$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft File: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft (raw, json) Hash identifier: Y+0JYGtWkmzIq39rRtmXlwNzG1LJJMyd02Uxq7zaK1E= Subject key identifier: 59:0F:E1:00:38:B1:38:78:AE:BE:9B:62:39:A9:54:F8:8C:04:73:E2 Authority key identifier: 41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD Certificate issuer: /CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Certificate serial: 0312 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft Manifest number: 030C Signing time: Thu 03 Jul 2025 01:36:42 +0000 Manifest this update: Thu 03 Jul 2025 01:36:41 +0000 Manifest next update: Thu 10 Jul 2025 01:36:41 +0000 Files and hashes: 1: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl (hash: zLd9y/3FKHkibuoVGbI+OrIKZsVBjQSzPIILGHfvyS4=) 2: 7BCC4B32E85C11EE9593933FC4F9AE02.roa (hash: C9cBIgp62dlijuyH/TsefWQ1spYTduwHvoUlA7V/520=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:36:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 786 (0x312) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E91BC, serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Validity Not Before: Jul 3 01:36:41 2025 GMT Not After : Jul 10 01:36:41 2025 GMT Subject: CN=6865dea9-fb8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:95:b5:56:ca:15:fc:cd:0c:7b:ca:75:7c:99: 8d:0a:8f:b0:90:0b:49:9e:a9:a9:98:8f:f0:74:ab: 92:e4:f7:d8:d2:69:b7:89:62:18:d7:a2:95:84:9a: 6a:8c:fd:69:ff:c9:72:51:5e:ec:fa:55:2c:c6:ef: 1d:c6:9c:59:ea:b2:35:a7:d5:46:e6:b7:3d:2c:ef: 0a:27:b1:a2:f6:79:68:40:60:31:da:4b:96:f2:62: d9:5a:e3:b9:29:c1:ca:ed:ba:91:a7:a4:71:d9:07: a7:57:1a:1f:1f:dd:66:80:ae:6e:d0:b7:b2:59:b2: 7a:2c:df:95:f9:d8:3b:a3:71:e0:18:79:d6:57:15: 23:2b:e2:76:ca:9a:9b:49:4e:61:08:12:37:8d:2a: 36:35:25:65:62:76:cb:95:5b:a0:b5:0f:a8:b4:b3: cf:68:91:f1:58:37:c3:da:94:4c:88:8e:ee:30:69: 7e:c4:b3:4c:65:1f:13:57:7d:c5:20:f5:e2:7e:a1: 7f:77:22:ba:f4:60:a0:10:4a:d5:a9:8e:9b:9e:49: a8:b8:bc:f4:ad:3e:f8:9b:cd:2b:8b:b9:e5:a3:ea: 29:2b:ec:ca:a0:7a:24:97:16:00:ae:d2:2e:ad:12: 38:5d:85:86:d8:64:26:ab:7c:11:30:43:64:1e:46: d3:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:0F:E1:00:38:B1:38:78:AE:BE:9B:62:39:A9:54:F8:8C:04:73:E2 X509v3 Authority Key Identifier: keyid:41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:af:b6:64:f0:b6:2a:47:96:47:db:5a:a9:d4:b3:a6:9d:9b: 1e:bf:2d:03:b1:03:91:9c:98:e4:c1:dc:3f:bb:95:6e:ab:1a: f4:db:82:71:43:2f:66:ea:8e:8e:3e:f3:18:2a:2a:51:5f:86: 1e:61:ab:74:97:98:9d:cf:c1:c3:05:77:be:31:13:ac:6f:ff: 0e:ce:68:29:43:62:b8:f9:b9:21:54:c4:e3:7f:dc:bc:22:88: 28:81:08:a8:57:4c:e2:ef:28:66:66:d5:92:8e:20:74:20:02: 4c:57:2d:3a:be:66:a7:9a:dc:b4:e4:4b:fb:5f:d7:3f:e1:98: 4a:f8:34:43:4e:67:a8:79:37:8f:69:30:02:6b:6f:e6:fa:bf: 29:61:70:2b:c6:e2:13:48:33:43:7b:06:f7:9b:3b:46:c6:2d: 72:12:a6:30:7e:1b:82:64:1f:88:19:d7:43:71:77:03:ee:53: a0:d4:ca:4d:f8:d2:9f:9a:8d:74:7f:0f:a3:73:5c:a9:ae:b7: 30:68:a2:8f:38:e1:84:a5:bf:90:9b:5c:41:ff:f6:cc:c8:4a: 4e:3f:d6:fa:bb:a5:d2:c4:17:be:b5:6d:ff:11:b4:46:04:b3: 7c:50:eb:77:5f:5b:7b:d5:4c:21:cf:b0:74:11:96:d1:02:05: c5:b7:ed:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTkxQkMxMTAvBgNVBAUTKDQxNEZCNjE3ODg2OTEzMEY4MjZFOUUzMEMwQjc5NDA4 NEQ5NzYwREQwHhcNMjUwNzAzMDEzNjQxWhcNMjUwNzEwMDEzNjQxWjAYMRYwFAYD VQQDEw02ODY1ZGVhOS1mYjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2JW1VsoV/M0Me8p1fJmNCo+wkAtJnqmpmI/wdKuS5PfY0mm3iWIY16KVhJpq jP1p/8lyUV7s+lUsxu8dxpxZ6rI1p9VG5rc9LO8KJ7Gi9nloQGAx2kuW8mLZWuO5 KcHK7bqRp6Rx2QenVxofH91mgK5u0LeyWbJ6LN+V+dg7o3HgGHnWVxUjK+J2ypqb SU5hCBI3jSo2NSVlYnbLlVugtQ+otLPPaJHxWDfD2pRMiI7uMGl+xLNMZR8TV33F IPXifqF/dyK69GCgEErVqY6bnkmouLz0rT74m80ri7nlo+opK+zKoHoklxYArtIu rRI4XYWG2GQmq3wRMENkHkbTyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkP4QA4 sTh4rr6bYjmpVPiMBHPiMB8GA1UdIwQYMBaAFEFPtheIaRMPgm6eMMC3lAhNl2Dd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BNEU2NzNDQURC RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3LUNicDR3d0xlVUNFMlhZ TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FVLTJGNGhwRXctQ2JwNHd3TGVVQ0UyWFlOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTFCQy9BNEU2NzNDQURCRTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3 LUNicDR3d0xlVUNFMlhZTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0r7Zk8LYqR5ZH21qp1LOmnZsevy0DsQORnJjkwdw/u5Vuqxr024Jx Qy9m6o6OPvMYKipRX4YeYat0l5idz8HDBXe+MROsb/8OzmgpQ2K4+bkhVMTjf9y8 IogogQioV0zi7yhmZtWSjiB0IAJMVy06vmanmty05Ev7X9c/4ZhK+DRDTmeoeTeP aTACa2/m+r8pYXArxuITSDNDewb3mztGxi1yEqYwfhuCZB+IGddDcXcD7lOg1MpN +NKfmo10fw+jc1yprrcwaKKPOOGEpb+Qm1xB//bMyEpOP9b6u6XSxBe+tW3/EbRG BLN8UOt3X1t71Uwhz7B0EZbRAgXFt+2s -----END CERTIFICATE-----Generated at Thu Jul 3 20:56:05 2025 by rpki-client