$ rpki-client -vvf rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft File: Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft (raw, json) Hash identifier: F78NfUlw9TKevQ39Id03uxdLYqEeJhFCHqtsBu9QZ8g= Subject key identifier: 86:3A:D9:E7:2C:9E:D7:BE:33:94:5D:E8:27:D3:45:D4:C3:48:E4:C1 Authority key identifier: 43:C3:CF:11:74:BD:72:B4:34:C6:92:8B:8A:BE:BF:05:D6:31:3F:40 Certificate issuer: /CN=A9198D20/serialNumber=43C3CF1174BD72B434C6928B8ABEBF05D6313F40 Certificate serial: 0BDE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft Manifest number: 0BD7 Signing time: Wed 02 Jul 2025 19:05:01 +0000 Manifest this update: Wed 02 Jul 2025 19:05:00 +0000 Manifest next update: Wed 09 Jul 2025 19:05:00 +0000 Files and hashes: 1: Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl (hash: N2cySKekNlt5eEC14/JsYHzZXqkkWHGEzQ0ELB5HLZQ=) 2: EE985C561CEA11EA8B382C0BC4F9AE02.roa (hash: /clDM2qDPD5uC0RxJEAiWWigew7J9uL+PN4x0Vi4eF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:05:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3038 (0xbde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198D20, serialNumber=43C3CF1174BD72B434C6928B8ABEBF05D6313F40 Validity Not Before: Jul 2 19:05:00 2025 GMT Not After : Jul 9 19:05:00 2025 GMT Subject: CN=686582dd-b576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e9:06:8c:8e:5f:a7:7e:68:13:6b:c0:76:6d: d2:02:b1:d2:81:eb:47:80:15:15:9e:6a:80:0f:d7: 4a:cc:7f:2e:05:28:2a:ba:42:7b:b5:8a:01:f6:2b: 30:8f:11:e4:ec:7e:53:b5:53:8d:33:a2:08:6f:fc: 3c:cd:14:c7:ec:4b:81:c8:4f:9d:21:42:bd:e9:a3: de:a4:26:9b:3a:ed:e4:ff:6a:66:94:dd:31:e0:d4: 6c:fe:48:3f:af:e1:d6:7e:1d:bd:82:f8:7b:cb:8c: f2:82:93:35:f1:1c:37:f1:48:71:37:80:eb:e5:31: 72:fe:a9:69:07:6b:29:9e:d4:8f:06:f5:dc:04:24: e0:2f:ff:ef:86:f7:ea:78:ab:b8:24:e3:eb:e9:19: a5:42:c0:20:84:2d:ed:8b:cb:0c:ee:bc:85:b5:e4: d4:b9:ba:72:dc:88:72:0b:13:92:0d:c9:a3:f2:56: d7:18:91:9c:19:6d:05:85:6f:d4:ee:ac:93:56:d3: 16:4c:7b:a0:85:2d:1e:ad:40:da:68:d7:6c:26:ad: 7e:51:62:05:1b:41:48:c3:4f:91:df:ea:b6:57:60: ab:45:40:2f:87:a6:38:cd:d1:12:e0:1d:a6:13:06: 8c:54:bf:32:6b:bc:36:45:cb:f8:f7:cf:2a:21:b9: da:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:3A:D9:E7:2C:9E:D7:BE:33:94:5D:E8:27:D3:45:D4:C3:48:E4:C1 X509v3 Authority Key Identifier: keyid:43:C3:CF:11:74:BD:72:B4:34:C6:92:8B:8A:BE:BF:05:D6:31:3F:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:f4:10:20:be:88:8f:4e:2a:01:04:a3:58:45:e1:ac:8d:a9: 