$ rpki-client -vvf rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft File: QhgvX3GliYTOiFmuYKTKynP-g2E.mft (raw, json) Hash identifier: Ipn4tG8t5BrTSrx/MO1ST0FaK2GbdV4GZ8keJNXjnWk= Subject key identifier: 4D:09:30:EB:5C:A1:C5:DE:E3:44:8E:54:04:A0:CF:CA:E0:EF:7A:64 Authority key identifier: 42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 Certificate issuer: /CN=A916EF5E/serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Certificate serial: 0FEB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft Manifest number: 2627 Signing time: Thu 31 Jul 2025 16:58:49 +0000 Manifest this update: Thu 31 Jul 2025 16:58:49 +0000 Manifest next update: Thu 07 Aug 2025 16:58:49 +0000 Files and hashes: 1: QhgvX3GliYTOiFmuYKTKynP-g2E.crl (hash: GpeUEkyaHVrpOF3cwo8Sc8fJfpJO13ThDI6CWF9jY5Q=) 2: 258F8662BBDF11ED8CE89144C4F9AE02.roa (hash: gR4VIke3wzcLlwcHX1MfRQDB5DCCZYAeVJopuxrfT0I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 16:58:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4075 (0xfeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EF5E, serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Validity Not Before: Jul 31 16:58:49 2025 GMT Not After : Aug 7 16:58:49 2025 GMT Subject: CN=688ba0c9-07df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d6:c2:10:f3:3a:20:e5:0f:1d:31:52:2e:96: cb:c4:2c:c9:6f:bf:83:57:8a:33:67:f8:b6:91:c8: 8f:ea:53:7d:62:ba:9d:da:8e:b8:50:b0:2c:f6:3f: 64:0c:b1:69:d6:ad:4a:62:1f:4d:35:44:31:3e:03: bd:e7:71:86:55:3c:88:85:da:73:b1:3d:43:85:81: ab:ec:6e:46:50:31:02:b8:9a:67:40:4a:96:eb:cf: 1d:ae:28:ca:f6:3f:5d:38:3e:84:87:d9:5b:c1:04: 80:5e:4e:74:27:c8:fd:d4:12:d8:75:2c:a9:09:71: c1:06:af:b8:a3:39:45:ad:fa:1e:72:fb:72:4f:0b: f3:b4:c7:39:92:b6:3c:12:09:ea:42:e8:f8:99:02: cb:b3:d7:91:48:27:ad:2e:b5:07:5d:80:68:be:61: 13:55:a4:d2:7c:f7:20:2f:c9:c0:47:f3:b4:5d:27: b0:3b:e4:54:aa:4e:36:08:a2:9d:7f:8a:a7:8d:8b: 36:eb:d2:bd:82:ca:c5:fb:c2:29:d5:ed:b8:f1:27: 2e:9d:a3:47:c8:f4:bd:44:a7:20:91:22:87:1a:73: 4d:29:3e:80:f2:44:e0:dd:95:15:93:e0:96:88:91: a5:63:c4:e6:22:58:63:26:cd:5b:a5:ce:67:db:88: a8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:09:30:EB:5C:A1:C5:DE:E3:44:8E:54:04:A0:CF:CA:E0:EF:7A:64 X509v3 Authority Key Identifier: keyid:42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:24:b6:e4:5a:cb:83:98:fe:71:2c:ad:59:18:7b:6d:3e:73: 