$ rpki-client -vvf rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft File: QN1mK29ul7NNO3WoAH3lOI2SclM.mft (raw, json) Hash identifier: VgsABbftPnQ36CS72OiHkzELt4uZopYj6+LHqXaPLEM= Subject key identifier: FA:5B:74:8E:F3:DE:81:D7:BA:51:F0:E6:D7:40:00:2B:12:AA:7B:1E Authority key identifier: 40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 Certificate issuer: /CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Certificate serial: 0645 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft Manifest number: 063E Signing time: Sat 10 May 2025 22:13:11 +0000 Manifest this update: Sat 10 May 2025 22:13:11 +0000 Manifest next update: Sat 17 May 2025 22:13:11 +0000 Files and hashes: 1: QN1mK29ul7NNO3WoAH3lOI2SclM.crl (hash: lWK8waDB359ynLjKbML6ax+wcTstl0V9yQ7dHMZ1njo=) 2: 85613B4E8C8411EBB68DD829C4F9AE02.roa (hash: 9fks3NvnHOVB0kb3Kc99MGLGUTLgUhxpBqtGNsXU3KQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1605 (0x645) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CF44, serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Validity Not Before: May 10 22:13:11 2025 GMT Not After : May 17 22:13:11 2025 GMT Subject: CN=681fcf77-5769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:64:dd:ff:df:5b:2f:90:77:5b:55:26:06:60: e8:f7:28:84:64:5a:8b:ca:a3:20:51:90:0f:dd:10: cb:5f:1f:e9:0a:2d:41:86:57:b2:03:b5:be:c4:e4: 3e:40:14:0a:41:93:bb:c6:97:34:ba:6d:8e:82:5b: a0:b6:c5:29:e2:68:24:ec:0b:f8:ac:cf:80:73:06: e9:d8:b3:34:06:25:5d:8d:e4:aa:23:3d:18:be:6d: ee:03:0f:bb:06:35:7c:50:24:a2:44:52:45:1e:27: fe:6f:4d:5f:04:82:c8:03:c2:b0:19:44:98:bb:1c: d2:6b:37:b5:b1:31:e7:8c:f2:ca:8e:3c:4e:9b:7f: 20:c6:d0:89:3d:7b:f0:3f:9a:4b:30:cc:1a:8c:9e: 0d:43:2f:43:3a:ee:d2:39:b0:a2:66:70:e8:6f:e8: 4c:e0:50:b7:ca:e8:ea:c8:92:8e:2d:fe:b0:1d:cc: 78:64:30:fb:8a:4a:62:da:24:11:79:23:0f:5a:ac: 3c:fc:99:be:7c:68:6e:d9:45:9e:49:f1:b1:fe:bd: 8e:36:bb:14:cb:39:3e:0a:70:3c:85:3b:cc:ca:30: c7:4b:ad:77:44:f7:8c:4c:39:b8:ec:23:ab:b0:16: a4:1b:e9:e1:22:82:d4:25:dd:5f:8c:f3:80:c2:8b: 15:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:5B:74:8E:F3:DE:81:D7:BA:51:F0:E6:D7:40:00:2B:12:AA:7B:1E X509v3 Authority Key Identifier: keyid:40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:b1:5a:a0:2c:aa:4e:52:c1:39:86:56:df:4f:0f:b5:1f:2d: dc:08:9b:0f:98:68:be:6a:72:38:38:26:0e:36:2a:c4:03:ce: 9f:c3:49:3d:3a:7d:4c:e1:8f:19:d8:f4:e0:aa:59:e7:fd:c1: c8:af:8b:3f:94:9d:75:93:fe:8c:32:86:a4:ce:7c:22:ea:47: 9d:d1:b2:5e:d6:c4:05:6a:2f:58:82:21:b6:62:ee:cc:00:c9: d3:86:bd:d1:dc:9e:50:f5:ed:63:72:f9:c2:02:34:e3:d7:fd: a8:0b:61:ce:11:e1:3f:7b:1a:b5:da:c2:a1:aa:10:e2:b7:38: 00:29:cd:7a:4f:d2:da:70:b7:3b:66:1c:9b:0a:06:a1:57:6f: 43:45:fb:a0:0c:7e:da:05:c4:a9:ec:e4:70:1f:8f:3d:65:06: 5f:ed:71:bb:63:ff:8e:4b:43:ec:4f:d7:28:98:18:09:d9:fe: 50:cd:31:ff:54:a9:02:06:94:c1:76:32:34:c9:41:29:a0:07: a1:21:d5:6e:6b:10:88:81:82:cd:ed:14:c2:51:3b:6f:57:87: d6:7d:fc:68:de:02:59:cd:22:34:6e:5f:7a:26:e1:2b:cc:66: 1f:87:73:ec:65:e5:2b:12:4e:65:91:46:6a:2c:47:42:26:b1: 66:39:ec:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNGNDQxMTAvBgNVBAUTKDQwREQ2NjJCNkY2RTk3QjM0RDNCNzVBODAwN0RFNTM4 OEQ5MjcyNTMwHhcNMjUwNTEwMjIxMzExWhcNMjUwNTE3MjIxMzExWjAYMRYwFAYD VQQDEw02ODFmY2Y3Ny01NzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs2Td/99bL5B3W1UmBmDo9yiEZFqLyqMgUZAP3RDLXx/pCi1BhleyA7W+xOQ+ QBQKQZO7xpc0um2OglugtsUp4mgk7Av4rM+Acwbp2LM0BiVdjeSqIz0Yvm3uAw+7 BjV8UCSiRFJFHif+b01fBILIA8KwGUSYuxzSaze1sTHnjPLKjjxOm38gxtCJPXvw P5pLMMwajJ4NQy9DOu7SObCiZnDob+hM4FC3yujqyJKOLf6wHcx4ZDD7ikpi2iQR eSMPWqw8/Jm+fGhu2UWeSfGx/r2ONrsUyzk+CnA8hTvMyjDHS613RPeMTDm47COr sBakG+nhIoLUJd1fjPOAwosVRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPpbdI7z 3oHXulHw5tdAACsSqnseMB8GA1UdIwQYMBaAFEDdZitvbpezTTt1qAB95TiNknJT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0Y0NC82Njc3QkVCNjhD ODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3Tk5PM1dvQUgzbE9JMlNj bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOMW1LMjl1bDdOTk8zV29BSDNsT0kyU2NsTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0Y0NC82Njc3QkVCNjhDODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3 Tk5PM1dvQUgzbE9JMlNjbE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfsVqgLKpOUsE5hlbfTw+1Hy3cCJsPmGi+anI4OCYONirEA86fw0k9 On1M4Y8Z2PTgqlnn/cHIr4s/lJ11k/6MMoakznwi6ked0bJe1sQFai9YgiG2Yu7M AMnThr3R3J5Q9e1jcvnCAjTj1/2oC2HOEeE/exq12sKhqhDitzgAKc16T9LacLc7 ZhybCgahV29DRfugDH7aBcSp7ORwH489ZQZf7XG7Y/+OS0PsT9comBgJ2f5QzTH/ VKkCBpTBdjI0yUEpoAehIdVuaxCIgYLN7RTCUTtvV4fWffxo3gJZzSI0bl96JuEr zGYfh3PsZeUrEk5lkUZqLEdCJrFmOeys -----END CERTIFICATE-----Generated at Mon May 12 12:23:34 2025 by rpki-client