$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft File: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft (raw, json) Hash identifier: OzQJUCyaiv5fphtC+yg4cRZ8Ox8M7nTXGv3bkpzeHdk= Subject key identifier: BE:2B:FF:22:5C:33:F7:1C:C4:07:AE:6B:D9:06:A3:8C:E9:DA:4E:D5 Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Certificate serial: 0A9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft Manifest number: 09F5 Signing time: Wed 12 Mar 2025 19:52:06 +0000 Manifest this update: Wed 12 Mar 2025 19:52:05 +0000 Manifest next update: Wed 19 Mar 2025 19:52:05 +0000 Files and hashes: 1: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl (hash: gxIZ8cP8RJitfA1oRGYttmLZ/ulPg46uS446tnVjFYM=) 2: C3E2252E205F11EE8117111CC4F9AE02.roa (hash: b89a9XRc4AM1AMlF52w1xwkFcE20RCssOx3I+fNCh44=) 3: 8626FFC65AE511EBA452D33EC4F9AE02.roa (hash: p+jw9LTgVlA4Fas32lm4S+s3Nf7H/SOUto4eg7ZR3k4=) 4: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (hash: 544CGw77adzKZSVB6a/EsmcNRdkcJyyJICXTpEPCpPk=) 5: 84023C06D24611EABDDF5344C4F9AE02.roa (hash: 1tQbOZGCpdjO+Y55KBqDyrU6PI7sCOp/TxXvN4NzOO0=) 6: 553170245AC511EBA052F663C4F9AE02.roa (hash: zZIIEfeakO+43e0JDOBIzAkL5O9TeO1Bv2dEETveidg=) 7: 61EFB2ACAC3611EDA5995F3FC4F9AE02.roa (hash: 4F/pO+DMZTaTanjCd4dRpqI6rwchzZD2B/zrGpX4dy4=) 8: DCF88EAE5ED811EBAB677671C4F9AE02.roa (hash: +xAAC0Q1keCic3iZwKSmyffjMCHYPPvNkq4JH4+m/zo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 19:52:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2716 (0xa9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911647C Validity Not Before: Mar 12 19:52:05 2025 GMT Not After : Mar 19 19:52:05 2025 GMT Subject: CN=67d1e5e5-4c2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:27:6f:4d:d0:33:f4:61:83:07:8b:7f:28:71: ec:03:d1:94:ef:03:10:3a:c7:2a:70:6c:c1:41:0a: 06:0a:99:1d:46:6e:d0:b6:87:82:0e:dc:51:6e:57: 09:9e:7c:5a:3f:e5:66:ad:ae:40:f0:a6:7b:24:2f: 79:de:f7:62:1f:13:14:87:1b:82:6b:10:65:48:ec: aa:89:c1:ae:01:8c:62:a8:c7:1e:25:e8:5f:6a:b1: e5:5b:fa:8e:ff:dd:f1:da:53:63:fb:4d:2f:e7:1b: 02:0c:a7:07:74:92:b5:cd:f3:56:49:23:c6:f1:52: fa:23:97:0a:39:cc:b0:db:ca:66:52:e3:18:de:d0: a2:d3:0b:6a:1d:97:a2:96:d7:73:cf:76:d7:ff:8f: 94:5e:0c:05:63:c8:0b:8d:46:a8:48:6d:f8:02:ad: 78:e5:ca:b1:bc:7a:cd:17:0e:17:84:08:dc:e6:4c: c9:3d:1d:3f:40:75:55:bd:6e:da:8a:fc:c3:1e:25: 66:bc:5f:49:93:4a:8b:f1:90:0b:ee:f8:a9:c9:67: 6f:da:be:f3:3c:47:2b:4b:6a:4f:da:d6:36:43:d7: 