$ rpki-client -vvf rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft File: QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft (raw, json) Hash identifier: xXKukGN+JTPQacTxvN6m1EgxETLgHrtk4PadL4IcK7A= Subject key identifier: 42:EC:1E:32:06:52:CE:D8:3E:30:E9:F7:F2:F5:A9:AA:01:56:26:35 Authority key identifier: 40:3B:B7:B9:18:F9:15:4A:D8:2C:2A:D3:5A:EF:C0:AB:E8:D0:6A:DE Certificate issuer: /CN=A913631F/serialNumber=403BB7B918F9154AD82C2AD35AEFC0ABE8D06ADE Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft Manifest number: 42 Signing time: Thu 15 May 2025 06:44:03 +0000 Manifest this update: Thu 15 May 2025 06:44:02 +0000 Manifest next update: Thu 22 May 2025 06:44:02 +0000 Files and hashes: 1: QDu3uRj5FUrYLCrTWu_Aq-jQat4.crl (hash: wqQ6j9kl3NJu2u4rLvX67lYjqG8JG92CyXRvSXDwr34=) 2: CA9B891ACF1C11EF981F2F86C4F9AE02.roa (hash: DSiGqsj/wHYJqRQngYpUalsfP9r6Z3qaSue0LX+uo6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.crl rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 06:44:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913631F, serialNumber=403BB7B918F9154AD82C2AD35AEFC0ABE8D06ADE Validity Not Before: May 15 06:44:02 2025 GMT Not After : May 22 06:44:02 2025 GMT Subject: CN=68258d33-5a7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d7:51:ab:15:99:fa:5e:fb:66:b6:d6:9c:56: c3:67:0a:e0:44:3b:19:11:78:3b:66:4a:65:40:00: a5:a6:99:f8:16:40:98:18:e4:e2:00:e6:14:e8:1c: 0e:86:88:3e:3c:0e:81:e7:db:d4:31:76:d6:ce:9b: 9c:13:66:38:8b:60:e9:86:80:75:e7:cb:cc:15:58: 25:f7:12:f4:28:5c:c2:7f:a0:e8:30:50:d9:1b:a2: 1c:57:d6:25:17:c2:df:1b:e7:7b:31:84:ad:32:07: 60:3b:04:18:a3:51:15:a1:c1:dd:c5:8f:0f:ae:77: d2:f2:8a:6b:ac:5b:14:a0:7b:c8:87:4a:05:fb:cd: 4e:8f:b5:b8:14:e1:2a:3d:14:7f:1c:71:a2:a0:a1: 09:f7:07:b3:d7:66:d9:37:e8:31:65:7c:ad:37:19: b4:d2:84:2a:8f:0f:58:0f:9e:bf:5b:bb:6f:59:eb: ac:65:f4:0e:07:f4:e6:93:18:00:6b:88:3b:f2:79: 02:6c:2c:b8:72:fc:47:1b:69:5d:c3:b4:3f:8c:f6: f8:6c:67:35:ca:ac:fe:f8:58:af:7f:67:e3:94:4b: 23:a6:08:10:7f:2c:07:5f:55:ab:c7:70:77:8d:c9: 92:36:3b:ca:9e:13:d9:cc:77:51:a9:bd:44:ae:00: f6:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:EC:1E:32:06:52:CE:D8:3E:30:E9:F7:F2:F5:A9:AA:01:56:26:35 X509v3 Authority Key Identifier: keyid:40:3B:B7:B9:18:F9:15:4A:D8:2C:2A:D3:5A:EF:C0:AB:E8:D0:6A:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QDu3uRj5FUrYLCrTWu_Aq-jQat4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913631F/7B3F0B1CCF1C11EF81947F85C4F9AE02/QDu3uRj5FUrYLCrTWu_Aq-jQat4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:7b:ea:f1:3b:60:dc:4f:fd:f3:99:23:74:66:9f:81:ba:c2: 