$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: Pc/8o7IpNRiFE7PGpnj1HjC9z6OVEzF9UgE1N2R/BOE= Subject key identifier: 69:8A:11:A1:B2:82:BE:A7:CA:F7:F0:72:69:AF:0F:85:0B:80:BF:FC Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 348F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 3484 Signing time: Sat 10 May 2025 15:05:56 +0000 Manifest this update: Sat 10 May 2025 15:05:56 +0000 Manifest next update: Sat 17 May 2025 15:05:56 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: dSPLOculOe5bRd6cdFE8LMgz0NFQuWi4Y5XJ/FNXneY=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:05:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13455 (0x348f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: May 10 15:05:56 2025 GMT Not After : May 17 15:05:56 2025 GMT Subject: CN=681f6b54-4bf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:15:7d:bf:f0:8f:fb:6f:93:a3:04:98:64:a8: 02:70:a8:22:14:3b:fe:bd:ef:23:cd:e1:23:f9:18: fc:b5:72:c7:69:ee:f6:2c:90:0c:06:04:62:3e:6f: 85:31:83:77:18:1f:da:60:e0:ec:49:03:35:f1:ef: d9:c5:d5:c8:4c:9c:bb:dc:51:5d:82:16:2e:69:3d: c5:88:8c:ae:99:db:26:38:52:08:a3:b1:99:07:47: 75:b2:9a:84:4d:69:09:1c:be:c7:6c:39:e5:75:04: 92:9b:68:fa:96:7d:18:70:4c:3b:79:ae:60:08:68: a8:c6:81:72:52:96:89:99:20:75:7d:ae:ca:75:e5: a8:ab:2a:59:fc:60:96:c2:4e:d1:78:d4:41:31:8d: af:b4:56:03:72:03:b7:c1:bb:90:60:58:02:d6:db: a9:4d:f1:92:63:93:47:5f:19:14:67:3c:01:f4:a1: 61:b8:71:ca:62:7f:64:f7:9c:bc:1d:f0:70:6a:cb: d8:26:e5:2a:25:1b:35:8c:83:81:cf:2b:7e:00:e4: e3:6d:66:8d:8c:5f:01:e3:6d:85:3e:ad:09:6c:13: 96:28:59:73:e5:e8:5f:1b:68:12:0d:3a:b2:69:9b: f8:2e:90:45:ea:ca:5f:b6:4f:12:ff:e0:cb:06:5a: e0:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:8A:11:A1:B2:82:BE:A7:CA:F7:F0:72:69:AF:0F:85:0B:80:BF:FC X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:e1:50:27:0d:e6:75:3e:3a:5d:de:e4:0d:d0:1f:5b:df:4b: 1a:b5:c5:7b:f9:f2:cd:de:9f:68:a7:01:c9:4d:d4:fc:dd:1f: 4b:ea:2e:74:7a:3a:54:cc:2a:8f:ee:46:00:db:f1:63:b2:6e: ec:9e:37:6c:d6:b9:a9:82:73:7b:f3:d2:9e:95:5d:40:e4:67: e3:87:d2:77:b4:a3:3f:dc:35:d9:ac:0a:a2:d8:09:ae:79:aa: ed:90:e5:81:e7:11:5d:f4:e7:da:fa:cc:6c:73:65:90:27:1c: bb:ae:91:7f:e4:d1:12:65:75:9c:e3:1b:09:7f:06:e5:da:58: 2f:ab:d0:13:7a:e1:d2:43:1e:00:98:cd:6c:de:47:51:ad:54: 47:4d:74:64:9c:28:6f:7b:0a:90:9a:0f:98:05:ae:d4:53:2c: c7:38:ed:a3:e8:eb:c3:7e:57:f4:37:e8:ca:54:b3:04:00:ef: c3:9d:5c:5a:53:e5:28:1f:9a:b7:5a:64:bd:dc:06:a3:c5:aa: e2:e3:1e:f9:74:2d:0e:45:af:4f:46:dd:68:0b:6f:16:95:8e: 6f:8d:3d:be:b8:61:b9:29:aa:a4:73:99:c1:3d:98:05:f5:cf: a3:54:0b:82:fe:59:40:40:e0:36:9a:d1:02:2b:df:c7:0e:3d: 7c:be:27:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwNTEwMTUwNTU2WhcNMjUwNTE3MTUwNTU2WjAYMRYwFAYD VQQDEw02ODFmNmI1NC00YmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzBV9v/CP+2+TowSYZKgCcKgiFDv+ve8jzeEj+Rj8tXLHae72LJAMBgRiPm+F MYN3GB/aYODsSQM18e/ZxdXITJy73FFdghYuaT3FiIyumdsmOFIIo7GZB0d1spqE TWkJHL7HbDnldQSSm2j6ln0YcEw7ea5gCGioxoFyUpaJmSB1fa7KdeWoqypZ/GCW wk7ReNRBMY2vtFYDcgO3wbuQYFgC1tupTfGSY5NHXxkUZzwB9KFhuHHKYn9k95y8 HfBwasvYJuUqJRs1jIOBzyt+AOTjbWaNjF8B422FPq0JbBOWKFlz5ehfG2gSDTqy aZv4LpBF6spftk8S/+DLBlrgeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGmKEaGy gr6nyvfwcmmvD4ULgL/8MB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl4VAnDeZ1Pjpd3uQN0B9b30satcV7+fLN3p9opwHJTdT83R9L6i50 ejpUzCqP7kYA2/Fjsm7snjds1rmpgnN789KelV1A5Gfjh9J3tKM/3DXZrAqi2Amu eartkOWB5xFd9Ofa+sxsc2WQJxy7rpF/5NESZXWc4xsJfwbl2lgvq9ATeuHSQx4A mM1s3kdRrVRHTXRknChvewqQmg+YBa7UUyzHOO2j6OvDflf0N+jKVLMEAO/DnVxa U+UoH5q3WmS93Aajxari4x75dC0ORa9PRt1oC28WlY5vjT2+uGG5Kaqkc5nBPZgF 9c+jVAuC/llAQOA2mtECK9/HDj18vifE -----END CERTIFICATE-----Generated at Sun May 11 19:19:17 2025 by rpki-client