$ rpki-client -vvf rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft File: QrsPPBhH5li75BQYSUzonOjjRIg.mft (raw, json) Hash identifier: vBSskB7xdcDnHC2/gP/pAGiIPDLHsM5yajub8UyeQtA= Subject key identifier: 8D:B6:10:B0:42:09:30:A9:99:E6:75:12:15:DA:B6:22:64:DD:A2:BA Authority key identifier: 42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 Certificate issuer: /CN=A9172506/serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Certificate serial: A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft Manifest number: A3 Signing time: Sat 19 Jul 2025 06:28:27 +0000 Manifest this update: Sat 19 Jul 2025 06:28:27 +0000 Manifest next update: Sat 26 Jul 2025 06:28:27 +0000 Files and hashes: 1: QrsPPBhH5li75BQYSUzonOjjRIg.crl (hash: lrcVf6KH3yF1VfxVHQpeefpJEQ6h2mF+LA/quKflU98=) 2: DD75C9BC6EDF11EF90C49A5FC4F9AE02.roa (hash: ribPo1yuX+hIqHtl1PCEzGGO/yQznd+mDINBcQhxFF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:28:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165 (0xa5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172506, serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Validity Not Before: Jul 19 06:28:27 2025 GMT Not After : Jul 26 06:28:27 2025 GMT Subject: CN=687b3b0b-38af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0a:63:ef:06:00:ce:59:24:da:e8:dc:15:ff: c4:a9:2e:8a:99:b2:1c:b2:24:68:c4:06:42:2b:c8: 0a:33:2e:6b:5c:3c:91:e2:5e:ec:ac:fc:ef:d1:e6: 0e:66:33:ed:5a:43:0e:be:b2:86:03:bc:0d:f8:f7: 91:54:c8:10:9c:de:d7:8a:5f:98:73:70:ac:bf:45: 33:b6:f6:79:e9:53:85:12:1f:8f:72:c5:a3:f4:0a: 57:61:5d:d8:87:8e:ec:e4:53:67:78:33:b4:ba:db: e7:70:d7:e2:f4:f2:2d:08:be:1e:3c:42:f2:47:f5: 35:52:b9:75:cf:76:d8:06:c8:b5:e6:9a:13:8d:e1: 42:b1:f4:95:46:ec:e7:f9:1e:d9:1f:d9:1a:07:f5: fa:78:d9:f5:d5:73:a6:a9:ae:38:42:ee:8b:e5:e7: 91:09:a0:58:23:88:7b:60:99:c5:d4:55:16:a5:6c: a1:62:20:47:02:be:ad:12:58:10:96:45:2c:28:c4: 91:99:1e:4a:06:18:34:d1:07:f0:8c:da:bc:64:52: 34:86:20:55:15:f6:10:f4:dd:95:fa:87:2b:a6:1a: 51:44:a2:46:90:35:8a:29:39:b0:0d:a8:84:f1:14: 84:1c:f5:4a:b4:e0:fa:48:b6:5e:98:fe:3e:04:5f: c6:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:B6:10:B0:42:09:30:A9:99:E6:75:12:15:DA:B6:22:64:DD:A2:BA X509v3 Authority Key Identifier: keyid:42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:cf:bf:eb:f4:17:11:0a:dc:80:b6:5f:47:e0:28:b3:89:62: 63:d0:b9:64:bb:b5:e8:5b:b1:87:9e:18:84:18:2d:0e:fd:cc: 40:50:07:9c:5c:4e:67:96:4d:77:d1:68:43:3a:78:39:1a:f1: fe:d4:e8:6e:a6:60:8b:cb:22:f7:0b:11:bf:09:f1:6c:73:67: 6f:f0:06:db:62:44:7c:36:92:09:9b:dc:fe:ea:62:73:d9:02: 99:45:2e:99:57:e8:0a:7f:01:23:7d:c7:64:2d:59:02:2c:51: 3f:72:c2:69:3e:59:c4:45:24:6c:bd:35:1a:9f:20:42:22:83: 1a:62:b1:2a:cd:16:67:e7:30:f8:2e:a6:5f:2c:51:e4:17:93: 7a:37:55:d6:0b:8f:fd:3a:b7:ec:25:8c:2a:a6:54:07:a3:48: 2b:8a:8a:d3:74:03:25:c1:3b:95:86:41:8e:95:0d:ca:d1:71: 30:e6:f9:d1:9d:bd:a3:ff:aa:a6:1b:bf:ec:f0:de:5a:57:93: 02:6a:e7:c6:53:10:1c:ec:7e:00:90:9e:69:1e:26:83:17:89: 1c:84:96:18:8f:82:f8:42:16:5a:af:6f:0d:4d:a1:38:ea:9e: 79:42:56:a2:6f:95:3d:36:b1:fd:39:0a:a1:26:c3:a2:67:0e: ad:0b:da:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzI1MDYxMTAvBgNVBAUTKDQyQkIwRjNDMTg0N0U2NThCQkU0MTQxODQ5NENFODlD RThFMzQ0ODgwHhcNMjUwNzE5MDYyODI3WhcNMjUwNzI2MDYyODI3WjAYMRYwFAYD VQQDEw02ODdiM2IwYi0zOGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQpj7wYAzlkk2ujcFf/EqS6KmbIcsiRoxAZCK8gKMy5rXDyR4l7srPzv0eYO ZjPtWkMOvrKGA7wN+PeRVMgQnN7Xil+Yc3Csv0UztvZ56VOFEh+PcsWj9ApXYV3Y h47s5FNneDO0utvncNfi9PItCL4ePELyR/U1Url1z3bYBsi15poTjeFCsfSVRuzn +R7ZH9kaB/X6eNn11XOmqa44Qu6L5eeRCaBYI4h7YJnF1FUWpWyhYiBHAr6tElgQ lkUsKMSRmR5KBhg00QfwjNq8ZFI0hiBVFfYQ9N2V+ocrphpRRKJGkDWKKTmwDaiE 8RSEHPVKtOD6SLZemP4+BF/GFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI22ELBC CTCpmeZ1EhXatiJk3aK6MB8GA1UdIwQYMBaAFEK7DzwYR+ZYu+QUGElM6Jzo40SI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjUwNi9CMDQ5MDhDRTZF REUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVsaTc1QlFZU1V6b25PampS SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Fyc1BQQmhINWxpNzVCUVlTVXpvbk9qalJJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjUwNi9CMDQ5MDhDRTZFREUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVs aTc1QlFZU1V6b25PampSSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtz7/r9BcRCtyAtl9H4CiziWJj0Llku7XoW7GHnhiEGC0O/cxAUAec XE5nlk130WhDOng5GvH+1OhupmCLyyL3CxG/CfFsc2dv8AbbYkR8NpIJm9z+6mJz 2QKZRS6ZV+gKfwEjfcdkLVkCLFE/csJpPlnERSRsvTUanyBCIoMaYrEqzRZn5zD4 LqZfLFHkF5N6N1XWC4/9OrfsJYwqplQHo0griorTdAMlwTuVhkGOlQ3K0XEw5vnR nb2j/6qmG7/s8N5aV5MCaufGUxAc7H4AkJ5pHiaDF4kchJYYj4L4QhZar28NTaE4 6p55Qlaib5U9NrH9OQqhJsOiZw6tC9pU -----END CERTIFICATE-----Generated at Sun Jul 20 13:37:32 2025 by rpki-client