09:8f:af:52:bf:11:37:04:9a:6d:e4:91:84:15:d5:9a:b3:c0: 9b:0c:45:f0:a2:36:02:3b:b5:11:c0:ac:48:a2:67:3f:84:5b: 7f:2a:8f:4a:ff:79:2f:1e:bd:dc:76:8f:85:ab:64:3d:d8:b9: bf:6a:6e:13:75:9c:fd:01:ee:c6:59:47:a7:ac:f7:66:bc:43: 8a:49:df:c5:c8:49:ea:84:46:d2:5a:e6:0f:b4:4e:1c:66:c4: ac:37:3c:ff:45:1f:32:c3:d1:b3:e4:69:0b:60:7b:0f:98:bd: cd:65:e7:d0:1b:6c:1e:a6:f2:1a:7d:72:55:d9:e5:2e:d7:29: 0e:4e:57:26:7c:05:30:5a:cb:24:da:c2:1e:37:32:06:ab:3c: 19:b7:7d:c9:1b:d6:6a:b4:40:e5:e2:28:e9:50:6f:90:a6:7c: fe:75:80:26:db:89:6d:cd:29:66:bc:ee:a7:d8:8d:83:55:03: 2c:15:2d:60:7d:6a:e4:2b:bf:da:19:bb:a3:b4:f5:8b:9d:1a: b1:94:37:cd:01:04:b2:c8:45:6e:f8:47:f1:3a:c5:61:7c:8a: b7:95:5c:56:7e:d5:19:c4:a0:eb:d3:85:a7:d6:32:17:ed:e6: 80:6b:a3:6e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz NjMxRjExMC8GA1UEBRMoNDAzQkI3QjkxOEY5MTU0QUQ4MkMyQUQzNUFFRkMwQUJF OEQwNkFERTAeFw0yNTA1MTUwNjQ0MDJaFw0yNTA1MjIwNjQ0MDJaMBgxFjAUBgNV BAMTDTY4MjU4ZDMzLTVhN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDN11GrFZn6XvtmttacVsNnCuBEOxkReDtmSmVAAKWmmfgWQJgY5OIA5hToHA6G iD48DoHn29QxdtbOm5wTZjiLYOmGgHXny8wVWCX3EvQoXMJ/oOgwUNkbohxX1iUX wt8b53sxhK0yB2A7BBijURWhwd3Fjw+ud9LyimusWxSge8iHSgX7zU6PtbgU4So9 FH8ccaKgoQn3B7PXZtk36DFlfK03GbTShCqPD1gPnr9bu29Z66xl9A4H9OaTGABr iDvyeQJsLLhy/EcbaV3DtD+M9vhsZzXKrP74WK9/Z+OUSyOmCBB/LAdfVavHcHeN yZI2O8qeE9nMd1GpvUSuAPbdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQuweMgZS ztg+MOn38vWpqgFWJjUwHwYDVR0jBBgwFoAUQDu3uRj5FUrYLCrTWu/Aq+jQat4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2MzFGLzdCM0YwQjFDQ0Yx QzExRUY4MTk0N0Y4NUM0RjlBRTAyL1FEdTN1Umo1RlVyWUxDclRXdV9BcS1qUWF0 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUUR1M3VSajVGVXJZTENyVFd1X0FxLWpRYXQ0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2 MzFGLzdCM0YwQjFDQ0YxQzExRUY4MTk0N0Y4NUM0RjlBRTAyL1FEdTN1Umo1RlVy WUxDclRXdV9BcS1qUWF0NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALZ76vE7YNxP/fOZI3Rmn4G6wgmPr1K/ETcEmm3kkYQV1ZqzwJsMRfCi NgI7tRHArEiiZz+EW38qj0r/eS8evdx2j4WrZD3Yub9qbhN1nP0B7sZZR6es92a8 Q4pJ38XISeqERtJa5g+0ThxmxKw3PP9FHzLD0bPkaQtgew+Yvc1l59AbbB6m8hp9 clXZ5S7XKQ5OVyZ8BTBayyTawh43MgarPBm3fckb1mq0QOXiKOlQb5CmfP51gCbb iW3NKWa87qfYjYNVAywVLWB9auQrv9oZu6O09YudGrGUN80BBLLIRW74R/E6xWF8 ireVXFZ+1RnEoOvThafWMhft5oBro24= -----END CERTIFICATE-----Generated at Fri May 16 23:37:05 2025 by rpki-client