$ rpki-client -vvf rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft File: QrsPPBhH5li75BQYSUzonOjjRIg.mft (raw, json) Hash identifier: /DNSBf2U36mOvdqaAc/QIDpANADXIjVhWSKhCLdK4OU= Subject key identifier: E9:73:54:ED:70:B1:82:B9:33:7C:FC:A8:55:10:E2:2A:37:2C:19:8C Authority key identifier: 42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 Certificate issuer: /CN=A9172506/serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Certificate serial: 9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft Manifest number: 9A Signing time: Tue 01 Jul 2025 07:05:16 +0000 Manifest this update: Tue 01 Jul 2025 07:05:16 +0000 Manifest next update: Tue 08 Jul 2025 07:05:16 +0000 Files and hashes: 1: QrsPPBhH5li75BQYSUzonOjjRIg.crl (hash: ehlqn+68IMM1l4mINktfKTzjGvvj1jkrOmnKSKvAQn4=) 2: DD75C9BC6EDF11EF90C49A5FC4F9AE02.roa (hash: ribPo1yuX+hIqHtl1PCEzGGO/yQznd+mDINBcQhxFF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:05:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 156 (0x9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172506, serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Validity Not Before: Jul 1 07:05:16 2025 GMT Not After : Jul 8 07:05:16 2025 GMT Subject: CN=686388ac-b4a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:d3:ea:95:9a:66:aa:84:0a:58:55:c6:f8:dd: bc:57:d2:a8:22:95:2f:47:2c:a3:a2:fa:a5:d6:1f: 95:7f:08:5d:92:9b:57:56:47:e7:ec:6b:25:c6:5e: 56:7a:3c:05:9c:7a:85:d6:9e:26:8a:c0:77:04:ff: 4d:61:fd:46:a8:dd:ca:2c:22:85:9d:76:d8:42:47: 76:0a:a8:52:dc:e5:5e:11:f4:a2:66:d2:9e:45:2d: 29:4c:77:bb:77:a2:30:e2:d7:99:bd:39:a0:84:cc: 02:84:d1:4c:96:92:d4:b2:56:f8:c7:96:66:f7:f8: eb:36:39:71:b7:df:94:3b:99:a0:8b:3f:c4:f7:9f: e4:5c:90:da:26:9a:88:d1:ea:20:8d:21:64:72:06: 86:8c:f5:59:77:1b:91:a2:44:e2:eb:a6:8d:76:94: 0c:48:ba:8c:52:74:75:5d:0d:e8:ee:3b:be:fd:d8: f1:72:c2:95:09:55:2f:fc:37:2e:bb:10:06:54:50: 16:ad:c7:2e:f1:e4:6d:e0:32:61:d5:82:89:df:e4: c5:75:a4:47:ce:15:68:9d:0d:58:13:55:dd:1a:47: c4:56:fc:b1:b1:5b:4f:8a:f4:0a:7a:da:4a:e3:51: 5f:87:19:8b:54:d4:00:a3:dc:3a:30:94:ae:21:02: 05:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:73:54:ED:70:B1:82:B9:33:7C:FC:A8:55:10:E2:2A:37:2C:19:8C X509v3 Authority Key Identifier: keyid:42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:6a:41:0a:4c:bb:d4:02:16:05:76:64:b9:2a:b3:16:ef:f6: 6a:a7:b6:7e:1b:7e:b5:dc:04:95:d4:a3:1e:33:e8:3c:ee:62: 8c:2b:d2:e9:e4:8c:de:cc:ed:06:89:4c:f8:66:cd:90:26:7b: 87:34:0f:31:d5:7e:fe:3f:ee:36:f4:ce:87:74:f8:91:e5:8d: ab:c1:16:77:19:dd:8a:86:7b:fc:e6:e2:b4:83:67:d5:d1:5b: 77:bc:db:23:df:af:60:03:1a:e6:2f:58:a4:45:f6:ef:01:91: 0c:e1:93:6d:f6:bc:8f:0a:c2:a4:ab:be:22:e7:9d:77:1d:20: ab:65:34:31:76:ed:f6:75:c7:99:fa:88:3e:05:3e:8a:0e:c5: 32:11:3a:22:4c:76:b3:61:fb:ad:a5:af:cd:d1:ff:cf:2d:88: ee:b3:1f:c1:d2:3c:3c:68:a2:1f:2f:aa:71:b6:6d:cc:08:d9: 67:35:12:65:31:0f:df:17:ab:e5:d7:b3:5d:18:c6:4d:7f:9d: db:95:c2:31:f7:60:8c:84:c0:59:f8:58:c0:bc:d9:04:19:1a: a7:da:5e:04:a6:90:c9:11:49:cd:b9:94:5a:b7:d7:de:75:66: c5:87:89:82:b9:d2:8b:d9:1b:32:5c:25:f2:ab:86:3d:76:17: 35:4b:4a:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzI1MDYxMTAvBgNVBAUTKDQyQkIwRjNDMTg0N0U2NThCQkU0MTQxODQ5NENFODlD RThFMzQ0ODgwHhcNMjUwNzAxMDcwNTE2WhcNMjUwNzA4MDcwNTE2WjAYMRYwFAYD VQQDEw02ODYzODhhYy1iNGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9dPqlZpmqoQKWFXG+N28V9KoIpUvRyyjovql1h+VfwhdkptXVkfn7Gslxl5W ejwFnHqF1p4misB3BP9NYf1GqN3KLCKFnXbYQkd2CqhS3OVeEfSiZtKeRS0pTHe7 d6Iw4teZvTmghMwChNFMlpLUslb4x5Zm9/jrNjlxt9+UO5mgiz/E95/kXJDaJpqI 0eogjSFkcgaGjPVZdxuRokTi66aNdpQMSLqMUnR1XQ3o7ju+/djxcsKVCVUv/Dcu uxAGVFAWrccu8eRt4DJh1YKJ3+TFdaRHzhVonQ1YE1XdGkfEVvyxsVtPivQKetpK 41FfhxmLVNQAo9w6MJSuIQIFmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOlzVO1w sYK5M3z8qFUQ4io3LBmMMB8GA1UdIwQYMBaAFEK7DzwYR+ZYu+QUGElM6Jzo40SI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjUwNi9CMDQ5MDhDRTZF REUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVsaTc1QlFZU1V6b25PampS SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Fyc1BQQmhINWxpNzVCUVlTVXpvbk9qalJJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjUwNi9CMDQ5MDhDRTZFREUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVs aTc1QlFZU1V6b25PampSSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWakEKTLvUAhYFdmS5KrMW7/Zqp7Z+G3613ASV1KMeM+g87mKMK9Lp 5IzezO0GiUz4Zs2QJnuHNA8x1X7+P+429M6HdPiR5Y2rwRZ3Gd2Khnv85uK0g2fV 0Vt3vNsj369gAxrmL1ikRfbvAZEM4ZNt9ryPCsKkq74i5513HSCrZTQxdu32dceZ +og+BT6KDsUyEToiTHazYfutpa/N0f/PLYjusx/B0jw8aKIfL6pxtm3MCNlnNRJl MQ/fF6vl17NdGMZNf53blcIx92CMhMBZ+FjAvNkEGRqn2l4EppDJEUnNuZRat9fe dWbFh4mCudKL2RsyXCXyq4Y9dhc1S0oz -----END CERTIFICATE-----Generated at Wed Jul 2 15:59:52 2025 by rpki-client