$ rpki-client -vvf rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.mft File: Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.mft (raw, json) Hash identifier: EOvmkeDSbb2Qy0hC9NIwDg0gUQ++cWaApIbGmbRbM9Y= Subject key identifier: 19:A1:E5:F9:D3:2B:11:0C:7F:6E:49:D9:AC:B5:03:0B:C1:C3:08:39 Authority key identifier: 43:D2:50:D5:C1:F6:09:ED:17:4D:FF:26:43:01:DB:45:BE:25:B1:B4 Certificate issuer: /CN=A91978DD/serialNumber=43D250D5C1F609ED174DFF264301DB45BE25B1B4 Certificate serial: 1717 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.mft Manifest number: 170E Signing time: Fri 04 Apr 2025 16:42:44 +0000 Manifest this update: Fri 04 Apr 2025 16:42:43 +0000 Manifest next update: Fri 11 Apr 2025 16:42:43 +0000 Files and hashes: 1: Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.crl (hash: 55NeJhFjNWAlWvFmQkcJhWw1fN1B0mYeIm1UxlQABsA=) 2: 16ABD910E0C111E7BA64DE22C4F9AE02.roa (hash: Ooak6D5iQ2fJ6FZTf7sU2wRFg0kTNy2Wu4Ysho3zOO0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.crl rsync://rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:42:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5911 (0x1717) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91978DD Validity Not Before: Apr 4 16:42:43 2025 GMT Not After : Apr 11 16:42:43 2025 GMT Subject: CN=67f00c03-1bb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2d:ac:1b:9f:c1:d3:28:da:5c:0a:41:2d:cb: d5:0b:67:f6:80:7e:0c:22:c3:6e:d0:30:86:f7:e5: 16:63:51:4b:23:d1:d5:98:9b:d3:53:48:f1:05:7a: 80:c9:9d:4a:e5:25:6b:9a:33:0e:0d:3e:c6:08:ef: 46:3b:ed:32:e1:ca:b8:ab:db:aa:d7:8a:2b:b1:c2: 99:70:08:01:fb:c3:74:3b:4f:79:6b:62:de:db:61: fe:92:eb:2f:ec:ce:f3:35:2d:00:b4:95:eb:37:2f: 60:20:6a:63:ac:ab:18:1e:43:fe:0a:15:74:ac:8f: 39:e1:ea:ab:27:61:dd:01:6a:b0:12:ef:67:e2:c0: d9:37:b7:6b:0e:44:b3:62:e5:53:7f:69:77:5e:47: fd:bd:09:24:4a:2c:77:82:96:c5:90:3e:aa:da:3c: 96:c9:0b:87:5c:28:f8:05:56:35:ba:fd:79:d5:7a: 2b:ee:6b:0d:09:31:ed:00:81:53:57:c1:68:b3:b9: 9a:a4:9e:93:15:77:e3:9f:c6:a5:03:96:61:22:d6: 0f:5e:b7:7a:ff:8b:a5:42:26:68:3c:01:9a:a1:9f: b4:b5:79:2b:f0:e6:43:92:2f:eb:54:1e:c9:e5:31: 51:0f:b1:8f:d7:1c:aa:29:7d:16:9a:85:bb:30:35: 03:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A1:E5:F9:D3:2B:11:0C:7F:6E:49:D9:AC:B5:03:0B:C1:C3:08:39 X509v3 Authority Key Identifier: keyid:43:D2:50:D5:C1:F6:09:ED:17:4D:FF:26:43:01:DB:45:BE:25:B1:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91978DD/CC18D9D4E0B611E799A2B682C4F9AE02/Q9JQ1cH2Ce0XTf8mQwHbRb4lsbQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:94:50:f5:cd:b7:e2:4e:17:2d:88:32:56:62:33:4a:b6:82: 