$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft File: QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft (raw, json) Hash identifier: VTJZTjfWi+F/2PDiAPQpOVp8NAvUYHMLWOuEPjVV/C4= Subject key identifier: BF:23:C4:BB:77:B2:EC:3C:23:82:AA:DA:39:18:C4:42:0D:4E:C1:0D Authority key identifier: 41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C Certificate issuer: /CN=A91EC8C9/serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Certificate serial: 03A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft Manifest number: 03A3 Signing time: Sun 11 May 2025 00:18:32 +0000 Manifest this update: Sun 11 May 2025 00:18:31 +0000 Manifest next update: Sun 18 May 2025 00:18:31 +0000 Files and hashes: 1: QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl (hash: H5lpZe4fVCa8E9Q2W4kJmmX0E/QPek8GAfNkcTDD5EI=) 2: FFDA736894CB11ECA827746DC4F9AE02.roa (hash: pj2LnVj5JMKgQoW/CIO4SmTNgNuQfByzQiOUhiNM/dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 936 (0x3a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC8C9, serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Validity Not Before: May 11 00:18:31 2025 GMT Not After : May 18 00:18:31 2025 GMT Subject: CN=681fecd7-4aa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9d:5a:46:37:31:48:d4:d4:23:3c:bc:02:44: 33:a5:ad:5a:23:15:46:50:d7:90:eb:c8:94:6b:45: 39:e6:ca:ed:de:44:14:37:3f:7c:ca:17:bf:2e:8d: 24:b2:6f:83:4e:98:37:7d:b9:76:dc:4a:54:df:a2: bb:ed:ff:d3:37:bc:68:ee:a3:27:55:68:97:8d:dc: fe:00:62:5e:79:7e:32:0f:71:21:04:12:72:f8:66: 90:6d:c3:1d:9f:93:28:03:5e:d7:51:a1:a2:17:2e: 52:a2:af:76:02:f5:85:a7:27:18:cb:a3:c5:d7:39: fb:18:33:01:20:9e:c6:98:80:c6:e1:ea:1f:96:13: 53:2c:de:4f:6b:c1:cd:f2:c1:d3:0f:16:fe:d8:e7: 06:86:e1:22:94:5c:6f:aa:63:fb:ef:79:b4:fb:46: 3e:2f:a8:72:6d:9f:c4:36:d8:c3:bc:b4:28:d0:dd: 31:6f:a5:b0:07:45:20:ae:03:9a:e2:fc:48:f9:47: 46:be:c1:23:85:56:e9:f1:e2:ef:43:bf:90:a7:b9: 96:65:53:cd:93:e7:d3:e5:21:55:88:2b:c2:8a:26: c5:1d:78:43:1f:69:fd:0d:67:d9:52:1e:77:28:d4: a6:52:97:f8:28:f8:18:c0:c9:b9:52:5a:d8:0e:7e: b2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:23:C4:BB:77:B2:EC:3C:23:82:AA:DA:39:18:C4:42:0D:4E:C1:0D X509v3 Authority Key Identifier: keyid:41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:dc:c2:17:a3:a8:cb:a7:27:a3:9e:9a:d5:43:cc:be:e5:c9: 73:42:83:5f:4d:ae:9b:fc:9b:6f:d1:f4:7f:c5:71:2e:71:41: ad:f1:34:26:93:7b:5f:ca:4d:55:fb:fc:0f:6c:16:cd:cb:f1: ff:16:9a:20:e4:fd:fc:68:de:f9:8a:35:02:c2:f3:82:5d:39: 8f:ff:e5:ab:2b:06:05:04:c4:1a:70:1a:ca:03:94:85:9f:a7: 26:2d:07:85:24:b4:a5:b0:67:fb:f8:7b:0e:01:a4:11:85:42: 4f:44:48:99:14:58:1e:32:3b:ba:33:b8:34:48:97:8d:36:0b: 3d:f6:eb:e2:c4:b7:b6:a0:a4:80:6f:1a:c3:17:ee:cb:d2:e3: 61:99:0e:0b:43:7f:fd:c0:5c:a0:5b:f1:e6:4c:7e:f9:00:a3: 14:78:8d:21:6c:8b:34:f7:f6:e6:61:51:c0:a5:7b:ee:84:9c: b4:d2:db:f1:74:a6:0c:52:8f:24:f2:a7:a5:31:fc:0f:c3:e3: 22:31:4d:e5:2e:96:b1:16:de:3a:4a:12:53:19:e0:f0:de:1d: e7:e9:b3:eb:d3:be:30:44:59:77:b5:2c:7e:f1:f5:ee:36:a1: 2c:f5:96:42:b2:a2:38:33:5e:a2:03:4f:21:8e:41:a5:56:fd: f1:71:f5:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM4QzkxMTAvBgNVBAUTKDQxMjNBQzJFQzA2OUQyRUYyNzIwMUY0REJDQUFDNkMx OTEyMTkwMkMwHhcNMjUwNTExMDAxODMxWhcNMjUwNTE4MDAxODMxWjAYMRYwFAYD VQQDEw02ODFmZWNkNy00YWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZ1aRjcxSNTUIzy8AkQzpa1aIxVGUNeQ68iUa0U55srt3kQUNz98yhe/Lo0k sm+DTpg3fbl23EpU36K77f/TN7xo7qMnVWiXjdz+AGJeeX4yD3EhBBJy+GaQbcMd n5MoA17XUaGiFy5Soq92AvWFpycYy6PF1zn7GDMBIJ7GmIDG4eoflhNTLN5Pa8HN 8sHTDxb+2OcGhuEilFxvqmP773m0+0Y+L6hybZ/ENtjDvLQo0N0xb6WwB0UgrgOa 4vxI+UdGvsEjhVbp8eLvQ7+Qp7mWZVPNk+fT5SFViCvCiibFHXhDH2n9DWfZUh53 KNSmUpf4KPgYwMm5UlrYDn6y/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL8jxLt3 suw8I4Kq2jkYxEINTsENMB8GA1UdIwQYMBaAFEEjrC7AadLvJyAfTbyqxsGRIZAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzhDOS83MzhEREZDNDk0 QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1OG5JQjlOdktyR3daRWhr Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FTT3NMc0JwMHU4bklCOU52S3JHd1pFaGtDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzhDOS83MzhEREZDNDk0QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1 OG5JQjlOdktyR3daRWhrQ3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCV3MIXo6jLpyejnprVQ8y+5clzQoNfTa6b/Jtv0fR/xXEucUGt8TQm k3tfyk1V+/wPbBbNy/H/Fpog5P38aN75ijUCwvOCXTmP/+WrKwYFBMQacBrKA5SF n6cmLQeFJLSlsGf7+HsOAaQRhUJPREiZFFgeMju6M7g0SJeNNgs99uvixLe2oKSA bxrDF+7L0uNhmQ4LQ3/9wFygW/HmTH75AKMUeI0hbIs09/bmYVHApXvuhJy00tvx dKYMUo8k8qelMfwPw+MiMU3lLpaxFt46ShJTGeDw3h3n6bPr074wRFl3tSx+8fXu NqEs9ZZCsqI4M16iA08hjkGlVv3xcfXI -----END CERTIFICATE-----Generated at Sun May 11 22:47:03 2025 by rpki-client