$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft File: qkHKgdI-9YhhkyqtErMWkNvPEAM.mft (raw, json) Hash identifier: Aha3bfJ/z9WscC4emeroC9ggwitxTQWWiRJ/nlEZ5oM= Subject key identifier: 41:CD:7E:8E:1E:2F:7D:B0:35:2A:57:8D:C3:6A:4A:B1:58:88:65:E3 Authority key identifier: AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 Certificate issuer: /CN=A91A5744/serialNumber=AA41CA81D23EF58861932AAD12B31690DBCF1003 Certificate serial: 0C23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft Manifest number: 0C1E Signing time: Fri 28 Mar 2025 18:40:14 +0000 Manifest this update: Fri 28 Mar 2025 18:40:14 +0000 Manifest next update: Fri 04 Apr 2025 18:40:14 +0000 Files and hashes: 1: qkHKgdI-9YhhkyqtErMWkNvPEAM.crl (hash: xOUe2jXzhECXINJ0wZJEHU2PsgHJ2zCbeJ/nALv+4PQ=) 2: 220DBB66054011EA90A20C7EC4F9AE02.roa (hash: l5CGLlauMb+Ni/lNc+v9jsE4+D1HZp9e9rAFpWt3fHE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 18:40:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3107 (0xc23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5744 Validity Not Before: Mar 28 18:40:14 2025 GMT Not After : Apr 4 18:40:14 2025 GMT Subject: CN=67e6ed0e-3629 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:40:f6:31:58:cf:64:f3:6d:36:44:22:56:73: 94:b5:0b:47:f3:65:cf:e3:0a:80:6f:2c:08:74:2e: 1d:37:22:8b:5d:60:01:04:5a:ea:b7:ad:dc:23:39: 9f:a0:83:52:6f:63:97:d6:01:e2:7f:57:45:af:1a: 03:f4:2f:f8:62:30:0e:8f:d6:b2:b6:46:87:53:6d: 7c:22:cb:65:58:ff:3b:cc:26:b0:06:30:dc:d9:39: e2:e8:0c:dd:bd:14:f9:af:03:2f:64:ea:1b:b5:c5: 63:ea:20:1c:30:8c:67:00:49:3e:a0:09:8f:30:9a: b5:95:77:2b:99:4f:7b:4e:ba:75:2f:d7:50:cf:c6: 29:e0:c7:3a:3d:56:f6:82:d3:6d:a6:9f:72:72:49: 36:71:e0:ef:ad:9f:9e:27:2f:1d:aa:88:c9:84:81: ac:0e:19:9c:f6:a5:ce:d2:01:ca:f0:9f:60:97:76: 29:ca:d4:de:a0:8a:37:ac:2b:81:d0:9a:c8:ed:d0: 39:4f:97:60:74:ea:2f:be:ed:d8:fa:a9:0d:f9:b3: 61:45:3e:f7:8a:53:47:8b:6c:24:1b:95:c2:2c:a4: c1:5a:39:e5:e1:3b:f6:a0:26:59:7d:0d:c2:6a:9c: 38:06:08:21:19:8b:b0:de:17:ed:3b:61:33:cd:f2: 78:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:CD:7E:8E:1E:2F:7D:B0:35:2A:57:8D:C3:6A:4A:B1:58:88:65:E3 X509v3 Authority Key Identifier: keyid:AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:58:4d:9a:24:c5:88:8c:08:22:b6:67:84:6c:22:9c:39:90: a2:a4:b1:22:ba:35:bc:f5:64:42:69:01:ce:42:fd:5f:84:ad: 8b:45:d8:39:18:1e:1b:04:83:a0:03:48:28:03:f8:ba:5f:9d: 46:f5:db:6d:f1:26:e8:f6:bb:99:ac:ee:7e:4c:f0:ca:2c:1a: 1f:8b:02:51:e0:29:7d:79:5f:ea:4d:0d:47:8a:67:5d:d2:f9: 97:e9:83:35:59:5c:92:f8:43:be:3c:12:8d:42:31:35:f0:9e: 58:e8:c0:fb:10:93:cd:f5:db:90:07:e9:ee:86:86:3d:34:2e: 8d:96:5e:79:2d:f8:d9:4f:e6:08:b7:37:2b:27:10:55:2a:b5: 5f:ca:e3:5a:0a:01:12:79:54:4d:4c:97:6f:7e:3e:ec:29:eb: 93:ac:28:ef:79:eb:67:10:0e:6e:cd:75:9e:1d:72:83:dd:94: 6e:a6:c9:f4:eb:d8:de:02:cb:34:c5:69:a5:5f:c7:82:42:e3: be:ec:c5:8a:cd:57:2f:5e:c8:0b:29:a7:7e:d4:6a:f9:97:6a: 18:b7:94:ac:ff:10:23:f3:0b:21:2d:4f:08:56:06:67:56:66: ef:c4:64:0e:18:29:e5:50:8c:c0:fb:15:f1:29:39:a8:b2:c2: ed:32:25:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU3NDQxMTAvBgNVBAUTKEFBNDFDQTgxRDIzRUY1ODg2MTkzMkFBRDEyQjMxNjkw REJDRjEwMDMwHhcNMjUwMzI4MTg0MDE0WhcNMjUwNDA0MTg0MDE0WjAYMRYwFAYD VQQDEw02N2U2ZWQwZS0zNjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0kD2MVjPZPNtNkQiVnOUtQtH82XP4wqAbywIdC4dNyKLXWABBFrqt63cIzmf oINSb2OX1gHif1dFrxoD9C/4YjAOj9aytkaHU218IstlWP87zCawBjDc2Tni6Azd vRT5rwMvZOobtcVj6iAcMIxnAEk+oAmPMJq1lXcrmU97Trp1L9dQz8Yp4Mc6PVb2 gtNtpp9yckk2ceDvrZ+eJy8dqojJhIGsDhmc9qXO0gHK8J9gl3YpytTeoIo3rCuB 0JrI7dA5T5dgdOovvu3Y+qkN+bNhRT73ilNHi2wkG5XCLKTBWjnl4Tv2oCZZfQ3C apw4BgghGYuw3hftO2EzzfJ43wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEHNfo4e L32wNSpXjcNqSrFYiGXjMB8GA1UdIwQYMBaAFKpByoHSPvWIYZMqrRKzFpDbzxAD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTc0NC8zOTdGNkNENDA1 MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZaGhreXF0RXJNV2tOdlBF QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FrSEtnZEktOVloaGt5cXRFck1Xa052UEVBTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTc0NC8zOTdGNkNENDA1MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZ aGhreXF0RXJNV2tOdlBFQU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqWE2aJMWIjAgitmeEbCKcOZCipLEiujW89WRCaQHOQv1fhK2LRdg5 GB4bBIOgA0goA/i6X51G9dtt8Sbo9ruZrO5+TPDKLBofiwJR4Cl9eV/qTQ1Himdd 0vmX6YM1WVyS+EO+PBKNQjE18J5Y6MD7EJPN9duQB+nuhoY9NC6Nll55LfjZT+YI tzcrJxBVKrVfyuNaCgESeVRNTJdvfj7sKeuTrCjveetnEA5uzXWeHXKD3ZRupsn0 69jeAss0xWmlX8eCQuO+7MWKzVcvXsgLKad+1Gr5l2oYt5Ss/xAj8wshLU8IVgZn VmbvxGQOGCnlUIzA+xXxKTmossLtMiXB -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:00 2025 by rpki-client