$ rpki-client -vvf rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft File: QELW5jee2AQkizYN7Zhe9_VlIBE.mft (raw, json) Hash identifier: gdN1/Cqa51NTJjxVYSH0bLGgTsvwCmYvlVJLGIjQe4I= Subject key identifier: 1E:7B:7C:8C:77:62:FD:92:70:81:18:24:6C:D3:CF:49:A3:7E:0E:64 Authority key identifier: 40:42:D6:E6:37:9E:D8:04:24:8B:36:0D:ED:98:5E:F7:F5:65:20:11 Certificate issuer: /CN=A9148465/serialNumber=4042D6E6379ED804248B360DED985EF7F5652011 Certificate serial: 0249 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft Manifest number: 0245 Signing time: Thu 03 Jul 2025 02:16:15 +0000 Manifest this update: Thu 03 Jul 2025 02:16:15 +0000 Manifest next update: Thu 10 Jul 2025 02:16:15 +0000 Files and hashes: 1: QELW5jee2AQkizYN7Zhe9_VlIBE.crl (hash: pMrZ99+own1LTB/XnaZteoVeG+jazlAlCqGDH7RiPVk=) 2: 7777513828C011EDBEC6D287C4F9AE02.roa (hash: KysVMiyZcH0HX0OV6c/BvTG9IGFmIflJ1zJN81z9Xf0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.crl rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:16:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 585 (0x249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148465, serialNumber=4042D6E6379ED804248B360DED985EF7F5652011 Validity Not Before: Jul 3 02:16:15 2025 GMT Not After : Jul 10 02:16:15 2025 GMT Subject: CN=6865e7ef-6290 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ad:04:bf:d3:0f:ae:40:13:36:b2:e1:5e:fe: 16:68:50:2c:c2:7b:a3:16:dc:90:f8:b5:42:4a:b2: 4c:9b:ef:ed:82:2b:b4:70:c0:13:cb:11:7a:6c:4d: 44:8c:30:82:3b:2d:9a:60:de:ad:fd:96:b7:3a:c1: 41:40:45:4b:bf:34:7f:9f:a0:f3:a4:a3:dd:31:17: c0:8d:6e:5c:62:d3:52:b6:b8:a3:71:0e:69:fa:72: cd:59:30:9c:60:84:f5:be:47:10:19:f6:ea:60:a7: 41:13:eb:03:b5:23:1d:02:39:87:3b:96:95:e9:52: 24:f3:38:be:68:4b:16:42:b5:6a:37:93:26:c2:82: b6:1d:a4:6a:4e:2e:af:37:d3:6f:e9:1b:08:d2:65: cf:a5:c5:2a:e0:68:91:e5:ab:7e:c0:15:70:3d:c6: 28:27:c3:e9:8f:5d:79:d1:29:fd:ab:a0:c1:24:50: 9a:28:c5:9a:62:5a:df:bb:cf:02:f6:36:62:79:f1: bd:d2:10:c8:08:fd:45:e2:11:17:9d:00:a7:de:2e: 79:fa:46:0a:a9:e1:e8:f0:de:cd:df:7e:12:23:79: 23:91:13:f3:2d:68:23:9d:56:64:da:a9:68:58:fc: 95:9b:d7:48:02:1f:43:af:fe:38:4f:5a:06:21:65: ad:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:7B:7C:8C:77:62:FD:92:70:81:18:24:6C:D3:CF:49:A3:7E:0E:64 X509v3 Authority Key Identifier: keyid:40:42:D6:E6:37:9E:D8:04:24:8B:36:0D:ED:98:5E:F7:F5:65:20:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QELW5jee2AQkizYN7Zhe9_VlIBE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148465/D60F027228BB11EDA59C3081C4F9AE02/QELW5jee2AQkizYN7Zhe9_VlIBE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:9a:9e:6a:d2:28:75:0b:a8:67:a3:52:4d:b5:d5:f9:bc:f8: