$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft File: qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft (raw, json) Hash identifier: E5EHk2TfKa3LcU3kuWbBJmRyITQdvEHZP83qCBtdoYI= Subject key identifier: F1:FC:B1:F4:93:8A:93:41:D9:F0:34:68:5B:0F:03:EC:DF:B9:C8:E7 Authority key identifier: A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 Certificate issuer: /CN=A91E6CCA/serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft Manifest number: 15 Signing time: Mon 05 May 2025 06:51:27 +0000 Manifest this update: Mon 05 May 2025 06:51:26 +0000 Manifest next update: Mon 12 May 2025 06:51:26 +0000 Files and hashes: 1: qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl (hash: M97aFA6xD17LWmoW8YN7N66yXvYmkPd4v4lv+9AQJHE=) 2: A94836600F7111F08BC42022C4F9AE02.roa (hash: 0N1RJZ+KUU/6KCa2mJ/8SF+qnin999m3l+lV+2/P0R0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 05:10:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6CCA, serialNumber=A89D0FD4F48ABF694FD9DF7704E596464DED2179 Validity Not Before: May 5 06:51:26 2025 GMT Not After : May 12 06:51:26 2025 GMT Subject: CN=68185fef-aaed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:37:79:9f:ce:3e:d1:05:32:dc:d6:e6:80:2d: 0a:b0:d2:0f:9f:b1:f6:79:a2:2c:72:9e:5c:23:70: 9b:40:1e:02:95:4a:be:b2:d0:ca:b5:47:14:8d:ac: 45:e9:45:07:4b:e3:a5:ae:17:88:79:4b:ac:8a:b3: c5:3f:13:27:a6:95:6a:ae:df:48:73:51:74:ce:e2: c9:b1:17:13:bf:68:b3:00:42:1d:f4:1c:1a:0c:6e: 9f:a5:16:b2:1f:7a:80:4c:0d:bd:df:33:f8:07:d6: c6:a6:97:5e:ad:b3:1f:77:d9:81:5b:8c:d6:48:ae: f3:c1:5d:be:28:9c:68:03:61:af:30:3a:34:79:4d: ae:e8:a7:dd:2a:33:ae:f9:c9:7e:24:92:1e:1f:b3: 5c:da:ca:f6:8b:00:99:d2:38:42:33:44:80:c8:1f: 76:56:b9:01:f1:0e:52:45:44:f5:2c:10:45:03:ea: ac:50:27:68:00:36:ad:70:ea:7a:d8:1a:43:3e:b5: f2:76:cd:e4:ba:8e:0b:23:67:9e:ed:7b:38:1b:9a: af:5c:06:3e:76:4f:7b:d5:15:89:71:69:05:30:f9: 20:e8:d9:e2:97:0d:a0:ef:12:75:f7:bd:a6:36:c8: 38:87:a2:e3:0c:1b:aa:30:a4:9e:8e:02:27:12:a0: 5f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:FC:B1:F4:93:8A:93:41:D9:F0:34:68:5B:0F:03:EC:DF:B9:C8:E7 X509v3 Authority Key Identifier: keyid:A8:9D:0F:D4:F4:8A:BF:69:4F:D9:DF:77:04:E5:96:46:4D:ED:21:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qJ0P1PSKv2lP2d93BOWWRk3tIXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6CCA/1A7ADECA0F7011F09E2F7D1FC4F9AE02/qJ0P1PSKv2lP2d93BOWWRk3tIXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:56:6e:22:cb:be:6b:09:92:32:0a:02:6f:f5:b0:06:77:20: 