$ rpki-client -vvf rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.mft File: qw2Hl8WKg6W0nAd6Mu9nMock5BI.mft (raw, json) Hash identifier: k4mTvPYm8RFNVN1BEsNRGhhkUcA7+LiC6EhEOXQ1umA= Subject key identifier: 25:F5:E5:0C:07:62:61:B9:58:AC:05:DA:15:D0:BA:C8:AE:7C:0A:3E Authority key identifier: AB:0D:87:97:C5:8A:83:A5:B4:9C:07:7A:32:EF:67:32:87:24:E4:12 Certificate issuer: /CN=A914E026/serialNumber=AB0D8797C58A83A5B49C077A32EF67328724E412 Certificate serial: 0C8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qw2Hl8WKg6W0nAd6Mu9nMock5BI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.mft Manifest number: 0C8F Signing time: Fri 30 May 2025 18:24:58 +0000 Manifest this update: Fri 30 May 2025 18:24:57 +0000 Manifest next update: Fri 06 Jun 2025 18:24:57 +0000 Files and hashes: 1: qw2Hl8WKg6W0nAd6Mu9nMock5BI.crl (hash: Bwd5UNGMy7ayBSygrsfgMsNCRcsR95FoXrmxqR7n5bM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.crl rsync://rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qw2Hl8WKg6W0nAd6Mu9nMock5BI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:24:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3215 (0xc8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E026, serialNumber=AB0D8797C58A83A5B49C077A32EF67328724E412 Validity Not Before: May 30 18:24:57 2025 GMT Not After : Jun 6 18:24:57 2025 GMT Subject: CN=6839f7fa-d41d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:46:5f:a1:eb:13:ce:75:53:af:78:11:4b:16: f9:8f:7e:57:be:a2:13:81:35:c6:1b:12:94:25:25: 57:0b:92:6b:b4:00:87:4b:02:9d:7a:ad:96:bc:65: fb:f6:73:9a:e0:ac:80:96:51:c7:bf:43:98:5a:f2: ba:01:16:33:e1:ee:7a:3e:f5:89:b3:b1:a6:81:78: 1e:12:6c:fc:ed:a9:28:68:e6:82:17:be:a7:5e:e0: 5f:08:f7:26:45:98:1f:e4:06:d2:d6:f6:2f:7e:e6: 58:1b:dd:4f:9a:17:fc:82:08:b2:c5:48:3c:34:35: 36:d3:0f:8e:b5:f6:a3:0c:21:19:a6:33:d3:06:c3: 9d:16:76:ff:8d:10:c8:65:95:d3:72:35:ed:7a:c4: ca:36:ba:7d:e6:b2:c8:97:21:b6:5a:b5:b7:06:a0: 6c:1c:cb:c9:32:b2:90:ee:e7:cd:03:45:16:b7:3a: 94:cc:f3:e4:5d:22:f3:bd:0d:e5:0a:26:67:cd:cd: c9:56:8a:37:72:47:f9:57:64:40:c0:c2:94:59:96: ad:af:fa:c6:d7:17:b4:70:91:80:39:de:1c:86:68: fa:71:7f:61:9f:40:4f:ec:7d:7f:69:f7:ea:dc:bd: d0:9a:da:4a:6a:1c:07:31:8c:22:6e:3c:be:e6:9b: 36:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:F5:E5:0C:07:62:61:B9:58:AC:05:DA:15:D0:BA:C8:AE:7C:0A:3E X509v3 Authority Key Identifier: keyid:AB:0D:87:97:C5:8A:83:A5:B4:9C:07:7A:32:EF:67:32:87:24:E4:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qw2Hl8WKg6W0nAd6Mu9nMock5BI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E026/D6B26304F56A11E9BF2AE684C4F9AE02/qw2Hl8WKg6W0nAd6Mu9nMock5BI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:98:bd:41:42:18:d6:9a:57:91:6c:57:09:42:0a:d7:99:fc: c8:da:83:80:90:63:21:dc:52:ad:17:c4:01:f1:e9:5c:da:57: 9b:39:6f:cb:2c:e6:6a:bc:9d:ba:d5:da:e6:e2:5b:48:9c:32: 3a:7a:81:00:b9:0f:6d:d9:2c:3d:51:a0:d7:69:84:14:21:cb: 90:43:f7:5d:dc:59:8f:20:9e:9c:6f:61:2c:a8:3a:10:e7:a2: a6:58:91:03:74:2a:17:ba:f1:ba:86:e4:61:83:e9:7d:3d:ae: 10:5f:53:fd:b8:84:a6:af:12:e1:9f:f6:f0:a1:d8:fe:54:18: ee:61:61:31:81:4f:b6:62:ba:97:78:f8:08:7e:d6:e9:7f:78: 51:a9:67:21:be:1e:7e:6b:64:e8:ae:3a:4c:bd:75:18:73:14: 84:7c:ac:35:1e:95:fb:e1:22:ad:4c:5b:9a:77:78:b0:1f:c2: b6:59:b0:bf:d6:74:87:a2:07:c7:2c:f8:7a:2c:15:b8:fb:48: 93:17:34:0e:00:c9:89:51:82:3d:21:93:10:46:fa:86:f1:01: ec:56:be:13:e6:72:72:c1:68:90:80:bf:d5:91:60:77:1b:ed: d6:fb:ce:81:90:f5:65:1e:17:15:7e:c7:f5:ef:d2:48:f6:5f: a2:1a:8e:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUwMjYxMTAvBgNVBAUTKEFCMEQ4Nzk3QzU4QTgzQTVCNDlDMDc3QTMyRUY2NzMy ODcyNEU0MTIwHhcNMjUwNTMwMTgyNDU3WhcNMjUwNjA2MTgyNDU3WjAYMRYwFAYD VQQDEw02ODM5ZjdmYS1kNDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs0ZfoesTznVTr3gRSxb5j35XvqITgTXGGxKUJSVXC5JrtACHSwKdeq2WvGX7 9nOa4KyAllHHv0OYWvK6ARYz4e56PvWJs7GmgXgeEmz87akoaOaCF76nXuBfCPcm RZgf5AbS1vYvfuZYG91Pmhf8ggiyxUg8NDU20w+OtfajDCEZpjPTBsOdFnb/jRDI ZZXTcjXtesTKNrp95rLIlyG2WrW3BqBsHMvJMrKQ7ufNA0UWtzqUzPPkXSLzvQ3l CiZnzc3JVoo3ckf5V2RAwMKUWZatr/rG1xe0cJGAOd4chmj6cX9hn0BP7H1/affq 3L3QmtpKahwHMYwibjy+5ps26QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCX15QwH YmG5WKwF2hXQusiufAo+MB8GA1UdIwQYMBaAFKsNh5fFioOltJwHejLvZzKHJOQS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTAyNi9ENkIyNjMwNEY1 NkExMUU5QkYyQUU2ODRDNEY5QUUwMi9xdzJIbDhXS2c2VzBuQWQ2TXU5bk1vY2s1 QkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3F3MkhsOFdLZzZXMG5BZDZNdTluTW9jazVCSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTAyNi9ENkIyNjMwNEY1NkExMUU5QkYyQUU2ODRDNEY5QUUwMi9xdzJIbDhXS2c2 VzBuQWQ2TXU5bk1vY2s1QkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOmL1BQhjWmleRbFcJQgrXmfzI2oOAkGMh3FKtF8QB8elc2lebOW/L LOZqvJ261drm4ltInDI6eoEAuQ9t2Sw9UaDXaYQUIcuQQ/dd3FmPIJ6cb2EsqDoQ 56KmWJEDdCoXuvG6huRhg+l9Pa4QX1P9uISmrxLhn/bwodj+VBjuYWExgU+2YrqX ePgIftbpf3hRqWchvh5+a2TorjpMvXUYcxSEfKw1HpX74SKtTFuad3iwH8K2WbC/ 1nSHogfHLPh6LBW4+0iTFzQOAMmJUYI9IZMQRvqG8QHsVr4T5nJywWiQgL/VkWB3 G+3W+86BkPVlHhcVfsf179JI9l+iGo6I -----END CERTIFICATE-----Generated at Sat May 31 16:31:24 2025 by rpki-client