$ rpki-client -vvf rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft File: qafXPj7Y1cRm3LxsIJzUNTzemM8.mft (raw, json) Hash identifier: 3jFEEii1cRqmm8FGb0obfOCM6L3wizxXZkHguIBKEXU= Subject key identifier: E9:60:8F:02:E7:7A:84:D5:DF:10:9C:BA:F2:BF:FF:D2:00:3B:89:A7 Authority key identifier: A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF Certificate issuer: /CN=A9143FC4/serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Certificate serial: 3444 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft Manifest number: 3444 Signing time: Fri 30 May 2025 15:26:05 +0000 Manifest this update: Fri 30 May 2025 15:26:04 +0000 Manifest next update: Fri 06 Jun 2025 15:26:04 +0000 Files and hashes: 1: qafXPj7Y1cRm3LxsIJzUNTzemM8.crl (hash: Xam4Eou1zclkuU+FWxhsl3mFkoSiiru7vG+UiSkfeJQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 15:26:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13380 (0x3444) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143FC4, serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Validity Not Before: May 30 15:26:04 2025 GMT Not After : Jun 6 15:26:04 2025 GMT Subject: CN=6839ce0d-6ccc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:69:c6:61:05:b3:b9:47:4c:ad:e3:43:65:f8: f5:73:b5:24:6a:e1:bb:78:3e:26:37:4d:49:17:45: ca:10:ee:21:bd:38:86:67:13:ec:aa:03:0c:89:14: 33:cb:60:f1:e0:da:4c:81:cd:ce:c2:bc:f3:fe:fd: b6:7e:1b:d5:dd:57:1b:f1:64:cf:83:ee:ae:a5:43: 40:a9:ea:81:b4:20:83:63:85:97:d0:87:7b:f2:f7: 78:7e:2a:4f:4b:7b:76:f6:ab:ff:0c:e2:72:e1:fd: 76:f4:f6:ee:4b:42:d2:4b:fe:e5:32:a8:8a:4b:18: a6:ad:3d:59:e7:61:e0:35:57:ee:de:98:7f:41:e4: 0b:96:4e:f8:a3:68:f2:c2:e2:00:82:71:80:36:af: fa:2f:ee:eb:2f:5f:1c:ab:93:03:4c:12:49:fd:77: b4:71:97:0e:8e:fe:0a:c5:ab:0c:8f:af:77:35:3a: 42:49:ab:c7:75:7f:64:1e:4f:ff:e1:5f:5a:6d:94: 3d:71:d8:d8:4f:48:4c:7b:87:bf:0d:8b:4c:51:e6: fd:99:ad:71:0a:d0:d9:6e:29:fc:bb:6f:68:3c:89: cb:ca:72:48:18:64:f8:84:4f:66:5f:f0:91:bd:d5: 7a:91:c9:ba:59:c9:62:a3:a9:e2:3a:e7:ee:ef:6b: 35:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:60:8F:02:E7:7A:84:D5:DF:10:9C:BA:F2:BF:FF:D2:00:3B:89:A7 X509v3 Authority Key Identifier: keyid:A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:39:03:19:d7:be:ad:48:14:59:33:25:bf:ac:a0:ce:ef:f6: fc:c1:98:70:17:96:2f:b9:9c:a8:55:21:a0:2d:27:89:0c:bc: 0c:35:13:b3:ff:0c:5e:14:ac:67:eb:2e:2c:1e:03:0d:e3:8d: 08:77:de:a9:4e:2d:aa:3b:ce:85:3a:da:dd:5b:6a:b7:40:e7: a9:5b:29:26:9f:3b:94:b1:bc:7f:3a:d4:b4:b6:0c:55:2d:b5: b4:a7:04:f0:a0:d5:2c:3e:e4:5f:1c:d2:d1:80:20:68:46:1b: 9c:55:b3:30:1a:7c:e8:3c:da:28:e8:5c:c3:54:67:46:d3:b6: e9:65:45:6e:e1:a7:29:f4:d6:3a:18:3a:16:83:62:b4:bc:dd: 6e:31:b1:7b:bb:c5:cd:aa:29:c1:b5:fd:67:3d:23:ed:64:f2: b9:27:7f:25:9c:63:a8:43:52:17:19:07:f4:8c:3a:b9:40:fc: 82:9d:7a:78:77:4d:4f:86:d6:7e:4b:8b:90:29:45:7c:c9:bb: 4a:06:4a:0e:ef:b2:b0:10:fe:a6:8f:be:cf:89:3f:fc:fe:10: dd:0f:fb:15:8a:74:73:08:cc:7d:79:d8:2c:76:8d:b0:5f:26: 5a:df:c2:e4:56:d6:6a:d2:7a:70:f7:d1:ae:3d:d7:ec:3a:5d: ab:87:1d:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNGQzQxMTAvBgNVBAUTKEE5QTdENzNFM0VEOEQ1QzQ2NkRDQkM2QzIwOUNENDM1 M0NERTk4Q0YwHhcNMjUwNTMwMTUyNjA0WhcNMjUwNjA2MTUyNjA0WjAYMRYwFAYD VQQDEw02ODM5Y2UwZC02Y2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3GnGYQWzuUdMreNDZfj1c7UkauG7eD4mN01JF0XKEO4hvTiGZxPsqgMMiRQz y2Dx4NpMgc3Owrzz/v22fhvV3Vcb8WTPg+6upUNAqeqBtCCDY4WX0Id78vd4fipP S3t29qv/DOJy4f129PbuS0LSS/7lMqiKSximrT1Z52HgNVfu3ph/QeQLlk74o2jy wuIAgnGANq/6L+7rL18cq5MDTBJJ/Xe0cZcOjv4KxasMj693NTpCSavHdX9kHk// 4V9abZQ9cdjYT0hMe4e/DYtMUeb9ma1xCtDZbin8u29oPInLynJIGGT4hE9mX/CR vdV6kcm6Wclio6niOufu72s1xwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOlgjwLn eoTV3xCcuvK//9IAO4mnMB8GA1UdIwQYMBaAFKmn1z4+2NXEZty8bCCc1DU83pjP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0ZDNC9CMTY1QTNBODI5 NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFjUm0zTHhzSUp6VU5UemVt TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FhZlhQajdZMWNSbTNMeHNJSnpVTlR6ZW1NOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0ZDNC9CMTY1QTNBODI5NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFj Um0zTHhzSUp6VU5UemVtTTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCOQMZ176tSBRZMyW/rKDO7/b8wZhwF5YvuZyoVSGgLSeJDLwMNROz /wxeFKxn6y4sHgMN440Id96pTi2qO86FOtrdW2q3QOepWykmnzuUsbx/OtS0tgxV LbW0pwTwoNUsPuRfHNLRgCBoRhucVbMwGnzoPNoo6FzDVGdG07bpZUVu4acp9NY6 GDoWg2K0vN1uMbF7u8XNqinBtf1nPSPtZPK5J38lnGOoQ1IXGQf0jDq5QPyCnXp4 d01PhtZ+S4uQKUV8ybtKBkoO77KwEP6mj77PiT/8/hDdD/sVinRzCMx9edgsdo2w XyZa38LkVtZq0npw99GuPdfsOl2rhx3J -----END CERTIFICATE-----Generated at Sat May 31 17:07:45 2025 by rpki-client