2b:1d:5b:b9:c7:89:81:70:55:bd:65:c0:72:e8:84:e8:9c:44: f8:3d:15:94:8c:28:c9:3b:3a:b7:18:53:56:78:46:dc:26:3e: f8:c2:d4:6e:c3:68:50:11:d5:34:ee:c4:31:81:df:a4:cf:a4: 4e:ad:77:5a:2d:2a:fd:aa:40:40:2a:87:6f:29:74:7b:34:04: 07:cd:85:62:4d:03:f3:37:52:cc:6d:f7:a0:65:e8:18:cb:ea: 7a:24:56:80:0b:86:f0:f7:ca:3f:55:d9:a1:db:41:dc:fd:b8: 95:4e:0e:92:ae:9d:a7:a7:b9:dd:ad:72:bb:74:b9:e2:d6:c2: 65:3d:e2:82:02:7b:6c:12:23:1a:e2:b6:fa:6e:32:bf:39:a1: 19:ab:39:e1:70:63:f6:dc:28:ed:69:40:26:47:a7:cf:7b:6e: 85:4b:6c:b6:21:8a:4a:2e:8d:d5:e8:b9:6d:20:68:9b:eb:3a: 1a:db:01:a5:14:3e:86:d9:69:27:0e:ba:2f:13:17:0d:06:34: 38:ad:04:88:99:10:3c:6d:17:59:19:39:5b:93:fb:d0:b4:31: bf:ff:a9:dc:07:42:d0:2f:0b:47:8c:7a:de:ca:7d:81:b7:ea: 4f:37:1f:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVGNUUxMTAvBgNVBAUTKDQyMTgyRjVGNzFBNTg5ODRDRTg4NTlBRTYwQTRDQUNB NzNGRTgzNjEwHhcNMjUwNzMxMTY1ODQ5WhcNMjUwODA3MTY1ODQ5WjAYMRYwFAYD VQQDEw02ODhiYTBjOS0wN2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsdbCEPM6IOUPHTFSLpbLxCzJb7+DV4ozZ/i2kciP6lN9Yrqd2o64ULAs9j9k DLFp1q1KYh9NNUQxPgO953GGVTyIhdpzsT1DhYGr7G5GUDECuJpnQEqW688drijK 9j9dOD6Eh9lbwQSAXk50J8j91BLYdSypCXHBBq+4ozlFrfoecvtyTwvztMc5krY8 EgnqQuj4mQLLs9eRSCetLrUHXYBovmETVaTSfPcgL8nAR/O0XSewO+RUqk42CKKd f4qnjYs269K9gsrF+8Ip1e248ScunaNHyPS9RKcgkSKHGnNNKT6A8kTg3ZUVk+CW iJGlY8TmIlhjJs1bpc5n24ioSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE0JMOtc ocXe40SOVASgz8rg73pkMB8GA1UdIwQYMBaAFEIYL19xpYmEzohZrmCkyspz/oNh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUY1RS9GMzhEQ0Y4QTEw NkIxMUU4QjhDQTAyMEJDNEY5QUUwMi9RaGd2WDNHbGlZVE9pRm11WUtUS3luUC1n MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FoZ3ZYM0dsaVlUT2lGbXVZS1RLeW5QLWcyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 RUY1RS9GMzhEQ0Y4QTEwNkIxMUU4QjhDQTAyMEJDNEY5QUUwMi9RaGd2WDNHbGlZ VE9pRm11WUtUS3luUC1nMkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHJLbkWsuDmP5xLK1ZGHttPnMrHVu5x4mBcFW9ZcBy6ITonET4PRWU jCjJOzq3GFNWeEbcJj74wtRuw2hQEdU07sQxgd+kz6ROrXdaLSr9qkBAKodvKXR7 NAQHzYViTQPzN1LMbfegZegYy+p6JFaAC4bw98o/Vdmh20Hc/biVTg6Srp2np7nd rXK7dLni1sJlPeKCAntsEiMa4rb6bjK/OaEZqznhcGP23CjtaUAmR6fPe26FS2y2 IYpKLo3V6LltIGib6zoa2wGlFD6G2WknDrovExcNBjQ4rQSImRA8bRdZGTlbk/vQ tDG//6ncB0LQLwtHjHreyn2Bt+pPNx/F -----END CERTIFICATE-----Generated at Sat Aug 2 06:55:59 2025 by rpki-client