f2:54:28:54:f8:55:08:2f:c1:ee:2e:ab:e7:9f:0e:3c:da:0d: db:01:ab:bb:1c:a9:03:80:c6:87:1a:ab:58:08:13:10:38:19: 88:f3:86:61:e2:d3:3c:5c:6a:f6:43:73:ea:66:22:3d:15:57: a0:75:d8:e6:e4:06:14:95:07:82:c5:04:40:3d:6b:b0:70:69: 9d:77:6b:c2:d8:12:54:48:6d:3a:08:13:f7:0c:ad:03:a4:9e: 55:57:d5:a8:d5:d3:2b:c0:74:03:b2:5c:59:73:ce:d3:39:87: b6:79:02:29:56:09:d3:00:aa:9e:a2:cc:39:c8:37:af:40:4e: d1:b5:3e:e8:9e:06:f3:27:13:cf:1d:1c:ba:20:94:f1:e8:aa: bd:7f:7a:fe:1e:4f:ac:5f:99:b1:25:24:ea:4e:e5:fd:e3:4a: 2d:45:d9:4e:01:55:b3:52:d4:2c:f8:89:bb:15:f6:80:41:58: f2:fc:0c:6f:5c:89:53:df:8a:0a:db:c2:00:33:6c:9c:78:13: 5b:d7:fa:2b:4b:5b:aa:fa:8c:af:0c:fe:26:bd:5e:a5:89:36: df:bb:80:66:d4:80:44:57:a1:8f:c6:5b:03:c9:65:d4:15:af: 02:80:8e:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDg0NjUxMTAvBgNVBAUTKDQwNDJENkU2Mzc5RUQ4MDQyNDhCMzYwREVEOTg1RUY3 RjU2NTIwMTEwHhcNMjUwNzAzMDIxNjE1WhcNMjUwNzEwMDIxNjE1WjAYMRYwFAYD VQQDEw02ODY1ZTdlZi02MjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsa0Ev9MPrkATNrLhXv4WaFAswnujFtyQ+LVCSrJMm+/tgiu0cMATyxF6bE1E jDCCOy2aYN6t/Za3OsFBQEVLvzR/n6DzpKPdMRfAjW5cYtNStrijcQ5p+nLNWTCc YIT1vkcQGfbqYKdBE+sDtSMdAjmHO5aV6VIk8zi+aEsWQrVqN5MmwoK2HaRqTi6v N9Nv6RsI0mXPpcUq4GiR5at+wBVwPcYoJ8Ppj1150Sn9q6DBJFCaKMWaYlrfu88C 9jZiefG90hDICP1F4hEXnQCn3i55+kYKqeHo8N7N334SI3kjkRPzLWgjnVZk2qlo WPyVm9dIAh9Dr/44T1oGIWWtGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB57fIx3 Yv2ScIEYJGzTz0mjfg5kMB8GA1UdIwQYMBaAFEBC1uY3ntgEJIs2De2YXvf1ZSAR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0ODQ2NS9ENjBGMDI3MjI4 QkIxMUVEQTU5QzMwODFDNEY5QUUwMi9RRUxXNWplZTJBUWtpellON1poZTlfVmxJ QkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FFTFc1amVlMkFRa2l6WU43WmhlOV9WbElCRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 ODQ2NS9ENjBGMDI3MjI4QkIxMUVEQTU5QzMwODFDNEY5QUUwMi9RRUxXNWplZTJB UWtpellON1poZTlfVmxJQkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAmp5q0ih1C6hno1JNtdX5vPjyVChU+FUIL8HuLqvnnw482g3bAau7 HKkDgMaHGqtYCBMQOBmI84Zh4tM8XGr2Q3PqZiI9FVegddjm5AYUlQeCxQRAPWuw cGmdd2vC2BJUSG06CBP3DK0DpJ5VV9Wo1dMrwHQDslxZc87TOYe2eQIpVgnTAKqe osw5yDevQE7RtT7ongbzJxPPHRy6IJTx6Kq9f3r+Hk+sX5mxJSTqTuX940otRdlO AVWzUtQs+Im7FfaAQVjy/AxvXIlT34oK28IAM2yceBNb1/orS1uq+oyvDP4mvV6l iTbfu4Bm1IBEV6GPxlsDyWXUFa8CgI43 -----END CERTIFICATE-----Generated at Fri Jul 4 15:05:44 2025 by rpki-client