$ rpki-client -vvf rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft File: QgBM9ryh-lZCT17qJPYqkrJc3s8.mft (raw, json) Hash identifier: BHk/0f6a3btrrZqFarokA8AJjMSOTNPJ3pLm2peTpjw= Subject key identifier: D2:D7:9C:A8:D5:3C:58:E9:F3:98:19:92:F6:91:66:E8:4A:6B:9F:6A Authority key identifier: 42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF Certificate issuer: /CN=A919960D/serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF Certificate serial: 01DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft Manifest number: 01D5 Signing time: Thu 03 Jul 2025 02:56:00 +0000 Manifest this update: Thu 03 Jul 2025 02:56:00 +0000 Manifest next update: Thu 10 Jul 2025 02:56:00 +0000 Files and hashes: 1: QgBM9ryh-lZCT17qJPYqkrJc3s8.crl (hash: 4ZkJS7nBwTr8nR9i12FreoGQhXFd33JIfqLXlm0xIPo=) 2: BE9174768DDE11ED97AFDA82C4F9AE02.roa (hash: L+V30ULZZ1KBiifHC7zDGdNJ17lrpWMv8iHx76Nc92w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 02:55:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 474 (0x1da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919960D, serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF Validity Not Before: Jul 3 02:56:00 2025 GMT Not After : Jul 10 02:56:00 2025 GMT Subject: CN=6865f140-57ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ab:1c:d8:ca:03:02:48:79:23:92:43:d9:96: d5:ca:f8:60:e9:9e:3d:92:39:f1:3b:4b:d2:d8:ea: 02:e0:7c:92:88:70:14:f5:10:74:4f:ed:3e:c0:f9: 4b:1b:b4:21:ef:6e:93:a9:a9:25:c9:db:5d:00:3f: c8:bf:d9:d2:cc:5d:ce:d0:24:2a:42:77:50:a0:e2: 8f:57:e5:a5:1f:c0:b4:41:9b:ca:95:01:6a:00:28: 01:48:9a:cf:41:54:a2:7a:df:1c:e2:64:74:18:49: ce:46:fd:8c:50:75:49:a1:e3:e9:f9:09:60:7f:5a: 9f:17:88:ca:94:c8:77:de:cc:a6:31:37:f6:23:6d: f8:19:9f:25:68:7a:a8:13:c3:dd:12:57:62:5f:63: cf:b1:a5:80:1e:db:c3:39:b3:13:61:e1:01:69:88: 1b:6f:88:9b:75:c8:e8:87:42:6e:c3:48:b6:af:75: 23:a1:b0:4a:b6:73:52:c9:f2:f3:8d:5c:d8:34:a2: 42:10:64:5a:81:a3:89:e9:ce:53:0c:57:3f:b1:a5: d7:66:c6:3f:58:fe:dc:6a:c1:81:94:f9:0e:01:05: e5:08:e6:1c:39:ee:9a:d0:e3:9e:d7:6b:4a:76:7b: b3:af:88:42:6a:df:30:a8:62:6d:b9:5d:39:86:dd: 15:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:D7:9C:A8:D5:3C:58:E9:F3:98:19:92:F6:91:66:E8:4A:6B:9F:6A X509v3 Authority Key Identifier: keyid:42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:d5:df:c5:05:c8:7e:af:66:21:e3:3e:37:4e:50:c6:5a:85: d9:bd:e7:f4:56:fe:22:b0:e7:69:b3:92:8a:c6:27:66:08:fb: 85:93:f6:cd:9f:55:24:cc:be:59:07:2b:ac:a2:bd:22:5a:79: 19:5d:c9:74:3e:8b:c0:72:6b:37:8c:b4:18:c2:83:a9:00:67: 38:60:c6:cf:da:2c:00:91:cd:99:63:43:3a:99:62:d5:9e:06: 33:94:26:59:a7:12:21:62:3c:d2:40:04:35:f3:96:dd:cc:51: cd:f7:49:81:23:57:61:eb:62:71:61:43:cf:79:88:01:99:e3: 14:a5:e5:5f:7a:83:a8:c3:65:cc:89:f1:06:94:fc:32:1a:a4: d4:92:13:b9:b2:2b:cf:28:42:2e:2c:e8:5c:75:20:b7:68:12: 24:e1:74:1c:6d:ca:28:6b:5a:8e:e8:02:fd:6b:c1:e8:9a:78: 77:59:b0:22:19:45:4b:3c:a0:7d:6e:68:ba:7f:2a:e1:39:ce: c1:f6:6a:2b:40:fa:c7:7f:a8:c6:ca:b4:58:96:b2:59:ef:3e: ce:ec:75:48:eb:45:5e:0d:41:59:5e:8c:5a:83:5a:8f:5f:be: 2e:5d:63:2a:88:fc:5a:f7:e9:e8:0d:12:94:da:85:9e:48:c6: 5a:9a:e5:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVFQTI0RjYyQTky QjI1Q0RFQ0YwHhcNMjUwNzAzMDI1NjAwWhcNMjUwNzEwMDI1NjAwWjAYMRYwFAYD VQQDEw02ODY1ZjE0MC01N2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3asc2MoDAkh5I5JD2ZbVyvhg6Z49kjnxO0vS2OoC4HySiHAU9RB0T+0+wPlL G7Qh726TqaklydtdAD/Iv9nSzF3O0CQqQndQoOKPV+WlH8C0QZvKlQFqACgBSJrP QVSiet8c4mR0GEnORv2MUHVJoePp+Qlgf1qfF4jKlMh33symMTf2I234GZ8laHqo E8PdEldiX2PPsaWAHtvDObMTYeEBaYgbb4ibdcjoh0Juw0i2r3UjobBKtnNSyfLz jVzYNKJCEGRagaOJ6c5TDFc/saXXZsY/WP7casGBlPkOAQXlCOYcOe6a0OOe12tK dnuzr4hCat8wqGJtuV05ht0VyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNLXnKjV PFjp85gZkvaRZuhKa59qMB8GA1UdIwQYMBaAFEIATPa8ofpWQk9e6iT2KpKyXN7P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTYwRC9CRDBCNjRDNjhE REExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1sWkNUMTdxSlBZcWtySmMz czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FnQk05cnloLWxaQ1QxN3FKUFlxa3JKYzNzOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTYwRC9CRDBCNjRDNjhEREExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1s WkNUMTdxSlBZcWtySmMzczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB11d/FBch+r2Yh4z43TlDGWoXZvef0Vv4isOdps5KKxidmCPuFk/bN n1UkzL5ZByusor0iWnkZXcl0PovAcms3jLQYwoOpAGc4YMbP2iwAkc2ZY0M6mWLV ngYzlCZZpxIhYjzSQAQ185bdzFHN90mBI1dh62JxYUPPeYgBmeMUpeVfeoOow2XM ifEGlPwyGqTUkhO5sivPKEIuLOhcdSC3aBIk4XQcbcooa1qO6AL9a8Homnh3WbAi GUVLPKB9bmi6fyrhOc7B9morQPrHf6jGyrRYlrJZ7z7O7HVI60VeDUFZXoxag1qP X74uXWMqiPxa9+noDRKU2oWeSMZamuV5 -----END CERTIFICATE-----Generated at Thu Jul 3 06:11:12 2025 by rpki-client