$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft File: qkHKgdI-9YhhkyqtErMWkNvPEAM.mft (raw, json) Hash identifier: UojedpzEAcD+ZyZ+0XZ+VEPolDymus2OYckBrq67xIU= Subject key identifier: 55:F0:76:EF:36:25:54:06:65:6D:EA:E3:99:57:A5:D8:D3:ED:FA:D1 Authority key identifier: AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 Certificate issuer: /CN=A91A5744/serialNumber=AA41CA81D23EF58861932AAD12B31690DBCF1003 Certificate serial: 0C3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft Manifest number: 0C37 Signing time: Fri 16 May 2025 18:40:34 +0000 Manifest this update: Fri 16 May 2025 18:40:33 +0000 Manifest next update: Fri 23 May 2025 18:40:33 +0000 Files and hashes: 1: qkHKgdI-9YhhkyqtErMWkNvPEAM.crl (hash: 2b0rjAPL/J/Wm8W1aLZHSraqksEBqzQnlZhuYlCnqOk=) 2: 220DBB66054011EA90A20C7EC4F9AE02.roa (hash: l5CGLlauMb+Ni/lNc+v9jsE4+D1HZp9e9rAFpWt3fHE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 18:40:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3132 (0xc3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5744, serialNumber=AA41CA81D23EF58861932AAD12B31690DBCF1003 Validity Not Before: May 16 18:40:33 2025 GMT Not After : May 23 18:40:33 2025 GMT Subject: CN=682786a1-8bfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:eb:8f:4b:8f:12:4b:ea:c4:da:97:7f:06:9f: 02:20:db:94:ae:06:1e:e2:2c:ff:46:e9:94:37:b8: 6f:f1:1c:c9:3d:5e:1f:d4:7d:a5:ad:2c:f6:b0:50: 9b:c8:ad:2d:af:7e:49:b6:3d:16:cc:a8:8d:d1:0a: df:4e:6a:24:07:0a:de:03:7b:f0:08:ed:a4:7a:fb: 6a:7c:2c:21:7d:22:86:f0:f5:3f:cf:6e:69:4d:70: c0:2b:43:48:4f:d2:0b:47:cf:7c:02:f4:a6:58:fe: 46:dd:84:bd:87:3d:53:fd:d3:59:26:0a:39:4f:69: e6:83:7f:78:e5:5a:2a:12:6b:93:37:24:13:cf:6f: c1:ba:9c:80:f7:95:07:87:f0:27:7c:70:af:ed:75: 70:63:2d:5c:56:d6:21:ae:38:e5:94:8b:fd:7d:6d: c1:d6:62:aa:55:7d:b7:4f:52:d3:f8:16:7b:35:a3: 2f:9c:62:5a:09:76:5e:ba:77:22:cf:16:47:b1:c5: 3c:3f:56:7e:63:45:51:a3:85:1d:8e:33:1a:c4:75: 73:83:4b:72:fa:b6:c1:ce:1e:48:a5:de:7c:ff:99: d3:c5:3c:6c:33:38:d9:50:1b:22:d6:8c:36:c4:1e: bf:63:5b:ef:c6:a6:fd:35:b3:2a:cd:29:c0:8f:1d: 64:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:F0:76:EF:36:25:54:06:65:6D:EA:E3:99:57:A5:D8:D3:ED:FA:D1 X509v3 Authority Key Identifier: keyid:AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:95:91:e2:84:4d:b5:cf:ef:9b:c8:ee:b1:04:c6:cd:db:c0: 6a:68:78:0b:1d:44:01:1b:71:b1:bf:9a:28:ab:04:e5:be:a9: 1e:87:af:f8:17:00:b2:84:62:a0:16:4d:f0:ee:c9:c2:eb:fb: 66:09:4f:3e:8a:eb:cd:50:29:20:ea:38:48:9d:b1:fd:59:b1: 9e:8d:f9:d9:f9:7a:77:94:7e:13:b3:b5:97:a0:11:9f:6e:42: c3:06:63:c1:5f:1d:ab:7a:1d:41:5e:53:19:7c:54:37:c2:40: cb:f5:70:20:10:2d:4d:ca:a8:dd:bc:14:c5:ef:78:83:5e:5f: 44:9e:56:02:3b:32:80:7b:54:08:eb:d5:18:32:57:88:d5:fd: ba:a9:62:e8:8f:d8:d7:a2:db:f2:0a:37:a3:67:38:80:ce:34: 0a:92:62:c3:8d:9d:c1:b0:03:65:96:c0:4d:fe:e6:e0:34:e5: 00:39:d7:cd:b4:eb:ae:73:4e:d0:13:df:75:5f:8c:2a:0a:76: 49:b0:49:a5:aa:84:89:a7:0f:28:49:65:11:b6:1f:35:6e:b4: d4:d8:d6:5f:4a:87:cf:48:b5:10:83:ab:53:53:eb:a5:5f:62: 9a:94:c7:52:b4:2f:59:6e:e6:da:5a:0f:85:2f:10:79:44:5b: c9:6d:67:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU3NDQxMTAvBgNVBAUTKEFBNDFDQTgxRDIzRUY1ODg2MTkzMkFBRDEyQjMxNjkw REJDRjEwMDMwHhcNMjUwNTE2MTg0MDMzWhcNMjUwNTIzMTg0MDMzWjAYMRYwFAYD VQQDEw02ODI3ODZhMS04YmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxuuPS48SS+rE2pd/Bp8CINuUrgYe4iz/RumUN7hv8RzJPV4f1H2lrSz2sFCb yK0tr35Jtj0WzKiN0QrfTmokBwreA3vwCO2kevtqfCwhfSKG8PU/z25pTXDAK0NI T9ILR898AvSmWP5G3YS9hz1T/dNZJgo5T2nmg3945VoqEmuTNyQTz2/BupyA95UH h/AnfHCv7XVwYy1cVtYhrjjllIv9fW3B1mKqVX23T1LT+BZ7NaMvnGJaCXZeunci zxZHscU8P1Z+Y0VRo4UdjjMaxHVzg0ty+rbBzh5Ipd58/5nTxTxsMzjZUBsi1ow2 xB6/Y1vvxqb9NbMqzSnAjx1kwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFXwdu82 JVQGZW3q45lXpdjT7frRMB8GA1UdIwQYMBaAFKpByoHSPvWIYZMqrRKzFpDbzxAD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTc0NC8zOTdGNkNENDA1 MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZaGhreXF0RXJNV2tOdlBF QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FrSEtnZEktOVloaGt5cXRFck1Xa052UEVBTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTc0NC8zOTdGNkNENDA1MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZ aGhreXF0RXJNV2tOdlBFQU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPlZHihE21z++byO6xBMbN28BqaHgLHUQBG3Gxv5ooqwTlvqkeh6/4 FwCyhGKgFk3w7snC6/tmCU8+iuvNUCkg6jhInbH9WbGejfnZ+Xp3lH4Ts7WXoBGf bkLDBmPBXx2reh1BXlMZfFQ3wkDL9XAgEC1NyqjdvBTF73iDXl9EnlYCOzKAe1QI 69UYMleI1f26qWLoj9jXotvyCjejZziAzjQKkmLDjZ3BsANllsBN/ubgNOUAOdfN tOuuc07QE991X4wqCnZJsEmlqoSJpw8oSWURth81brTU2NZfSofPSLUQg6tTU+ul X2KalMdStC9ZbubaWg+FLxB5RFvJbWfI -----END CERTIFICATE-----Generated at Sat May 17 00:10:10 2025 by rpki-client