$ rpki-client -vvf rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.mft File: Q2NMcBuh8e_Oj1aqatHbKUWh258.mft (raw, json) Hash identifier: BwXHzHIuMsiOSgiMTYHClwwS1zEvvItbT5Zg4kjqiIY= Subject key identifier: 2C:55:F3:C5:98:11:62:7A:59:8F:90:CD:15:3B:2A:D2:B6:E8:6D:A3 Authority key identifier: 43:63:4C:70:1B:A1:F1:EF:CE:8F:56:AA:6A:D1:DB:29:45:A1:DB:9F Certificate issuer: /CN=A918549C/serialNumber=43634C701BA1F1EFCE8F56AA6AD1DB2945A1DB9F Certificate serial: BC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q2NMcBuh8e_Oj1aqatHbKUWh258.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.mft Manifest number: BA Signing time: Sat 19 Jul 2025 06:09:38 +0000 Manifest this update: Sat 19 Jul 2025 06:09:38 +0000 Manifest next update: Sat 26 Jul 2025 06:09:38 +0000 Files and hashes: 1: Q2NMcBuh8e_Oj1aqatHbKUWh258.crl (hash: xjLlfA7w33o/HO32b3gM8Vzs21hOk2BhdxAqbTuHqEk=) 2: 9C6F77784A3211EFBDBCEB2FC4F9AE02.roa (hash: VtLgFQFuvZQFqc3/1iLIm4m/GkaEOorvnwwczfuLsfc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.crl rsync://rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q2NMcBuh8e_Oj1aqatHbKUWh258.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:09:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 188 (0xbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918549C, serialNumber=43634C701BA1F1EFCE8F56AA6AD1DB2945A1DB9F Validity Not Before: Jul 19 06:09:38 2025 GMT Not After : Jul 26 06:09:38 2025 GMT Subject: CN=687b36a2-c3c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:07:73:40:40:4a:2a:70:d1:f2:f9:f9:8e:31: 29:69:14:6d:0c:b0:8e:cb:04:06:94:f0:5e:41:8c: d7:9b:a7:b5:35:be:4b:f1:40:da:e6:4f:ae:f0:b2: e6:14:72:9b:3d:23:bd:5f:46:52:79:42:13:f1:bf: 99:24:56:9c:50:37:c4:b0:70:61:cd:04:a6:6e:a9: 4a:87:41:d1:ef:cb:ea:fa:aa:7b:40:69:30:22:00: 98:83:bd:83:a3:11:e4:55:f0:7e:d8:c4:3f:2f:2b: 1f:a5:b6:64:c2:a0:f7:22:1b:52:ac:7a:ab:b8:09: 7a:ae:d6:3a:9c:a3:4f:42:5c:59:7b:e7:5b:3e:83: 2a:58:b7:00:e8:aa:1e:d8:8a:97:54:d5:85:c5:b9: 9c:83:d5:3f:db:58:4d:d6:2e:45:92:d5:70:b7:56: ae:3a:4b:31:b7:0b:55:a6:49:0e:cc:2e:89:36:e8: fe:da:f8:b7:de:df:b3:7d:40:b6:c8:6b:37:94:e4: eb:73:b9:55:a2:89:56:d4:d6:14:67:df:9d:b4:6c: 0d:15:f8:c9:74:b7:fc:18:49:ed:b0:11:d8:eb:92: 28:2f:c8:5f:93:c0:59:23:0d:6c:be:ac:a8:ac:ea: 8b:83:3a:d9:d3:36:99:33:63:db:04:35:57:0b:fc: 48:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:55:F3:C5:98:11:62:7A:59:8F:90:CD:15:3B:2A:D2:B6:E8:6D:A3 X509v3 Authority Key Identifier: keyid:43:63:4C:70:1B:A1:F1:EF:CE:8F:56:AA:6A:D1:DB:29:45:A1:DB:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q2NMcBuh8e_Oj1aqatHbKUWh258.