$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft File: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft (raw, json) Hash identifier: t3a/pmzxIJoABtUllsfxEQrElj48us4lVif3fPdpj+g= Subject key identifier: 20:DC:78:47:2F:A1:D0:78:46:7E:19:AC:F3:A2:72:AC:A5:FE:EC:2B Authority key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 Certificate issuer: /CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Certificate serial: 129E Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft Manifest number: 474F Signing time: Fri 04 Jul 2025 14:21:26 +0000 Manifest this update: Fri 04 Jul 2025 14:21:25 +0000 Manifest next update: Fri 11 Jul 2025 14:21:25 +0000 Files and hashes: 1: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl (hash: pvuSPjP6c5UBNVKbQJuMHaA0w+F8JpTTpaeKRQUsJGM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4766 (0x129e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Validity Not Before: Jul 4 14:21:25 2025 GMT Not After : Jul 11 14:21:25 2025 GMT Subject: CN=6867e365-defd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:59:ef:6d:c1:ba:71:4e:9d:d3:a1:60:60:e9: d8:e8:bd:8f:9f:34:8a:38:21:8a:e9:b7:7a:91:c6: 36:1b:13:3e:4f:1d:fa:54:7e:76:55:bc:0c:4a:10: 55:34:69:0f:07:bb:bd:7b:57:55:e5:a8:6e:98:05: 0d:bb:78:51:cc:31:23:93:8b:c3:ac:04:cc:e0:e1: 98:f6:ae:91:ce:d4:d9:e6:59:9c:03:9e:80:cd:5a: f5:a8:61:1a:50:85:93:48:10:cd:e7:d2:b2:8e:95: 6e:40:10:d9:88:29:1e:e2:2e:38:d7:77:14:d0:5b: 0e:ef:6a:be:5d:ea:5a:d6:44:7e:a2:4a:00:32:1d: 69:21:41:e2:7b:81:b9:5f:30:38:01:05:e9:84:22: a0:c2:a6:ae:e8:98:1e:c3:70:86:95:39:1d:5f:68: 39:07:22:aa:57:36:1a:8b:f6:4a:c5:c5:2a:e4:ef: bd:2f:a5:d5:ad:1c:2b:71:99:8b:d0:ef:ff:d9:c4: 7f:24:b9:07:b8:65:12:b8:fc:d8:09:af:64:25:a9: 3b:1a:61:4f:c9:25:ec:22:99:11:d5:1d:41:14:70: a8:16:f8:1f:cb:8f:29:3e:af:aa:d2:c6:2d:62:c9: b6:9e:c6:83:1f:16:ca:c4:8b:ed:13:69:4d:69:e6: 1e:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:DC:78:47:2F:A1:D0:78:46:7E:19:AC:F3:A2:72:AC:A5:FE:EC:2B X509v3 Authority Key Identifier: keyid:41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:a6:0a:c7:13:3c:50:25:c1:93:37:f0:53:8f:52:7a:67:d8: 53:ec:56:77:b0:42:f8:ef:3c:39:c6:e3:d9:6d:d5:66:46:55: 41:42:d1:8a:a4:cc:89:de:15:df:07:1d:b1:55:79:51:de:70: c3:02:89:1b:df:43:2d:59:51:76:4a:37:96:78:1b:bf:4e:fa: 18:37:a1:98:a4:e5:14:f5:5c:5a:4f:bc:1b:77:51:0f:da:24: 44:06:14:36:99:da:1a:72:e1:75:6c:55:ba:3f:4b:ac:34:81: de:e7:a1:90:4b:5c:e1:96:0d:43:be:c0:d2:8e:75:32:15:87: f7:df:5b:b2:50:d2:17:58:82:7b:5d:73:61:af:41:b1:1e:d3: d3:14:0d:7c:bc:d0:5c:bb:9f:89:c3:78:73:af:06:65:3e:ab: 7d:62:05:0f:19:cd:74:30:4e:fb:6e:50:f7:b3:c0:66:55:f7: 09:0e:8b:55:1a:02:16:00:79:40:6b:aa:ec:8e:f5:43:8d:ea: d5:2d:87:de:fd:54:d1:19:72:c3:27:ba:47:08:db:eb:0d:55: 6f:54:27:6c:5d:30:ac:7c:62:90:44:7a:0c:77:34:9b:40:9d: d1:bc:9a:36:e4:68:fb:25:b1:50:cf:e4:3a:a9:ab:5d:36:48: 10:78:bd:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVENjExMTAvBgNVBAUTKDQxNkQ2Q0Q2MDM5MEZCN0M5NkVENzlENzhDRTc2RjU0 QUZDRjQ0NTgwHhcNMjUwNzA0MTQyMTI1WhcNMjUwNzExMTQyMTI1WjAYMRYwFAYD VQQDEw02ODY3ZTM2NS1kZWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA31nvbcG6cU6d06FgYOnY6L2PnzSKOCGK6bd6kcY2GxM+Tx36VH52VbwMShBV NGkPB7u9e1dV5ahumAUNu3hRzDEjk4vDrATM4OGY9q6RztTZ5lmcA56AzVr1qGEa UIWTSBDN59KyjpVuQBDZiCke4i4413cU0FsO72q+Xepa1kR+okoAMh1pIUHie4G5 XzA4AQXphCKgwqau6Jgew3CGlTkdX2g5ByKqVzYai/ZKxcUq5O+9L6XVrRwrcZmL 0O//2cR/JLkHuGUSuPzYCa9kJak7GmFPySXsIpkR1R1BFHCoFvgfy48pPq+q0sYt Ysm2nsaDHxbKxIvtE2lNaeYedwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDceEcv odB4Rn4ZrPOicqyl/uwrMB8GA1UdIwQYMBaAFEFtbNYDkPt8lu1514znb1Svz0RY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQ2MS8yQTdDN0Q5ODFE NzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0zeVc3WG5Yak9kdlZLX1BS RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1FXMXMxZ09RLTN5VzdYblhqT2R2VktfUFJGZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUQ2MS8yQTdDN0Q5ODFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0z eVc3WG5Yak9kdlZLX1BSRmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkpgrHEzxQJcGTN/BTj1J6Z9hT7FZ3sEL47zw5xuPZbdVmRlVBQtGK pMyJ3hXfBx2xVXlR3nDDAokb30MtWVF2SjeWeBu/TvoYN6GYpOUU9VxaT7wbd1EP 2iREBhQ2mdoacuF1bFW6P0usNIHe56GQS1zhlg1DvsDSjnUyFYf331uyUNIXWIJ7 XXNhr0GxHtPTFA18vNBcu5+Jw3hzrwZlPqt9YgUPGc10ME77blD3s8BmVfcJDotV GgIWAHlAa6rsjvVDjerVLYfe/VTRGXLDJ7pHCNvrDVVvVCdsXTCsfGKQRHoMdzSb QJ3RvJo25Gj7JbFQz+Q6qatdNkgQeL2J -----END CERTIFICATE-----Generated at Fri Jul 4 17:38:54 2025 by rpki-client