3b:fb:58:83:57:6b:4b:c0:3b:fd:bc:8c:25:da:43: d2:66:30:23:e6:33:88:20:97:2c:c5:5d:5f:e4:c8: be:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:2B:FF:22:5C:33:F7:1C:C4:07:AE:6B:D9:06:A3:8C:E9:DA:4E:D5 X509v3 Authority Key Identifier: keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:3b:7f:13:fc:de:0d:1d:61:b1:5f:09:e8:1b:5a:68:da:3c: d3:1b:99:e9:47:d6:99:0c:ca:ea:52:d7:86:8d:11:1e:6b:f6: 09:f6:9f:28:ff:47:b5:97:eb:86:a6:84:92:9b:b6:c3:77:c4: 78:3a:b7:3c:e5:64:1b:6d:13:94:cf:3b:18:75:c4:9f:63:fb: da:9d:77:48:71:c3:c8:97:30:3a:da:9b:cc:98:00:f1:f3:36: fd:aa:f1:e1:f5:de:7c:82:3b:74:ea:7e:1b:30:0b:24:da:0d: 4c:8f:b1:b9:34:ad:7a:d9:0f:f2:a9:d8:cd:f7:ae:35:47:22: f0:17:a4:44:55:5c:5e:de:62:04:eb:a1:f5:9a:14:cc:d0:7b: 5b:87:48:a0:2d:4f:32:2d:c2:db:54:dc:22:ab:dd:c8:54:68: db:52:63:13:5e:4b:3a:74:50:67:3a:0f:db:43:84:c9:27:ef: 61:91:d0:f2:55:19:9a:08:58:8d:4c:cb:5c:2d:b9:b4:ab:ee: 53:a2:a5:0d:cb:7a:13:36:08:d9:c9:a1:bc:05:e9:82:b8:a3: 66:19:a7:25:10:ca:de:0a:aa:45:e7:da:b5:a0:7a:73:ef:f6: c1:79:08:80:11:f3:7c:83:2c:cc:d2:28:03:73:98:77:c2:c3: bf:ef:d1:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCpwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE NTQ0QTYyQTYwHhcNMjUwMzEyMTk1MjA1WhcNMjUwMzE5MTk1MjA1WjAYMRYwFAYD VQQDEw02N2QxZTVlNS00YzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAySdvTdAz9GGDB4t/KHHsA9GU7wMQOscqcGzBQQoGCpkdRm7QtoeCDtxRblcJ nnxaP+Vmra5A8KZ7JC953vdiHxMUhxuCaxBlSOyqicGuAYxiqMceJehfarHlW/qO /93x2lNj+00v5xsCDKcHdJK1zfNWSSPG8VL6I5cKOcyw28pmUuMY3tCi0wtqHZei ltdzz3bX/4+UXgwFY8gLjUaoSG34Aq145cqxvHrNFw4XhAjc5kzJPR0/QHVVvW7a ivzDHiVmvF9Jk0qL8ZAL7vipyWdv2r7zPEcrS2pP2tY2Q9c7+1iDV2tLwDv9vIwl 2kPSZjAj5jOIIJcsxV1f5Mi+twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4r/yJc M/ccxAeua9kGo4zp2k7VMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1 MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NjQ3Qy80MzdDQzQwNjg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhL ZEJ4cUpKM0FGYWJWUktZcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFO38T/N4NHWGxXwnoG1po2jzTG5npR9aZDMrqUteGjREea/YJ9p8o /0e1l+uGpoSSm7bDd8R4Orc85WQbbROUzzsYdcSfY/vanXdIccPIlzA62pvMmADx 8zb9qvHh9d58gjt06n4bMAsk2g1Mj7G5NK162Q/yqdjN9641RyLwF6REVVxe3mIE 66H1mhTM0Htbh0igLU8yLcLbVNwiq93IVGjbUmMTXks6dFBnOg/bQ4TJJ+9hkdDy VRmaCFiNTMtcLbm0q+5ToqUNy3oTNgjZyaG8BemCuKNmGaclEMreCqpF59q1oHpz 7/bBeQiAEfN8gyzM0igDc5h3wsO/79GN -----END CERTIFICATE-----Generated at Thu Mar 13 21:29:00 2025 by rpki-client