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918549C/DE8718C44A3111EFB7BBD51CC4F9AE02/Q2NMcBuh8e_Oj1aqatHbKUWh258.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:b5:0d:c2:a0:87:5d:2d:21:8a:f7:f2:00:64:23:01:90:fe: 66:40:2b:63:3b:11:80:69:03:67:ab:f3:ed:e3:c3:e9:81:c8: 40:d1:67:40:91:21:95:d9:b8:4f:af:01:2e:f1:98:a4:ac:d8: 47:a0:97:16:0c:14:4b:1a:88:0f:fc:f4:76:4e:91:07:8f:8a: 19:ff:00:59:84:cb:6a:cd:3b:52:d9:3f:4b:a0:db:dc:d6:2e: 23:78:fb:4c:f4:3a:fa:03:13:9b:6a:48:b0:c1:ea:fa:3d:b7: 96:4d:84:62:37:55:da:bf:82:46:30:73:eb:b5:df:c5:74:b2: 9a:f5:93:39:b4:04:5c:0f:cd:6a:2d:fc:f5:90:9f:86:24:3e: 92:45:a3:02:f8:c7:80:6b:f1:31:e2:47:20:6c:f2:9a:ab:03: 5a:61:3c:bc:56:2b:65:4d:7d:d7:15:99:57:a8:82:85:84:7e: cf:5a:cc:c0:55:98:f5:fe:28:b3:b5:0b:be:fe:03:c4:69:04: 01:d6:b4:60:0c:e4:2a:aa:18:b3:a4:c1:f9:4f:e9:0b:e1:61: 76:ed:73:b7:ef:23:50:30:f0:ff:05:0c:83:a0:76:71:d9:27: 73:e6:64:c1:96:2e:0c:43:f5:4d:8d:53:c0:ac:1b:da:a7:45: 34:42:68:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODU0OUMxMTAvBgNVBAUTKDQzNjM0QzcwMUJBMUYxRUZDRThGNTZBQTZBRDFEQjI5 NDVBMURCOUYwHhcNMjUwNzE5MDYwOTM4WhcNMjUwNzI2MDYwOTM4WjAYMRYwFAYD VQQDEw02ODdiMzZhMi1jM2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwwdzQEBKKnDR8vn5jjEpaRRtDLCOywQGlPBeQYzXm6e1Nb5L8UDa5k+u8LLm FHKbPSO9X0ZSeUIT8b+ZJFacUDfEsHBhzQSmbqlKh0HR78vq+qp7QGkwIgCYg72D oxHkVfB+2MQ/LysfpbZkwqD3IhtSrHqruAl6rtY6nKNPQlxZe+dbPoMqWLcA6Koe 2IqXVNWFxbmcg9U/21hN1i5FktVwt1auOksxtwtVpkkOzC6JNuj+2vi33t+zfUC2 yGs3lOTrc7lVoolW1NYUZ9+dtGwNFfjJdLf8GEntsBHY65IoL8hfk8BZIw1svqyo rOqLgzrZ0zaZM2PbBDVXC/xIdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCxV88WY EWJ6WY+QzRU7KtK26G2jMB8GA1UdIwQYMBaAFENjTHAbofHvzo9WqmrR2ylFoduf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTQ5Qy9ERTg3MThDNDRB MzExMUVGQjdCQkQ1MUNDNEY5QUUwMi9RMk5NY0J1aDhlX09qMWFxYXRIYktVV2gy NTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1EyTk1jQnVoOGVfT2oxYXFhdEhiS1VXaDI1OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NTQ5Qy9ERTg3MThDNDRBMzExMUVGQjdCQkQ1MUNDNEY5QUUwMi9RMk5NY0J1aDhl X09qMWFxYXRIYktVV2gyNTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqtQ3CoIddLSGK9/IAZCMBkP5mQCtjOxGAaQNnq/Pt48PpgchA0WdA kSGV2bhPrwEu8ZikrNhHoJcWDBRLGogP/PR2TpEHj4oZ/wBZhMtqzTtS2T9LoNvc 1i4jePtM9Dr6AxObakiwwer6PbeWTYRiN1Xav4JGMHPrtd/FdLKa9ZM5tARcD81q Lfz1kJ+GJD6SRaMC+MeAa/Ex4kcgbPKaqwNaYTy8VitlTX3XFZlXqIKFhH7PWszA VZj1/iiztQu+/gPEaQQB1rRgDOQqqhizpMH5T+kL4WF27XO37yNQMPD/BQyDoHZx 2Sdz5mTBli4MQ/VNjVPArBvap0U0Qmg3 -----END CERTIFICATE-----Generated at Sun Jul 20 19:07:56 2025 by rpki-client