1RxVySrZBKl7hh MiSG0FZ6m4FbN9kZp88hOFed/1ssjaHV1x+58mQmC8IN7S6SSaojzewvTzR+uI1l eD5/AjV6cji+Kpfxv4Pqf1qqnbeTtLWUaAit9ao724hL96oNJn8p3eqEbDAhFBWB Fq8uLX+kInm7FR4qu5KERBXjAYM29vj8K/MT++Yzlamy4xMH+VHK4w/KzGCRxCmf 0raV0s34Hc1j7OxLLYGYK33gOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA3GBulp Yw680ExcwkzYaMvVTfVQMB8GA1UdIwQYMBaAFEC40i7yOzewueU/PE4Q1q4+uKmf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg5RC9DN0M2M0RBODFE OUUxMUUyODNDRUZBOEUwOEIwMkNEMi9RTGpTTHZJN043QzU1VDg4VGhEV3JqNjRx WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FMalNMdkk3TjdDNTVUODhUaERXcmo2NHFaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg5RC9DN0M2M0RBODFEOUUxMUUyODNDRUZBOEUwOEIwMkNEMi9RTGpTTHZJN043 QzU1VDg4VGhEV3JqNjRxWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWOI0YGgkEn1cEPa7eGjqLi55+ZPdMRZO8K+YJgKvbCe+oRNeKr24g YW1RDk/7mlCPpa1v5mgVeuBiAs5roPBWy4BdGbWfQym5b7Imj8NraNpAHLLeBRyN 1X5v376eUxjtD2hn6+5B+LL7HXY5irt/XCjzCYqCgEcaGXlefECfsiTJIoikerOo jO/CKIH5o+p2R/yvTf/G7uiFHpY/OwSshPloWCkADY/ExZr7R74+TxNOsuOg7QJb symvcrfDSrDFKRa+kbYFiqShNj6TJism2awuMTTy+d3NVngPSNZmZC+DE0wsNpu1 bTIaDFbFckR42N0hGR/r8pA2Q2AO0xVn -----END CERTIFICATE-----Generated at Sat Apr 26 04:27:04 2025 by rpki-client