5c:20:fc:f5:e9:3c:2f:08:8d:1e:ea:97:e9:92:82:c0:f4:53: 7a:82:61:0e:93:ea:f8:1d:ae:e1:26:87:76:47:82:ef:93:7e: c1:f3:86:6e:9d:bd:21:58:01:62:62:5a:d6:54:da:fb:07:12: 51:64:4c:b0:01:f0:a6:ea:10:a6:56:35:f7:ee:d2:b3:bd:24: dc:e1:ef:5d:6d:94:39:d4:a1:3c:9c:d6:c3:39:18:49:6f:95: b5:22:28:f3:10:e5:ae:9a:23:13:84:cd:7f:d2:20:e9:ac:6d: 49:c6:80:63:45:22:16:09:98:70:7d:5c:bd:16:79:25:fb:e7: 40:19:66:75:cb:c6:13:eb:b3:8e:51:3b:be:7c:95:80:13:68: 4d:ab:47:56:22:64:16:03:6b:f9:33:14:c0:58:7f:44:5d:04: ff:8a:54:bc:f5:d9:db:0c:4c:f4:f5:e3:2d:fd:01:90:cb:ef: 0d:a8:4e:e7:9f:f9:ec:24:7a:e9:f9:d8:10:05:04:3f:f0:d8: ea:20:31:ff:72:4c:89:47:ff:39:32:26:03:c8:03:a1:f0:7a: a6:4b:8a:76:f2:db:ef:cb:0e:d5:0a:24:40:a5:23:ee:13:11: e5:23:f0:77 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NkNDQTExMC8GA1UEBRMoQTg5RDBGRDRGNDhBQkY2OTRGRDlERjc3MDRFNTk2NDY0 REVEMjE3OTAeFw0yNTA1MDUwNjUxMjZaFw0yNTA1MTIwNjUxMjZaMBgxFjAUBgNV BAMTDTY4MTg1ZmVmLWFhZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJN3mfzj7RBTLc1uaALQqw0g+fsfZ5oixynlwjcJtAHgKVSr6y0Mq1RxSNrEXp RQdL46WuF4h5S6yKs8U/EyemlWqu30hzUXTO4smxFxO/aLMAQh30HBoMbp+lFrIf eoBMDb3fM/gH1saml16tsx932YFbjNZIrvPBXb4onGgDYa8wOjR5Ta7op90qM675 yX4kkh4fs1zayvaLAJnSOEIzRIDIH3ZWuQHxDlJFRPUsEEUD6qxQJ2gANq1w6nrY GkM+tfJ2zeS6jgsjZ57tezgbmq9cBj52T3vVFYlxaQUw+SDo2eKXDaDvEnX3vaY2 yDiHouMMG6owpJ6OAicSoF+xAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8fyx9JOK k0HZ8DRoWw8D7N+5yOcwHwYDVR0jBBgwFoAUqJ0P1PSKv2lP2d93BOWWRk3tIXkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2Q0NBLzFBN0FERUNBMEY3 MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJsUDJkOTNCT1dXUmszdElY ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcUowUDFQU0t2MmxQMmQ5M0JPV1dSazN0SVhrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2 Q0NBLzFBN0FERUNBMEY3MDExRjA5RTJGN0QxRkM0RjlBRTAyL3FKMFAxUFNLdjJs UDJkOTNCT1dXUmszdElYay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAENWbiLLvmsJkjIKAm/1sAZ3IFwg/PXpPC8IjR7ql+mSgsD0U3qCYQ6T 6vgdruEmh3ZHgu+TfsHzhm6dvSFYAWJiWtZU2vsHElFkTLAB8KbqEKZWNffu0rO9 JNzh711tlDnUoTyc1sM5GElvlbUiKPMQ5a6aIxOEzX/SIOmsbUnGgGNFIhYJmHB9 XL0WeSX750AZZnXLxhPrs45RO758lYATaE2rR1YiZBYDa/kzFMBYf0RdBP+KVLz1 2dsMTPT14y39AZDL7w2oTuef+ewkeun52BAFBD/w2OogMf9yTIlH/zkyJgPIA6Hw eqZLinby2+/LDtUKJEClI+4TEeUj8Hc= -----END CERTIFICATE-----Generated at Mon May 5 12:58:26 2025 by rpki-client