$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft File: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft (raw, json) Hash identifier: 3BH8jFr8PyZlTgbOZ1AO2WrNfUaHFhn1tCNOwzqy6gI= Subject key identifier: BA:60:EB:79:CD:1C:9C:0D:4D:D5:0C:58:F7:53:04:55:11:92:AF:1D Authority key identifier: 40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 Certificate issuer: /CN=A91BB492/serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft Manifest number: 33 Signing time: Tue 01 Jul 2025 08:25:45 +0000 Manifest this update: Tue 01 Jul 2025 08:25:45 +0000 Manifest next update: Tue 08 Jul 2025 08:25:45 +0000 Files and hashes: 1: QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl (hash: APvd6mL9C1Z7EjbJTD7TZIe+KRDEkyVVphtfx5emyLM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:25:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB492, serialNumber=40E4BD36AE15077FE59985D1370D5D64670A88D9 Validity Not Before: Jul 1 08:25:45 2025 GMT Not After : Jul 8 08:25:45 2025 GMT Subject: CN=68639b89-94b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:88:99:dd:89:8e:bf:5a:2b:c3:bd:99:f4:df: eb:7a:26:50:e0:40:7c:9d:2f:7b:59:2f:1b:88:1f: b0:27:d9:02:64:fd:01:26:c3:c1:f6:47:aa:74:dd: 87:5a:20:64:a9:a2:f0:e2:0b:a2:97:ee:61:aa:e7: 1c:3d:f4:5d:d4:79:0d:a3:49:e0:53:23:8a:31:5c: 7a:0a:45:82:06:fc:4a:43:45:02:1c:91:11:44:03: ab:66:7a:b4:b3:74:dc:48:ed:8b:a0:c3:7a:a5:20: 51:73:ae:9c:2c:14:8a:85:20:d7:6a:65:04:4d:a1: af:45:67:3e:8e:51:56:25:1b:ca:6b:49:76:d7:0e: 0f:31:77:69:14:9b:8f:39:ec:91:91:41:59:48:87: 89:35:dd:65:23:1a:38:7d:8d:c0:b8:99:ee:d7:e1: b4:58:22:9f:f2:8f:59:6d:12:ab:5e:8d:8d:9e:1a: 25:c2:e9:44:67:89:b8:8e:14:5a:b0:8f:af:ed:f2: c6:b5:5d:c8:cb:c1:55:c4:13:ca:af:a7:ad:b4:ad: bc:ae:3c:40:00:22:c0:1b:c1:c8:70:d8:70:71:00: 25:92:bc:ca:e9:f7:28:f2:69:e9:6d:53:16:36:60: 4b:c7:52:5f:5d:46:06:3e:02:fe:61:63:1b:42:4e: e5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:60:EB:79:CD:1C:9C:0D:4D:D5:0C:58:F7:53:04:55:11:92:AF:1D X509v3 Authority Key Identifier: keyid:40:E4:BD:36:AE:15:07:7F:E5:99:85:D1:37:0D:5D:64:67:0A:88:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB492/2C0B32D8093611F0A2842D57C4F9AE02/QOS9Nq4VB3_lmYXRNw1dZGcKiNk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:d0:85:22:92:56:56:1c:29:f0:8d:6b:27:bf:86:d8:29:86: 01:c3:19:3e:8e:b6:dd:aa:96:b4:ab:45:e7:63:28:e8:a2:fc: 81:0a:9f:45:bc:9d:17:99:ea:3f:36:b5:c4:e6:d9:77:42:29: 43:2e:be:a6:68:c3:c9:36:29:b0:fc:2d:81:0f:d5:dd:9d:3f: 9a:92:9d:f5:2f:15:dc:77:20:c2:15:d5:54:6d:3c:08:f7:92: 41:c1:e4:67:32:42:14:5e:76:8b:47:02:20:d9:09:71:9c:16: a4:1f:8d:5d:c7:0e:89:92:d8:f2:1a:10:f6:3e:98:f1:6a:74: e0:55:91:31:41:d1:4e:83:32:bd:6f:08:7a:7a:69:3d:1b:64: 47:74:09:e1:a8:e8:4c:84:4f:42:b7:86:42:7a:21:de:e9:1b: 6b:13:a5:5a:94:c7:87:a5:bd:a8:65:17:79:45:74:8a:f2:6a: f3:6e:d2:86:ab:55:b2:41:04:47:b3:ae:fc:12:a3:d3:60:1a: 84:bf:de:3c:b4:b7:93:20:c6:0c:9b:ce:62:62:e8:22:13:31: 2d:06:ba:a0:a7:52:05:f0:8d:c3:2e:fe:b4:8b:ae:31:98:8e: c1:3e:e6:7f:bb:a7:56:d5:93:f1:bc:7c:c0:c4:e8:10:9d:35: f8:aa:c1:45 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QjQ5MjExMC8GA1UEBRMoNDBFNEJEMzZBRTE1MDc3RkU1OTk4NUQxMzcwRDVENjQ2 NzBBODhEOTAeFw0yNTA3MDEwODI1NDVaFw0yNTA3MDgwODI1NDVaMBgxFjAUBgNV BAMTDTY4NjM5Yjg5LTk0YjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsiJndiY6/WivDvZn03+t6JlDgQHydL3tZLxuIH7An2QJk/QEmw8H2R6p03Yda IGSpovDiC6KX7mGq5xw99F3UeQ2jSeBTI4oxXHoKRYIG/EpDRQIckRFEA6tmerSz dNxI7Yugw3qlIFFzrpwsFIqFINdqZQRNoa9FZz6OUVYlG8prSXbXDg8xd2kUm485 7JGRQVlIh4k13WUjGjh9jcC4me7X4bRYIp/yj1ltEqtejY2eGiXC6URnibiOFFqw j6/t8sa1XcjLwVXEE8qvp620rbyuPEAAIsAbwchw2HBxACWSvMrp9yjyaeltUxY2 YEvHUl9dRgY+Av5hYxtCTuW5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUumDrec0c nA1N1QxY91MEVRGSrx0wHwYDVR0jBBgwFoAUQOS9Nq4VB3/lmYXRNw1dZGcKiNkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCNDkyLzJDMEIzMkQ4MDkz NjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNfbG1ZWFJOdzFkWkdjS2lO ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUU9TOU5xNFZCM19sbVlYUk53MWRaR2NLaU5rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJC NDkyLzJDMEIzMkQ4MDkzNjExRjBBMjg0MkQ1N0M0RjlBRTAyL1FPUzlOcTRWQjNf bG1ZWFJOdzFkWkdjS2lOay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKHQhSKSVlYcKfCNaye/htgphgHDGT6Ott2qlrSrRedjKOii/IEKn0W8 nReZ6j82tcTm2XdCKUMuvqZow8k2KbD8LYEP1d2dP5qSnfUvFdx3IMIV1VRtPAj3 kkHB5GcyQhRedotHAiDZCXGcFqQfjV3HDomS2PIaEPY+mPFqdOBVkTFB0U6DMr1v CHp6aT0bZEd0CeGo6EyET0K3hkJ6Id7pG2sTpVqUx4elvahlF3lFdIryavNu0oar VbJBBEezrvwSo9NgGoS/3jy0t5MgxgybzmJi6CITMS0GuqCnUgXwjcMu/rSLrjGY jsE+5n+7p1bVk/G8fMDE6BCdNfiqwUU= -----END CERTIFICATE-----Generated at Wed Jul 2 20:30:25 2025 by rpki-client