$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft File: qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft (raw, json) Hash identifier: 4E25zyY5DehPZs1D0FUR+JQ/NJ1dbZUWd4Fv+PkUfIA= Subject key identifier: 77:07:10:7D:D9:B3:35:40:CA:2B:B2:C5:18:F2:56:E5:C7:93:16:9B Authority key identifier: A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 Certificate issuer: /CN=A91E6CCA/serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft Manifest number: 31 Signing time: Thu 03 Jul 2025 07:55:43 +0000 Manifest this update: Thu 03 Jul 2025 07:55:43 +0000 Manifest next update: Thu 10 Jul 2025 07:55:43 +0000 Files and hashes: 1: qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl (hash: OSwXT3KrnIgvcvHD763TBTOWMH85Uh/5BoK8mLQqs7Q=) 2: A94836600F7111F08BC42022C4F9AE02.roa (hash: 0N1RJZ+KUU/6KCa2mJ/8SF+qnin999m3l+lV+2/P0R0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6CCA, serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Validity Not Before: Jul 3 07:55:43 2025 GMT Not After : Jul 10 07:55:43 2025 GMT Subject: CN=6866377f-8858 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ba:2c:8a:b1:c5:00:62:87:be:76:85:5e:ce: ca:6c:b7:28:a2:e6:75:dc:7f:59:f3:d1:39:05:44: 68:11:81:2c:26:8c:79:5f:73:a3:9d:30:81:3e:0c: a3:15:77:01:93:ef:94:43:08:94:4a:97:b6:87:ad: b7:1b:bf:1d:fc:a9:ab:cf:8b:75:cc:1c:6a:dd:f3: 77:46:f1:9a:ab:b5:5d:21:9d:36:5c:67:9f:fb:c8: 67:98:80:bc:59:5e:06:3b:0d:ce:ad:48:18:2e:e2: 3e:da:a8:e8:2a:fa:5d:17:e0:20:b1:dd:47:03:bc: f2:6b:04:91:a5:79:e7:d7:5e:19:fe:12:cb:d8:dd: 60:77:87:ed:68:3f:42:06:2f:26:e8:11:24:fa:3a: 03:03:e3:1f:99:38:40:34:27:47:bf:31:0f:1d:6a: 3b:eb:72:04:5e:53:63:22:b4:97:95:28:2d:11:73: fb:48:4e:41:66:bc:18:f2:90:e7:2c:78:1d:c6:93: f9:51:7a:11:40:95:c4:16:cc:4a:1d:1d:a5:3a:1c: b7:1c:f8:34:a8:7a:14:69:2c:46:98:75:57:4d:0f: 85:c1:04:e4:f0:e2:b8:1b:d3:73:b8:cc:e5:a8:f8: d2:d5:58:28:d6:49:00:d7:71:6b:2e:05:1f:e5:7d: a1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:07:10:7D:D9:B3:35:40:CA:2B:B2:C5:18:F2:56:E5:C7:93:16:9B X509v3 Authority Key Identifier: keyid:A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:fa:f7:1b:b7:2a:51:8f:22:38:0e:57:66:84:3d:f2:02:69: 92:00:0a:94:44:13:be:41:be:77:85:98:cb:8c:8e:ec:54:4a: 69:04:33:46:13:7e:02:a9:b6:db:93:b3:99:b2:d9:8d:61:64: e1:cc:7c:5e:3b:b6:f2:aa:51:f8:e6:19:c9:d8:37:94:7e:82: 26:0b:a9:27:3c:de:94:60:ac:ea:f7:20:0a:d7:a1:23:cf:48: 1d:37:26:3f:db:29:32:8d:03:cc:0d:e3:5c:91:eb:64:66:ea: f2:61:b8:bf:b1:e8:4b:20:e6:0d:00:68:15:51:a5:ac:0b:fb: bf:07:81:d2:8e:6a:ac:e7:a0:c3:ec:5a:ed:d3:c5:05:37:76: c5:d7:1f:fc:49:5d:b0:a9:5e:da:48:9f:18:dd:39:82:2d:34: ce:d0:35:ac:f3:f4:88:e9:4d:52:36:d4:55:20:a2:0e:9b:4d: 7d:50:f2:56:ad:f0:ac:e0:14:ce:30:e5:b6:03:e5:7a:f6:b7: a0:e3:2c:48:7f:f2:4f:b4:63:48:b0:91:87:b6:83:7c:87:97: 85:a6:3e:b1:1d:3b:b9:c4:6c:3d:f5:19:ba:3d:0e:69:d9:92: 64:c9:53:a0:48:7e:ce:cf:16:5c:79:bf:b1:d0:a1:ec:49:48: 40:dc:71:66 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NkNDQTExMC8GA1UEBRMoQTg5RDBGRDRGNDhBQkY2OTRGRDlERjc3MDRFNTk2NDY0 REVEMjE3OTAeFw0yNTA3MDMwNzU1NDNaFw0yNTA3MTAwNzU1NDNaMBgxFjAUBgNV BAMTDTY4NjYzNzdmLTg4NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyuiyKscUAYoe+doVezspstyii5nXcf1nz0TkFRGgRgSwmjHlfc6OdMIE+DKMV dwGT75RDCJRKl7aHrbcbvx38qavPi3XMHGrd83dG8ZqrtV0hnTZcZ5/7yGeYgLxZ XgY7Dc6tSBgu4j7aqOgq+l0X4CCx3UcDvPJrBJGleefXXhn+EsvY3WB3h+1oP0IG LyboEST6OgMD4x+ZOEA0J0e/MQ8dajvrcgReU2MitJeVKC0Rc/tITkFmvBjykOcs eB3Gk/lRehFAlcQWzEodHaU6HLcc+DSoehRpLEaYdVdND4XBBOTw4rgb03O4zOWo +NLVWCjWSQDXcWsuBR/lfaE3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUdwcQfdmz NUDKK7LFGPJW5ceTFpswHwYDVR0jBBgwFoAUqJ0P1PSKv2lP2d93BOWWRk3tIXkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2Q0NBLzFBN0FERUNBMEY3 MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJsUDJkOTNCT1dXUmszdElY ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcUowUDFQU0t2MmxQMmQ5M0JPV1dSazN0SVhrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2 Q0NBLzFBN0FERUNBMEY3MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJs UDJkOTNCT1dXUmszdElYay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEz69xu3KlGPIjgOV2aEPfICaZIACpREE75BvneFmMuMjuxUSmkEM0YT fgKpttuTs5my2Y1hZOHMfF47tvKqUfjmGcnYN5R+giYLqSc83pRgrOr3IArXoSPP SB03Jj/bKTKNA8wN41yR62Rm6vJhuL+x6Esg5g0AaBVRpawL+78HgdKOaqznoMPs Wu3TxQU3dsXXH/xJXbCpXtpInxjdOYItNM7QNazz9IjpTVI21FUgog6bTX1Q8lat 8KzgFM4w5bYD5Xr2t6DjLEh/8k+0Y0iwkYe2g3yHl4WmPrEdO7nEbD31Gbo9DmnZ kmTJU6BIfs7PFlx5v7HQoexJSEDccWY= -----END CERTIFICATE-----Generated at Fri Jul 4 21:11:57 2025 by rpki-client