$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft File: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft (raw, json) Hash identifier: +cPYaV8vAy679y02D9ayKi32GX4YiXIu6tm6oj+i9Rs= Subject key identifier: 24:83:C4:4D:E8:83:D3:7E:ED:91:A3:54:0B:74:9D:78:F6:A5:8C:5E Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Certificate serial: 0AC6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft Manifest number: 0A1E Signing time: Fri 30 May 2025 20:13:47 +0000 Manifest this update: Fri 30 May 2025 20:13:46 +0000 Manifest next update: Fri 06 Jun 2025 20:13:46 +0000 Files and hashes: 1: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl (hash: vE0+KELXIVhV1Qn5tcWmzGEFrSB1HZlR9LnnB0W/LRY=) 2: 61EFB2ACAC3611EDA5995F3FC4F9AE02.roa (hash: 4F/pO+DMZTaTanjCd4dRpqI6rwchzZD2B/zrGpX4dy4=) 3: 0DE32D9C2B1E11F0AFEB852DC4F9AE02.roa (hash: kY7MigJyhY/TYPojhwcv7Meb5L/AyqJTPuPblE1eiuc=) 4: C3E2252E205F11EE8117111CC4F9AE02.roa (hash: b89a9XRc4AM1AMlF52w1xwkFcE20RCssOx3I+fNCh44=) 5: 8626FFC65AE511EBA452D33EC4F9AE02.roa (hash: p+jw9LTgVlA4Fas32lm4S+s3Nf7H/SOUto4eg7ZR3k4=) 6: 84023C06D24611EABDDF5344C4F9AE02.roa (hash: 1tQbOZGCpdjO+Y55KBqDyrU6PI7sCOp/TxXvN4NzOO0=) 7: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (hash: 544CGw77adzKZSVB6a/EsmcNRdkcJyyJICXTpEPCpPk=) 8: 553170245AC511EBA052F663C4F9AE02.roa (hash: zZIIEfeakO+43e0JDOBIzAkL5O9TeO1Bv2dEETveidg=) 9: DCF88EAE5ED811EBAB677671C4F9AE02.roa (hash: +xAAC0Q1keCic3iZwKSmyffjMCHYPPvNkq4JH4+m/zo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:13:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2758 (0xac6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Validity Not Before: May 30 20:13:46 2025 GMT Not After : Jun 6 20:13:46 2025 GMT Subject: CN=683a117b-b4ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0c:f1:9f:a0:67:bc:be:78:d8:71:e1:f8:bb: d3:71:66:62:c9:68:f3:e0:fb:e6:76:3b:3b:9b:c4: 9f:fb:85:6f:5d:29:ff:3a:90:35:75:1f:68:a7:e0: ec:9a:f9:76:44:36:16:99:66:4a:c1:6d:ef:6a:51: f6:2d:93:31:9c:dc:8b:a9:d3:4b:f1:4b:9a:dd:c0: 3a:76:98:37:2e:1a:82:f4:64:17:9b:b2:c5:3d:3d: e8:35:23:79:32:51:cc:be:ad:55:ca:33:b0:41:fe: d9:aa:7a:50:55:95:01:2a:a1:40:06:3f:0f:26:cc: dc:28:8c:25:5b:55:3a:94:64:95:ef:b8:2a:32:ce: f9:9b:39:c8:29:83:1c:4e:47:89:44:47:ea:82:1b: 09:76:28:9c:6d:e5:ab:14:de:b0:f0:67:cb:ab:70: d1:64:ad:cb:31:8f:97:87:be:09:2c:3c:cf:01:e2: 80:6b:60:06:51:7b:68:04:10:31:1d:5e:d1:17:37: 0d:d4:64:fd:52:a2:01:90:31:b1:88:fb:17:e4:3f: 