65:e5:d8:92:30:bc:73:47:a7:96:16:43:ec:f6:97:d2:12:bc: 64:4e:92:fd:20:bb:6d:ba:83:ed:6d:7b:95:7d:02:4b:2c:6d: 31:4c:f2:93:28:c6:3f:43:0b:e1:50:02:86:8f:39:03:da:50: 3a:0a:81:d2:1b:ab:e4:28:d8:7f:1b:a5:cc:42:12:57:bd:eb: 78:7a:de:a1:ba:d9:30:c2:78:d5:2c:04:96:d2:1d:a3:3e:5f: b8:ba:38:0c:ab:ac:be:0d:9f:45:ad:b0:68:a5:1c:af:f7:1b: e5:f3:2b:e6:33:0a:1f:b6:18:9b:f6:0b:1a:b2:12:51:2c:c6: e4:bd:04:bb:a5:b5:8b:0c:58:31:21:c0:48:12:eb:1d:3a:e6: 86:86:f1:d7:0b:cf:c8:e7:c8:d3:7f:96:9b:e5:5a:a6:5b:c9: 4d:6d:c2:bb:a1:e9:63:71:53:a5:98:ab:f6:e4:b2:36:c9:61: d4:d6:2d:34:14:b6:40:84:1d:fc:fb:21:f2:c9:15:8a:0b:96: 71:b2:ba:ac:71:23:c3:5e:a9:85:59:b4:f2:c7:ee:0d:cf:73: 79:27:8b:93:80:cd:85:11:a8:57:c5:f4:2d:bf:fb:d3:83:db: 17:e4:1d:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTc4REQxMTAvBgNVBAUTKDQzRDI1MEQ1QzFGNjA5RUQxNzRERkYyNjQzMDFEQjQ1 QkUyNUIxQjQwHhcNMjUwNDA0MTY0MjQzWhcNMjUwNDExMTY0MjQzWjAYMRYwFAYD VQQDEw02N2YwMGMwMy0xYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsi2sG5/B0yjaXApBLcvVC2f2gH4MIsNu0DCG9+UWY1FLI9HVmJvTU0jxBXqA yZ1K5SVrmjMODT7GCO9GO+0y4cq4q9uq14orscKZcAgB+8N0O095a2Le22H+kusv 7M7zNS0AtJXrNy9gIGpjrKsYHkP+ChV0rI854eqrJ2HdAWqwEu9n4sDZN7drDkSz YuVTf2l3Xkf9vQkkSix3gpbFkD6q2jyWyQuHXCj4BVY1uv151Xor7msNCTHtAIFT V8Fos7mapJ6TFXfjn8alA5ZhItYPXrd6/4ulQiZoPAGaoZ+0tXkr8OZDki/rVB7J 5TFRD7GP1xyqKX0WmoW7MDUDKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBmh5fnT KxEMf25J2ay1AwvBwwg5MB8GA1UdIwQYMBaAFEPSUNXB9gntF03/JkMB20W+JbG0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzhERC9DQzE4RDlENEUw QjYxMUU3OTlBMkI2ODJDNEY5QUUwMi9ROUpRMWNIMkNlMFhUZjhtUXdIYlJiNGxz YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1E5SlExY0gyQ2UwWFRmOG1Rd0hiUmI0bHNiUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzhERC9DQzE4RDlENEUwQjYxMUU3OTlBMkI2ODJDNEY5QUUwMi9ROUpRMWNIMkNl MFhUZjhtUXdIYlJiNGxzYlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtlFD1zbfiThctiDJWYjNKtoJl5diSMLxzR6eWFkPs9pfSErxkTpL9 ILttuoPtbXuVfQJLLG0xTPKTKMY/QwvhUAKGjzkD2lA6CoHSG6vkKNh/G6XMQhJX vet4et6hutkwwnjVLASW0h2jPl+4ujgMq6y+DZ9FrbBopRyv9xvl8yvmMwofthib 9gsashJRLMbkvQS7pbWLDFgxIcBIEusdOuaGhvHXC8/I58jTf5ab5VqmW8lNbcK7 oeljcVOlmKv25LI2yWHU1i00FLZAhB38+yHyyRWKC5ZxsrqscSPDXqmFWbTyx+4N z3N5J4uTgM2FEahXxfQtv/vTg9sX5B2x -----END CERTIFICATE-----Generated at Fri Apr 4 22:19:53 2025 by rpki-client