67:c9:bc:9b:81:c2:5d:50:9b:b4:ad:ea:40:da:6d:b1:5a:2b: 6c:2d:fd:ac:86:ad:f7:ef:8a:70:1d:11:36:b8:4f:71:87:99: 7a:92:fb:b4:b4:f2:76:51:74:ad:c9:a4:05:21:63:10:0e:8c: 5f:8c:3d:bd:6e:4a:eb:33:64:fc:14:65:db:cc:d4:af:d2:ab: 90:d6:45:a1:3a:8b:2d:d1:d1:a5:16:cc:87:3e:0e:35:17:ca: 0e:53:17:68:da:8c:af:fc:69:1e:3c:61:46:77:84:af:0b:22: bd:f2:ee:42:5b:b0:40:2a:73:df:a7:ab:65:04:73:74:77:8a: 5c:8e:e7:e5:a4:37:cb:c2:b4:70:d8:f0:d7:c6:72:a1:4a:03: 36:0b:8d:b1:89:05:ea:a9:5e:d9:ce:a0:f5:f3:6a:7f:28:b5: 66:1c:1b:d0:b3:0f:25:7e:ba:34:9d:70:15:46:27:25:97:4a: 32:2d:28:39:ea:b6:95:2c:d7:88:3e:be:7e:00:41:9f:04:9e: 47:76:24:58:c3:16:38:10:48:86:b1:c9:c3:8f:02:95:79:c3: 89:2d:1b:9c:da:15:a8:c9:37:a0:b5:36:f0:80:8c:37:9b:27: e8:7a:cd:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OThEMjAxMTAvBgNVBAUTKDQzQzNDRjExNzRCRDcyQjQzNEM2OTI4QjhBQkVCRjA1 RDYzMTNGNDAwHhcNMjUwNzAyMTkwNTAwWhcNMjUwNzA5MTkwNTAwWjAYMRYwFAYD VQQDEw02ODY1ODJkZC1iNTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuekGjI5fp35oE2vAdm3SArHSgetHgBUVnmqAD9dKzH8uBSgqukJ7tYoB9isw jxHk7H5TtVONM6IIb/w8zRTH7EuByE+dIUK96aPepCabOu3k/2pmlN0x4NRs/kg/ r+HWfh29gvh7y4zygpM18Rw38UhxN4Dr5TFy/qlpB2spntSPBvXcBCTgL//vhvfq eKu4JOPr6RmlQsAghC3ti8sM7ryFteTUubpy3IhyCxOSDcmj8lbXGJGcGW0FhW/U 7qyTVtMWTHughS0erUDaaNdsJq1+UWIFG0FIw0+R3+q2V2CrRUAvh6Y4zdES4B2m EwaMVL8ya7w2Rcv4988qIbnaDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIY62ecs nte+M5Rd6CfTRdTDSOTBMB8GA1UdIwQYMBaAFEPDzxF0vXK0NMaSi4q+vwXWMT9A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OEQyMC8zRjc3MDNDMjFD RTkxMUVBOTg4OTc0ODdDNEY5QUUwMi9ROFBQRVhTOWNyUTB4cEtMaXI2X0JkWXhQ MEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1E4UFBFWFM5Y3JRMHhwS0xpcjZfQmRZeFAwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OEQyMC8zRjc3MDNDMjFDRTkxMUVBOTg4OTc0ODdDNEY5QUUwMi9ROFBQRVhTOWNy UTB4cEtMaXI2X0JkWXhQMEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBH9BAgvoiPTioBBKNYReGsjalnybybgcJdUJu0repA2m2xWitsLf2s hq3374pwHRE2uE9xh5l6kvu0tPJ2UXStyaQFIWMQDoxfjD29bkrrM2T8FGXbzNSv 0quQ1kWhOost0dGlFsyHPg41F8oOUxdo2oyv/GkePGFGd4SvCyK98u5CW7BAKnPf p6tlBHN0d4pcjuflpDfLwrRw2PDXxnKhSgM2C42xiQXqqV7ZzqD182p/KLVmHBvQ sw8lfro0nXAVRicll0oyLSg56raVLNeIPr5+AEGfBJ5HdiRYwxY4EEiGscnDjwKV ecOJLRuc2hWoyTegtTbwgIw3myfoes1s -----END CERTIFICATE-----Generated at Thu Jul 3 18:01:05 2025 by rpki-client