$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: t4cA+c6YsOC+5M4w5JiCB01tGU1/3GVZsOqrEFK9vtQ= Subject key identifier: FF:17:A6:87:09:3D:54:C5:BB:CD:C2:01:B2:71:BE:A8:A6:DD:CA:DD Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2190 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2155 Signing time: Sun 06 Apr 2025 15:52:50 +0000 Manifest this update: Sun 06 Apr 2025 15:52:50 +0000 Manifest next update: Sun 13 Apr 2025 15:52:50 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: RfBJh3dXjrGHtexNvtDACbX9h4upjYkbbsyGmE7jOts=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 9: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 15:52:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8592 (0x2190) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D Validity Not Before: Apr 6 15:52:50 2025 GMT Not After : Apr 13 15:52:50 2025 GMT Subject: CN=67f2a352-0985 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fd:d5:63:1d:c1:18:d0:42:e7:04:e0:63:e3: 71:d7:9d:bc:2f:22:04:3d:58:bb:45:68:9a:fa:5f: 21:cf:dc:c2:62:f3:83:9d:5e:9c:55:c1:84:be:6f: 07:a4:80:81:ef:3f:36:ed:91:2c:65:55:ff:57:a3: ef:f0:ff:c6:b3:61:39:9e:7e:97:de:07:81:c5:2c: 53:7f:2f:09:1a:78:0c:09:da:5d:f2:7c:8a:19:29: 16:ef:81:3b:d4:7b:d3:de:de:35:04:3c:a8:d8:03: d1:df:c4:3b:5d:e2:51:80:53:a0:0e:36:2c:15:0b: 94:8e:55:6d:fb:42:f4:a7:24:b9:77:b5:d0:3d:a6: db:50:c3:4c:8e:cb:09:a4:15:60:d3:96:f6:ad:cd: f7:72:bb:5b:9c:fc:4f:4d:33:8d:8c:16:76:3f:0e: a1:4f:82:29:3b:4e:c2:a1:3e:4b:99:ba:ea:49:e0: 0e:34:55:ff:f6:19:dd:75:ba:3b:ea:0b:84:08:5c: 32:61:2c:af:0d:de:ca:87:5a:b7:bb:25:31:5f:51: f4:e1:5d:c4:83:97:1e:f1:04:54:7f:88:35:0d:3c: c4:50:e8:c0:72:97:f0:87:10:d4:e8:c5:ef:b0:ce: 5d:fc:14:de:39:49:19:28:d7:4a:fc:aa:49:ca:4e: 96:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:17:A6:87:09:3D:54:C5:BB:CD:C2:01:B2:71:BE:A8:A6:DD:CA:DD X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:d2:13:4e:ba:21:f4:51:79:34:bd:59:17:01:c7:fa:6b:48: 41:97:c4:bf:5e:47:cf:59:71:7f:d7:3a:99:80:d4:40:bd:77: 7b:27:40:95:c6:13:5f:06:15:a8:f5:44:70:41:c5:0b:82:2d: 55:75:e2:0a:96:3b:b8:98:f5:d3:cd:35:10:8b:c9:be:62:59: 3f:c7:7e:9e:6b:44:44:39:cc:bf:ba:14:b5:3b:ab:73:5a:8a: ba:11:87:a5:89:0e:9a:b3:8f:2f:8b:4e:ba:7a:e2:05:8b:2a: c0:15:65:08:6c:67:63:6d:bd:86:23:11:a0:45:bc:23:e7:1e: f6:eb:3c:9b:56:4e:c6:78:9c:a7:23:2c:68:11:a2:67:53:10: b8:e8:e1:ae:ac:ce:42:f0:5f:71:01:b4:da:c1:53:89:6d:65: 2a:2c:c5:3f:5a:b6:dd:d7:55:94:76:f1:16:c1:9c:be:93:1c: dd:52:ea:0e:f3:64:8c:cc:c3:e0:aa:d8:96:85:6c:c5:6a:40: ab:92:21:bf:d0:46:88:54:94:77:a0:9d:d2:8c:70:35:b1:89: 4d:26:35:74:0c:43:93:65:69:f2:b1:d3:73:da:fd:ff:b5:17: 0e:c6:57:28:51:0e:9d:47:06:2f:1e:ce:81:1c:e2:0f:70:bb: df:46:17:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNDA2MTU1MjUwWhcNMjUwNDEzMTU1MjUwWjAYMRYwFAYD VQQDEw02N2YyYTM1Mi0wOTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0P3VYx3BGNBC5wTgY+Nx1528LyIEPVi7RWia+l8hz9zCYvODnV6cVcGEvm8H pICB7z827ZEsZVX/V6Pv8P/Gs2E5nn6X3geBxSxTfy8JGngMCdpd8nyKGSkW74E7 1HvT3t41BDyo2APR38Q7XeJRgFOgDjYsFQuUjlVt+0L0pyS5d7XQPabbUMNMjssJ pBVg05b2rc33crtbnPxPTTONjBZ2Pw6hT4IpO07CoT5LmbrqSeAONFX/9hnddbo7 6guECFwyYSyvDd7Kh1q3uyUxX1H04V3Eg5ce8QRUf4g1DTzEUOjAcpfwhxDU6MXv sM5d/BTeOUkZKNdK/KpJyk6WRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP8XpocJ PVTFu83CAbJxvqim3crdMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBb0hNOuiH0UXk0vVkXAcf6a0hBl8S/XkfPWXF/1zqZgNRAvXd7J0CV xhNfBhWo9URwQcULgi1VdeIKlju4mPXTzTUQi8m+Ylk/x36ea0REOcy/uhS1O6tz Woq6EYeliQ6as48vi066euIFiyrAFWUIbGdjbb2GIxGgRbwj5x726zybVk7GeJyn IyxoEaJnUxC46OGurM5C8F9xAbTawVOJbWUqLMU/Wrbd11WUdvEWwZy+kxzdUuoO 82SMzMPgqtiWhWzFakCrkiG/0EaIVJR3oJ3SjHA1sYlNJjV0DEOTZWnysdNz2v3/ tRcOxlcoUQ6dRwYvHs6BHOIPcLvfRhdb -----END CERTIFICATE-----Generated at Mon Apr 7 07:24:47 2025 by rpki-client