$ rpki-client -vvf rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.mft File: QJ0BHok_2Mjws-isFGkqp7udAlk.mft (raw, json) Hash identifier: w4ctEkCxwrJNoJCu3qwZHT7IPB20HJWyjJp4PAI2hyY= Subject key identifier: 8D:51:2B:DA:C2:FC:50:4C:CB:D3:0F:02:C2:86:D6:FF:D6:A4:BD:E0 Authority key identifier: 40:9D:01:1E:89:3F:D8:C8:F0:B3:E8:AC:14:69:2A:A7:BB:9D:02:59 Certificate issuer: /CN=A91808E1/serialNumber=409D011E893FD8C8F0B3E8AC14692AA7BB9D0259 Certificate serial: 0409 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJ0BHok_2Mjws-isFGkqp7udAlk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.mft Manifest number: 0403 Signing time: Mon 21 Jul 2025 00:41:16 +0000 Manifest this update: Mon 21 Jul 2025 00:41:15 +0000 Manifest next update: Mon 28 Jul 2025 00:41:15 +0000 Files and hashes: 1: QJ0BHok_2Mjws-isFGkqp7udAlk.crl (hash: ogBDdRdkmQMBaPcVQKoDCDsT6J2B4WzvSe2y9R1AXmY=) 2: E7FE45667E8311ECA552B67FC4F9AE02.roa (hash: vev8cF3wVonEj/spB6AbH6AE+o8N+kb1JbFrPlAS1N8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.crl rsync://rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJ0BHok_2Mjws-isFGkqp7udAlk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 00:41:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1033 (0x409) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91808E1, serialNumber=409D011E893FD8C8F0B3E8AC14692AA7BB9D0259 Validity Not Before: Jul 21 00:41:15 2025 GMT Not After : Jul 28 00:41:15 2025 GMT Subject: CN=687d8cab-294f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:5a:d0:50:63:4f:c7:ec:ce:a5:4e:bf:14:82: 2a:ba:11:a0:d3:66:d2:5a:cf:2c:84:33:8e:ef:d0: 4e:06:c6:54:f9:a8:90:d4:a0:ab:f2:2e:53:d9:26: 72:01:68:d2:a4:ac:32:17:99:cf:4b:77:bf:d3:0e: ed:c1:7f:d1:a0:cd:57:53:8d:5a:94:ce:05:50:91: e6:63:5a:74:1b:ba:74:f0:86:6c:68:b4:18:30:d6: 5b:a0:b6:53:1e:98:b6:2e:37:87:d9:a3:fc:9e:90: 49:68:52:d2:d7:83:cd:a5:b7:63:c9:ca:ae:c4:88: bb:c8:4d:db:fa:de:d1:27:8c:7c:67:72:c9:81:ba: de:08:d6:a7:90:62:ee:d1:bf:06:b8:f5:67:77:47: 7a:62:f5:05:8c:1d:26:77:50:b9:7c:59:f2:09:6a: 3c:2f:f5:ac:5e:93:da:e3:f0:31:5a:30:fc:72:07: 56:92:3d:bc:df:37:08:98:6e:4b:93:0f:fd:ba:5b: 5e:74:f3:49:27:8b:7e:a8:f3:f7:43:a5:5d:1e:d6: dc:e1:bb:25:8f:b4:8e:2b:14:5f:7d:db:4f:22:b3: 44:d5:d3:e6:40:18:02:c3:b7:69:0c:00:6b:61:26: db:64:52:46:eb:eb:f3:9b:47:69:12:c0:1a:c4:26: 8c:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:51:2B:DA:C2:FC:50:4C:CB:D3:0F:02:C2:86:D6:FF:D6:A4:BD:E0 X509v3 Authority Key Identifier: