$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.mft File: QidVkJNLMeOdgd28nAmFa39OWIQ.mft (raw, json) Hash identifier: GujI21oeToJw/nxOOjTOdpKb4Ntj1b+ONZmYyUuvDHI= Subject key identifier: 38:8B:B8:48:17:3C:7B:75:6F:3D:43:CF:7C:9F:CB:AF:CD:40:54:E4 Authority key identifier: 42:27:55:90:93:4B:31:E3:9D:81:DD:BC:9C:09:85:6B:7F:4E:58:84 Certificate issuer: /CN=A91DC009/serialNumber=42275590934B31E39D81DDBC9C09856B7F4E5884 Certificate serial: 01D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QidVkJNLMeOdgd28nAmFa39OWIQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.mft Manifest number: 01D4 Signing time: Fri 11 Apr 2025 02:07:31 +0000 Manifest this update: Fri 11 Apr 2025 02:07:30 +0000 Manifest next update: Fri 18 Apr 2025 02:07:30 +0000 Files and hashes: 1: QidVkJNLMeOdgd28nAmFa39OWIQ.crl (hash: UgJRPhZLrxJPPdqRgBOOsjdbXyWU28xUPCEEfl6MGdE=) 2: 754A1888490D11ED95C7C86EC4F9AE02.roa (hash: CSIt/M+JZX1zt8oTEtouM1TXpeh5gYbtlEsnigR0HLQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.crl rsync://rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QidVkJNLMeOdgd28nAmFa39OWIQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 02:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 471 (0x1d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC009, serialNumber=42275590934B31E39D81DDBC9C09856B7F4E5884 Validity Not Before: Apr 11 02:07:30 2025 GMT Not After : Apr 18 02:07:30 2025 GMT Subject: CN=67f87962-0028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3c:79:60:27:49:6c:12:7e:e7:37:bc:ac:75: b2:8a:af:c8:03:e9:25:43:be:87:1a:73:0a:1e:95: 41:6c:69:80:1c:48:63:25:67:b8:29:8e:63:16:e2: 2f:d0:66:c3:50:86:cf:a6:dd:30:1a:02:09:7f:ac: 14:65:45:ae:c4:93:81:fb:ad:41:cf:f4:1a:dc:a7: 34:20:24:51:9d:cf:0c:df:a4:e2:ca:60:42:4d:c9: 77:5c:a2:6b:06:c2:c3:60:40:37:0c:f6:19:83:d2: 19:e0:e0:a0:e9:8b:e4:23:41:3a:49:f1:3d:09:dd: 5e:4b:25:2f:2c:e9:3c:ea:ea:3d:4b:9d:f4:ab:c7: a5:82:4c:58:5d:62:97:c2:5c:c9:a4:77:5a:02:bc: b4:6f:c6:ab:77:7f:46:08:a4:44:2c:53:bd:6a:ed: 12:9f:cc:e5:4e:4d:64:74:e4:93:94:1d:89:04:fb: 21:a3:7d:06:92:ea:e3:c6:1a:d7:0f:bf:e3:b9:54: 86:4a:0f:73:8b:46:6e:6c:82:7e:af:fd:d9:10:80: 5c:8a:0e:5a:78:c9:25:01:2a:9a:cb:fa:b4:81:07: 2c:78:73:e5:30:29:76:1d:20:c7:18:c7:6f:5f:70: d4:dc:98:ca:74:09:60:45:e6:29:d2:d6:2f:2c:22: 3b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:8B:B8:48:17:3C:7B:75:6F:3D:43:CF:7C:9F:CB:AF:CD:40:54:E4 X509v3 Authority Key Identifier: keyid:42:27:55:90:93:4B:31:E3:9D:81:DD:BC:9C:09:85:6B:7F:4E:58:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QidVkJNLMeOdgd28nAmFa39OWIQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC009/959DB85E490A11EDBB767848C4F9AE02/QidVkJNLMeOdgd28nAmFa39OWIQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:03:08:9e:ca:f1:51:6e:31:bb:0d:53:27:ef:5b:3f:5f:41: 07:50:dc:33:67:3f:34:df:cf:9c:ab:d3:83:b3:39:00:7c:76: 99:4f:6b:59:7b:a1:f5:95:9f:be:bd:01:c5:43:b0:d0:34:4b: 1a:68:68:cc:9d:4c:a6:fb:7e:82:25:4e:1a:2a:7d:f1:82:a8: d9:fa:13:6b:d9:09:2b:86:e6:7c:fe:a7:2e:a9:13:01:fc:0c: 1d:0c:4d:f6:bc:e9:ad:c8:92:fa:1e:ea:74:98:e3:66:b3:d0: dc:c0:36:f6:e2:c5:d0:94:2f:66:a1:ff:40:a1:da:51:27:b1: 86:98:5a:37:2c:64:d8:76:a6:dd:6e:c1:45:82:1b:46:66:a9: bc:9d:cb:60:f6:f9:7d:4d:96:8b:e3:b8:f0:a9:c3:31:4d:81: 50:90:df:04:3d:2a:1b:22:47:11:1c:99:56:47:c9:da:c7:de: 6f:9d:5f:b7:cd:66:25:9e:83:47:e1:37:9d:d1:ea:41:32:ec: e2:59:6d:68:53:62:5b:8a:c7:c1:a7:22:12:ae:e3:a3:9b:7d: 40:75:53:17:a2:ad:46:d7:64:d1:be:3c:4d:74:ff:c6:ce:7b: 70:0b:20:7d:86:2a:82:3f:20:c3:5d:05:f1:de:5e:09:c8:d0: ec:36:fe:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMwMDkxMTAvBgNVBAUTKDQyMjc1NTkwOTM0QjMxRTM5RDgxRERCQzlDMDk4NTZC N0Y0RTU4ODQwHhcNMjUwNDExMDIwNzMwWhcNMjUwNDE4MDIwNzMwWjAYMRYwFAYD VQQDEw02N2Y4Nzk2Mi0wMDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDx5YCdJbBJ+5ze8rHWyiq/IA+klQ76HGnMKHpVBbGmAHEhjJWe4KY5jFuIv 0GbDUIbPpt0wGgIJf6wUZUWuxJOB+61Bz/Qa3Kc0ICRRnc8M36TiymBCTcl3XKJr BsLDYEA3DPYZg9IZ4OCg6YvkI0E6SfE9Cd1eSyUvLOk86uo9S530q8elgkxYXWKX wlzJpHdaAry0b8ard39GCKRELFO9au0Sn8zlTk1kdOSTlB2JBPsho30GkurjxhrX D7/juVSGSg9zi0ZubIJ+r/3ZEIBcig5aeMklASqay/q0gQcseHPlMCl2HSDHGMdv X3DU3JjKdAlgReYp0tYvLCI7VQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDiLuEgX PHt1bz1Dz3yfy6/NQFTkMB8GA1UdIwQYMBaAFEInVZCTSzHjnYHdvJwJhWt/TliE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzAwOS85NTlEQjg1RTQ5 MEExMUVEQkI3Njc4NDhDNEY5QUUwMi9RaWRWa0pOTE1lT2RnZDI4bkFtRmEzOU9X SVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FpZFZrSk5MTWVPZGdkMjhuQW1GYTM5T1dJUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzAwOS85NTlEQjg1RTQ5MEExMUVEQkI3Njc4NDhDNEY5QUUwMi9RaWRWa0pOTE1l T2RnZDI4bkFtRmEzOU9XSVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpAwieyvFRbjG7DVMn71s/X0EHUNwzZz8038+cq9ODszkAfHaZT2tZ e6H1lZ++vQHFQ7DQNEsaaGjMnUym+36CJU4aKn3xgqjZ+hNr2QkrhuZ8/qcuqRMB /AwdDE32vOmtyJL6Hup0mONms9DcwDb24sXQlC9mof9AodpRJ7GGmFo3LGTYdqbd bsFFghtGZqm8nctg9vl9TZaL47jwqcMxTYFQkN8EPSobIkcRHJlWR8nax95vnV+3 zWYlnoNH4Ted0epBMuziWW1oU2JbisfBpyISruOjm31AdVMXoq1G12TRvjxNdP/G zntwCyB9hiqCPyDDXQXx3l4JyNDsNv6G -----END CERTIFICATE-----Generated at Sat Apr 12 19:05:00 2025 by rpki-client