$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.mft File: QQmhbhhypDGvWRhmVbtg1TN8pIU.mft (raw, json) Hash identifier: l6p1aD55XRTAIr1G3g+UK/23cDXMd1XWbLLzmolJJmU= Subject key identifier: F9:31:88:BC:39:AB:1B:FD:96:8E:B9:AF:6F:B8:FE:0A:2C:BD:A6:85 Authority key identifier: 41:09:A1:6E:18:72:A4:31:AF:59:18:66:55:BB:60:D5:33:7C:A4:85 Certificate issuer: /CN=A91AE309/serialNumber=4109A16E1872A431AF59186655BB60D5337CA485 Certificate serial: 066E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QQmhbhhypDGvWRhmVbtg1TN8pIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.mft Manifest number: 0669 Signing time: Fri 28 Mar 2025 22:37:30 +0000 Manifest this update: Fri 28 Mar 2025 22:37:30 +0000 Manifest next update: Fri 04 Apr 2025 22:37:30 +0000 Files and hashes: 1: QQmhbhhypDGvWRhmVbtg1TN8pIU.crl (hash: 50ppy52KvrTYDghSFzLbiYtIcc2GeD1U4fJYvKTcuto=) 2: E036A33A724711EBAC3F0059C4F9AE02.roa (hash: f7Qn0qXwPKUSx1AKDqHdBuBm3lykdUVyid+XDevm250=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.crl rsync://rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QQmhbhhypDGvWRhmVbtg1TN8pIU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:37:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1646 (0x66e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE309 Validity Not Before: Mar 28 22:37:30 2025 GMT Not After : Apr 4 22:37:30 2025 GMT Subject: CN=67e724aa-99df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:00:c4:91:11:8f:35:6a:79:32:74:eb:dd:f8: e5:3e:77:43:3c:e1:6c:44:fd:13:74:77:6f:6d:ea: b4:7d:18:9b:c1:84:e6:25:88:de:d5:50:c2:e4:c6: 6b:ec:19:aa:b0:0c:8c:76:61:4c:de:24:c7:7f:f0: 92:f0:e2:dc:15:75:65:5d:46:63:ee:8a:32:59:ed: f5:e9:4d:a7:64:79:0e:97:04:df:62:d9:e0:32:5d: f2:0e:76:4b:80:ce:5c:a3:cb:e8:bc:53:e0:9b:f3: 41:f3:22:5c:a8:20:0a:29:a0:09:ef:78:c3:4d:e1: 89:2f:7e:e8:1f:54:7b:20:70:d4:8b:54:73:a4:52: 1c:60:c1:cd:f7:53:9e:c8:0f:28:2b:1f:e0:90:32: bf:f1:82:23:91:e1:22:47:c8:84:bb:dd:c7:e3:1e: 10:b9:ca:c3:42:5c:d2:93:16:4d:87:d4:ed:f7:81: bb:2b:7d:73:60:2b:28:c7:b9:bf:08:d2:13:bc:bd: 72:70:0d:64:65:77:47:07:69:02:23:45:12:39:5c: 1a:a6:e7:ae:f9:e7:dd:b9:40:01:7f:dd:b8:64:69: bc:de:6c:06:5e:62:f5:7b:72:93:26:eb:26:4c:97: b5:44:75:7d:b6:9f:20:15:d2:4a:bf:98:3f:35:f3: a5:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:31:88:BC:39:AB:1B:FD:96:8E:B9:AF:6F:B8:FE:0A:2C:BD:A6:85 X509v3 Authority Key Identifier: keyid:41:09:A1:6E:18:72:A4:31:AF:59:18:66:55:BB:60:D5:33:7C:A4:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QQmhbhhypDGvWRhmVbtg1TN8pIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE309/BDB42F36724611EB8AEDDC58C4F9AE02/QQmhbhhypDGvWRhmVbtg1TN8pIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:43:34:04:b7:76:da:5b:97:51:ac:f0:7a:c2:07:84:07:8c: 86:7b:81:39:b1:10:cf:92:3f:d9:36:4d:60:fd:f0:6e:7f:fd: 27:e2:58:3c:99:7f:ce:a0:21:46:08:08:83:62:b4:17:f6:7b: 14:80:b2:a1:b9:6c:6b:7a:78:b0:e4:9c:45:d9:0d:e0:b0:b9: 02:41:bb:41:85:9b:a8:e2:62:50:38:a0:2a:3d:57:7a:f9:0b: 9e:6d:13:88:e5:ce:fa:6d:28:f8:db:f5:e6:cf:df:e3:a6:a5: ec:f5:92:2c:0d:8b:fb:0d:29:ce:28:71:9f:97:a3:11:04:d8: 7b:98:5f:e5:a9:62:50:95:63:6e:09:5e:03:a2:d2:11:44:af: 5c:be:da:d2:fe:35:09:54:66:fa:04:af:01:0d:fb:0e:bf:5f: 9c:6a:fd:a7:0d:d4:ea:d6:1d:49:2d:40:8b:80:85:8e:6b:1a: c4:4a:f6:16:b9:ec:4a:98:0f:84:be:45:84:54:81:34:ff:06: c2:a1:9f:45:a1:bc:eb:e3:75:f0:9c:f6:73:07:40:f2:8d:8d: 8c:dd:6b:64:7a:d2:12:41:20:00:49:09:a3:64:37:ca:5c:c5: 25:a6:e3:cc:90:bf:a8:29:6e:63:1e:6d:8e:77:3b:14:57:fc: 72:71:44:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUzMDkxMTAvBgNVBAUTKDQxMDlBMTZFMTg3MkE0MzFBRjU5MTg2NjU1QkI2MEQ1 MzM3Q0E0ODUwHhcNMjUwMzI4MjIzNzMwWhcNMjUwNDA0MjIzNzMwWjAYMRYwFAYD VQQDEw02N2U3MjRhYS05OWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqgDEkRGPNWp5MnTr3fjlPndDPOFsRP0TdHdvbeq0fRibwYTmJYje1VDC5MZr 7BmqsAyMdmFM3iTHf/CS8OLcFXVlXUZj7ooyWe316U2nZHkOlwTfYtngMl3yDnZL gM5co8vovFPgm/NB8yJcqCAKKaAJ73jDTeGJL37oH1R7IHDUi1RzpFIcYMHN91Oe yA8oKx/gkDK/8YIjkeEiR8iEu93H4x4QucrDQlzSkxZNh9Tt94G7K31zYCsox7m/ CNITvL1ycA1kZXdHB2kCI0USOVwapueu+efduUABf924ZGm83mwGXmL1e3KTJusm TJe1RHV9tp8gFdJKv5g/NfOloQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPkxiLw5 qxv9lo65r2+4/gosvaaFMB8GA1UdIwQYMBaAFEEJoW4YcqQxr1kYZlW7YNUzfKSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTMwOS9CREI0MkYzNjcy NDYxMUVCOEFFRERDNThDNEY5QUUwMi9RUW1oYmhoeXBER3ZXUmhtVmJ0ZzFUTjhw SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FRbWhiaGh5cERHdldSaG1WYnRnMVROOHBJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTMwOS9CREI0MkYzNjcyNDYxMUVCOEFFRERDNThDNEY5QUUwMi9RUW1oYmhoeXBE R3ZXUmhtVmJ0ZzFUTjhwSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBiQzQEt3baW5dRrPB6wgeEB4yGe4E5sRDPkj/ZNk1g/fBuf/0n4lg8 mX/OoCFGCAiDYrQX9nsUgLKhuWxreniw5JxF2Q3gsLkCQbtBhZuo4mJQOKAqPVd6 +QuebROI5c76bSj42/Xmz9/jpqXs9ZIsDYv7DSnOKHGfl6MRBNh7mF/lqWJQlWNu CV4DotIRRK9cvtrS/jUJVGb6BK8BDfsOv1+cav2nDdTq1h1JLUCLgIWOaxrESvYW uexKmA+EvkWEVIE0/wbCoZ9Fobzr43XwnPZzB0DyjY2M3WtketISQSAASQmjZDfK XMUlpuPMkL+oKW5jHm2OdzsUV/xycUQM -----END CERTIFICATE-----Generated at Fri Apr 4 22:17:51 2025 by rpki-client