keyid:40:9D:01:1E:89:3F:D8:C8:F0:B3:E8:AC:14:69:2A:A7:BB:9D:02:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJ0BHok_2Mjws-isFGkqp7udAlk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91808E1/F90F9E887E8111ECB8873A7FC4F9AE02/QJ0BHok_2Mjws-isFGkqp7udAlk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:26:56:a0:c3:63:33:37:83:f1:04:8f:47:0f:6b:dc:b0:da: 21:4a:d9:63:05:82:6f:fc:de:29:70:ae:32:2c:5f:e9:5b:f0: 78:52:17:3b:29:98:a8:ff:a0:4e:7c:4a:bf:4c:32:2a:60:b7: 19:e0:8d:66:98:8c:17:7f:5d:dd:4e:59:d2:b9:ed:d8:ee:e2: 73:4c:f3:71:ae:7f:a4:52:24:f0:1c:84:10:fa:6a:88:44:09: 52:7c:cf:74:39:e8:c0:9c:bb:25:53:34:a4:0c:6c:5d:5d:24: 04:6e:ef:38:08:0a:f6:56:1d:b4:f2:00:f2:da:24:5b:d0:c8: 04:d5:41:a6:64:64:4d:21:72:ad:b3:e9:c9:83:a8:38:0d:a4: 68:7f:b2:8f:da:00:7c:61:8a:4e:08:fe:fa:b6:7e:b6:67:34: 4f:11:14:62:bf:bc:2c:c6:e2:80:51:85:e2:21:6b:cf:e3:c8: 02:08:94:cc:00:b4:c1:d0:13:55:02:b4:40:dc:e1:6c:c3:fb: 1b:d1:44:3b:72:0d:69:50:74:1c:1f:ce:2d:67:d6:d0:44:2f: e0:a9:bc:ba:fe:58:60:18:15:39:f7:ab:3c:e2:f1:26:06:38: f4:88:cf:6e:a8:e2:dc:d1:19:c3:54:f9:36:25:8e:76:80:9e: bc:30:7f:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODA4RTExMTAvBgNVBAUTKDQwOUQwMTFFODkzRkQ4QzhGMEIzRThBQzE0NjkyQUE3 QkI5RDAyNTkwHhcNMjUwNzIxMDA0MTE1WhcNMjUwNzI4MDA0MTE1WjAYMRYwFAYD VQQDEw02ODdkOGNhYi0yOTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4FrQUGNPx+zOpU6/FIIquhGg02bSWs8shDOO79BOBsZU+aiQ1KCr8i5T2SZy AWjSpKwyF5nPS3e/0w7twX/RoM1XU41alM4FUJHmY1p0G7p08IZsaLQYMNZboLZT Hpi2LjeH2aP8npBJaFLS14PNpbdjycquxIi7yE3b+t7RJ4x8Z3LJgbreCNankGLu 0b8GuPVnd0d6YvUFjB0md1C5fFnyCWo8L/WsXpPa4/AxWjD8cgdWkj283zcImG5L kw/9ultedPNJJ4t+qPP3Q6VdHtbc4bslj7SOKxRffdtPIrNE1dPmQBgCw7dpDABr YSbbZFJG6+vzm0dpEsAaxCaMLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1RK9rC /FBMy9MPAsKG1v/WpL3gMB8GA1UdIwQYMBaAFECdAR6JP9jI8LPorBRpKqe7nQJZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDhFMS9GOTBGOUU4ODdF ODExMUVDQjg4NzNBN0ZDNEY5QUUwMi9RSjBCSG9rXzJNandzLWlzRkdrcXA3dWRB bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FKMEJIb2tfMk1qd3MtaXNGR2txcDd1ZEFsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MDhFMS9GOTBGOUU4ODdFODExMUVDQjg4NzNBN0ZDNEY5QUUwMi9RSjBCSG9rXzJN andzLWlzRkdrcXA3dWRBbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCJlagw2MzN4PxBI9HD2vcsNohStljBYJv/N4pcK4yLF/pW/B4Uhc7 KZio/6BOfEq/TDIqYLcZ4I1mmIwXf13dTlnSue3Y7uJzTPNxrn+kUiTwHIQQ+mqI RAlSfM90OejAnLslUzSkDGxdXSQEbu84CAr2Vh208gDy2iRb0MgE1UGmZGRNIXKt s+nJg6g4DaRof7KP2gB8YYpOCP76tn62ZzRPERRiv7wsxuKAUYXiIWvP48gCCJTM ALTB0BNVArRA3OFsw/sb0UQ7cg1pUHQcH84tZ9bQRC/gqby6/lhgGBU596s84vEm Bjj0iM9uqOLc0RnDVPk2JY52gJ68MH/q -----END CERTIFICATE-----Generated at Mon Jul 21 07:16:03 2025 by rpki-client