5c:ad:63:76:0f:7a:02:c2:81:ba:3a:e1:fa:4d:f0: 6a:63:14:83:bf:39:2e:0a:27:64:48:99:f9:44:a0: 85:98:b9:9b:c9:76:5f:8a:5e:14:7d:c5:54:01:13: c2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:83:C4:4D:E8:83:D3:7E:ED:91:A3:54:0B:74:9D:78:F6:A5:8C:5E X509v3 Authority Key Identifier: keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:0b:41:c4:64:32:d2:e3:9d:86:6f:07:f8:14:50:45:9c:df: 98:c4:3c:ac:0a:9d:13:83:36:99:80:e1:50:37:4f:51:2b:17: ea:3c:fa:d6:d7:e9:a8:4f:f6:79:3f:88:41:a6:af:24:d4:9c: ab:0d:15:de:d7:a3:0a:22:ed:1a:55:68:27:16:73:10:d8:f9: 17:5a:dc:a2:fe:92:77:1d:37:51:a9:41:a7:e6:13:c6:cd:38: 5b:f6:dd:6b:33:67:e9:8f:7d:89:81:4e:97:9d:e8:78:9f:17: 01:b9:22:c5:45:e5:54:22:a6:c7:a3:db:69:0e:8f:8d:3d:b9: e5:46:75:f7:d0:31:e2:c1:d7:4b:7a:c8:27:a4:50:37:18:51: 3d:ce:b6:4d:bf:09:b1:66:1a:bc:1f:47:23:ca:9d:92:9b:1b: ad:6d:0f:05:74:2a:96:08:fb:be:da:8b:99:f5:43:33:5a:58: 13:13:34:64:59:1a:3d:ba:43:48:98:3a:d7:d1:2c:a6:00:94: a8:6d:fc:23:7b:94:08:4d:04:96:4a:51:fb:eb:3c:06:15:7c: 3e:d0:57:53:c3:ce:6a:d2:dc:20:0f:ce:b0:b5:73:0e:c1:5d: 77:f6:c7:9b:d7:40:5b:99:1c:87:f3:ff:5f:0a:54:ba:cc:de: e4:16:0e:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE NTQ0QTYyQTYwHhcNMjUwNTMwMjAxMzQ2WhcNMjUwNjA2MjAxMzQ2WjAYMRYwFAYD VQQDEw02ODNhMTE3Yi1iNGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyAzxn6BnvL542HHh+LvTcWZiyWjz4Pvmdjs7m8Sf+4VvXSn/OpA1dR9op+Ds mvl2RDYWmWZKwW3valH2LZMxnNyLqdNL8Uua3cA6dpg3LhqC9GQXm7LFPT3oNSN5 MlHMvq1VyjOwQf7ZqnpQVZUBKqFABj8PJszcKIwlW1U6lGSV77gqMs75mznIKYMc TkeJREfqghsJdiicbeWrFN6w8GfLq3DRZK3LMY+Xh74JLDzPAeKAa2AGUXtoBBAx HV7RFzcN1GT9UqIBkDGxiPsX5D9crWN2D3oCwoG6OuH6TfBqYxSDvzkuCidkSJn5 RKCFmLmbyXZfil4UfcVUARPC/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCSDxE3o g9N+7ZGjVAt0nXj2pYxeMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1 MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NjQ3Qy80MzdDQzQwNjg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhL ZEJ4cUpKM0FGYWJWUktZcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLC0HEZDLS452Gbwf4FFBFnN+YxDysCp0TgzaZgOFQN09RKxfqPPrW 1+moT/Z5P4hBpq8k1JyrDRXe16MKIu0aVWgnFnMQ2PkXWtyi/pJ3HTdRqUGn5hPG zThb9t1rM2fpj32JgU6Xneh4nxcBuSLFReVUIqbHo9tpDo+NPbnlRnX30DHiwddL esgnpFA3GFE9zrZNvwmxZhq8H0cjyp2SmxutbQ8FdCqWCPu+2ouZ9UMzWlgTEzRk WRo9ukNImDrX0SymAJSobfwje5QITQSWSlH76zwGFXw+0FdTw85q0twgD86wtXMO wV139seb10BbmRyH8/9fClS6zN7kFg48 -----END CERTIFICATE-----Generated at Sat May 31 17:47:16 2025 by rpki-client