$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: mtfEQMp7ylU6l/+PEqZTjg7P5OsrVecSS1ZvBj6JQ18= Subject key identifier: C6:8A:85:0F:7E:F1:57:E0:69:BB:45:47:44:25:E6:BE:2A:63:1F:8E Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2199 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 215E Signing time: Thu 24 Apr 2025 15:57:10 +0000 Manifest this update: Thu 24 Apr 2025 15:57:10 +0000 Manifest next update: Thu 01 May 2025 15:57:10 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: k3cZDg9pgH1GintMZSQXYAFZT3QYxZ9txIDLE/5E+Yo=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 9: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:57:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8601 (0x2199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Apr 24 15:57:10 2025 GMT Not After : May 1 15:57:10 2025 GMT Subject: CN=680a5f56-43b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9f:02:6e:0d:93:2b:1f:fd:af:17:e3:a5:17: 81:8f:29:17:d8:be:fe:7d:ba:32:9a:da:47:1d:28: 40:3b:c7:88:b5:ad:b9:9f:17:db:10:78:9e:c1:a8: 11:7c:70:12:61:d8:0e:7c:1f:5f:2d:32:71:41:a5: 9c:72:eb:2a:75:9e:df:a5:2b:5f:02:21:ce:81:eb: ee:7f:fe:54:2a:56:51:1d:1f:7e:0f:f3:15:f4:25: c2:ad:46:34:d6:63:00:ff:24:17:cb:9a:13:db:0a: 4b:bb:c1:26:66:11:f4:82:13:3d:77:91:7b:53:f0: 6e:3d:0d:2e:48:34:53:00:06:c8:5a:d4:5d:de:4e: b6:1c:30:51:d9:0d:c3:bd:bb:26:bb:32:28:99:3d: cc:bc:d7:1b:21:b0:e7:84:2f:a7:12:4c:58:c9:d0: e7:cc:b8:2d:5d:fb:1f:53:f7:99:bb:85:57:19:82: 7c:f9:4f:a2:63:32:e3:94:b7:84:bb:bf:ff:e1:f3: 8a:aa:b1:7c:c8:3a:6e:a1:99:f0:fe:5c:53:9c:d4: 8d:c9:74:1c:34:44:93:23:59:33:ac:fe:42:b6:df: 52:86:57:47:fb:93:74:27:90:bb:70:b6:36:0e:ac: 51:b8:42:94:81:9f:6c:fd:ff:54:5f:fd:9b:65:a7: 5b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:8A:85:0F:7E:F1:57:E0:69:BB:45:47:44:25:E6:BE:2A:63:1F:8E X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:22:f6:00:a8:46:b3:75:3e:a9:5f:e0:35:4d:74:30:e1:66: 9b:e3:8d:95:77:de:d2:f3:4f:1c:f3:8d:ca:d5:b2:ea:db:cb: fb:5c:57:92:e1:4d:1b:fd:42:1c:82:d0:63:53:14:21:0b:b8: b3:2f:1d:b6:8e:a1:e6:14:76:1c:da:53:a7:ab:d8:aa:1e:5b: 8d:f4:3d:52:65:d6:fb:b2:e0:b3:b0:6a:f6:61:fd:0f:8a:ae: 2b:dd:c3:d1:6d:e7:8f:46:d4:a5:5b:3d:47:94:2c:b4:a7:1b: 9b:27:4e:16:f0:6d:5d:76:94:0f:5e:4c:76:4b:4f:f8:94:1f: b7:18:0b:90:f1:eb:71:1f:ed:57:e8:f7:3d:05:43:af:1e:e8: 88:8a:17:5e:42:2c:4b:49:73:9d:87:08:36:0c:47:0e:0b:12: 0d:cf:ee:98:a8:32:83:06:46:4e:6a:74:c1:6c:f4:73:04:f9: 4d:67:a7:1d:5a:99:e7:14:5e:ee:9f:73:62:79:4c:2d:39:56: 47:1a:e8:e5:52:8f:20:f0:7b:50:c2:64:ab:3c:1f:ba:57:56: 43:b1:1e:ad:48:5c:fa:82:0d:d8:52:e8:8c:f4:5d:16:31:28: 6f:09:8e:5f:30:e1:c2:b9:55:61:a3:75:fa:6c:e1:97:5c:4b: cd:58:5a:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNDI0MTU1NzEwWhcNMjUwNTAxMTU1NzEwWjAYMRYwFAYD VQQDEw02ODBhNWY1Ni00M2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu58Cbg2TKx/9rxfjpReBjykX2L7+fboymtpHHShAO8eIta25nxfbEHiewagR fHASYdgOfB9fLTJxQaWccusqdZ7fpStfAiHOgevuf/5UKlZRHR9+D/MV9CXCrUY0 1mMA/yQXy5oT2wpLu8EmZhH0ghM9d5F7U/BuPQ0uSDRTAAbIWtRd3k62HDBR2Q3D vbsmuzIomT3MvNcbIbDnhC+nEkxYydDnzLgtXfsfU/eZu4VXGYJ8+U+iYzLjlLeE u7//4fOKqrF8yDpuoZnw/lxTnNSNyXQcNESTI1kzrP5Ctt9ShldH+5N0J5C7cLY2 DqxRuEKUgZ9s/f9UX/2bZadbkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMaKhQ9+ 8VfgabtFR0Ql5r4qYx+OMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6IvYAqEazdT6pX+A1TXQw4Wab442Vd97S808c843K1bLq28v7XFeS 4U0b/UIcgtBjUxQhC7izLx22jqHmFHYc2lOnq9iqHluN9D1SZdb7suCzsGr2Yf0P iq4r3cPRbeePRtSlWz1HlCy0pxubJ04W8G1ddpQPXkx2S0/4lB+3GAuQ8etxH+1X 6Pc9BUOvHuiIihdeQixLSXOdhwg2DEcOCxINz+6YqDKDBkZOanTBbPRzBPlNZ6cd WpnnFF7un3NieUwtOVZHGujlUo8g8HtQwmSrPB+6V1ZDsR6tSFz6gg3YUuiM9F0W MShvCY5fMOHCuVVho3X6bOGXXEvNWFrp -----END CERTIFICATE-----Generated at Sat Apr 26 05:05:23 2025 by rpki-client