$ rpki-client -vvf rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft File: QIWuE0tjOKEnZXKD67wWwS8guGI.mft (raw, json) Hash identifier: n3n5AwDe5rhqXL2dNZ43G4+0ttNagSKO5vrLs2jb3TY= Subject key identifier: CA:69:D6:6C:86:78:5A:6B:93:31:29:C4:D5:01:52:8D:8F:34:03:06 Authority key identifier: 40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 Certificate issuer: /CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Certificate serial: 03DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft Manifest number: 03D3 Signing time: Thu 03 Jul 2025 00:59:07 +0000 Manifest this update: Thu 03 Jul 2025 00:59:07 +0000 Manifest next update: Thu 10 Jul 2025 00:59:07 +0000 Files and hashes: 1: QIWuE0tjOKEnZXKD67wWwS8guGI.crl (hash: kwYSwN3tz5x2zjY2hQX0CLaIWcpefzGkHbNTI0q3WUA=) 2: 9FBFD358C0F911EFA63F3E64C4F9AE02.roa (hash: yc1nPimI0kUiUPjKIX7+rUbHKCs59csyBzZSSe87J8M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:59:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 990 (0x3de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E80FB, serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Validity Not Before: Jul 3 00:59:07 2025 GMT Not After : Jul 10 00:59:07 2025 GMT Subject: CN=6865d5db-30c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9e:5f:58:3a:37:4d:06:9e:03:32:f7:b6:4c: 55:ed:92:cc:b0:f7:e0:cb:eb:fe:b7:a9:d7:3e:f8: 4b:46:ef:eb:d7:0a:1e:6f:ab:81:e2:29:6d:ed:90: 58:13:19:73:e8:ae:52:e7:2d:16:ca:4a:5e:47:62: 4c:47:55:e5:47:20:40:13:bf:b0:d2:f4:97:37:e7: ac:4d:bd:c1:f8:0e:22:db:37:cc:0c:ef:77:41:da: ef:28:1c:1e:75:95:20:77:ec:06:d2:c1:a1:8b:2f: a7:a9:65:18:35:77:37:65:d6:1a:79:5d:73:ac:13: 42:4b:81:41:67:07:c3:e9:cb:43:a3:97:4e:76:7b: 66:f1:16:70:de:26:b1:dd:2e:8c:56:f3:a8:0c:85: 27:14:18:3e:0f:86:35:df:cd:5e:a0:e2:1b:cf:fc: 65:2a:06:e9:ed:fa:63:c8:3c:c2:ce:bb:1c:b2:e3: b3:09:14:e6:a7:d9:79:cf:d7:55:02:01:5a:0b:b0: 31:64:f8:a9:2e:00:4f:a0:9c:65:b2:b0:ec:0e:ca: 8f:17:f4:08:e8:2f:ec:ae:e9:07:75:fe:67:bd:5a: ac:df:fa:4c:e2:80:71:46:35:bd:ec:af:ae:4a:1e: db:45:71:26:14:6b:4f:a3:ae:68:d2:3d:26:1e:cd: 6e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:69:D6:6C:86:78:5A:6B:93:31:29:C4:D5:01:52:8D:8F:34:03:06 X509v3 Authority Key Identifier: keyid:40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:8b:23:6b:92:90:ab:4b:53:2e:80:86:b3:79:30:19:af:32: e6:40:11:c8:fe:b1:79:2e:ff:00:55:a4:3e:22:4d:18:c7:54: f9:2d:db:ff:f2:58:be:16:1e:a4:11:ae:dd:c5:67:63:be:dc: aa:a2:2b:2f:a7:62:c5:0b:a0:56:88:1a:d1:ae:f0:29:97:61: 7f:a7:2a:36:9a:2c:49:9e:53:d6:25:2c:4f:b5:d3:70:fb:ad: 7f:f3:e0:a5:06:01:3b:bf:16:4a:c5:48:90:25:1d:27:13:6a: 5d:9e:25:27:3c:0b:25:bc:5f:36:dc:f0:32:8e:42:1e:6d:bd: 77:80:2d:d6:b4:5f:01:28:96:cc:6a:67:89:51:ca:67:29:25: ce:9d:f4:1c:9b:ef:f1:f1:e7:a6:62:ea:ae:c4:b6:6d:6a:23: b6:34:8f:fd:e9:4d:be:3f:99:b6:47:d9:bb:12:d8:29:12:28: 42:05:1f:9a:60:45:0c:23:ac:41:5a:57:c5:7c:b8:0c:79:e2: 0c:68:8c:de:2d:89:b7:7a:0e:07:05:da:5d:5f:03:8a:74:93: df:54:f9:21:d1:35:44:c0:92:56:4b:f9:e2:ef:89:39:fe:5d: a0:c4:4f:f5:d6:4a:7c:bb:c1:d8:e0:8c:5a:2e:a4:0f:b3:1f: d7:f7:1d:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTgwRkIxMTAvBgNVBAUTKDQwODVBRTEzNEI2MzM4QTEyNzY1NzI4M0VCQkMxNkMx MkYyMEI4NjIwHhcNMjUwNzAzMDA1OTA3WhcNMjUwNzEwMDA1OTA3WjAYMRYwFAYD VQQDEw02ODY1ZDVkYi0zMGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoJ5fWDo3TQaeAzL3tkxV7ZLMsPfgy+v+t6nXPvhLRu/r1woeb6uB4ilt7ZBY Exlz6K5S5y0WykpeR2JMR1XlRyBAE7+w0vSXN+esTb3B+A4i2zfMDO93QdrvKBwe dZUgd+wG0sGhiy+nqWUYNXc3ZdYaeV1zrBNCS4FBZwfD6ctDo5dOdntm8RZw3iax 3S6MVvOoDIUnFBg+D4Y1381eoOIbz/xlKgbp7fpjyDzCzrscsuOzCRTmp9l5z9dV AgFaC7AxZPipLgBPoJxlsrDsDsqPF/QI6C/srukHdf5nvVqs3/pM4oBxRjW97K+u Sh7bRXEmFGtPo65o0j0mHs1uKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMpp1myG eFprkzEpxNUBUo2PNAMGMB8GA1UdIwQYMBaAFECFrhNLYzihJ2Vyg+u8FsEvILhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODBGQi82MjhENTIwQzhG QjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9LRW5aWEtENjd3V3dTOGd1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FJV3VFMHRqT0tFblpYS0Q2N3dXd1M4Z3VHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODBGQi82MjhENTIwQzhGQjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9L RW5aWEtENjd3V3dTOGd1R0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYiyNrkpCrS1MugIazeTAZrzLmQBHI/rF5Lv8AVaQ+Ik0Yx1T5Ldv/ 8li+Fh6kEa7dxWdjvtyqoisvp2LFC6BWiBrRrvApl2F/pyo2mixJnlPWJSxPtdNw +61/8+ClBgE7vxZKxUiQJR0nE2pdniUnPAslvF823PAyjkIebb13gC3WtF8BKJbM ameJUcpnKSXOnfQcm+/x8eemYuquxLZtaiO2NI/96U2+P5m2R9m7EtgpEihCBR+a YEUMI6xBWlfFfLgMeeIMaIzeLYm3eg4HBdpdXwOKdJPfVPkh0TVEwJJWS/ni74k5 /l2gxE/11kp8u8HY4IxaLqQPsx/X9x20 -----END CERTIFICATE-----Generated at Thu Jul 3 06:05:25 2025 by rpki-client