$ rpki-client -vvf rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.mft File: cqUfTuqiGLczbu_3p6WMsa5UQjk.mft (raw, json) Hash identifier: s3+42tyzSRZGaXkLDKnydqa/HDa+4rW56azukXxETEg= Subject key identifier: 86:F8:FC:CE:5A:D9:5C:27:23:82:7E:EA:16:FE:88:69:04:C4:64:51 Authority key identifier: 72:A5:1F:4E:EA:A2:18:B7:33:6E:EF:F7:A7:A5:8C:B1:AE:54:42:39 Certificate issuer: /CN=A917D121/serialNumber=72A51F4EEAA218B7336EEFF7A7A58CB1AE544239 Certificate serial: 0791 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.mft Manifest number: 078A Signing time: Fri 30 May 2025 21:38:08 +0000 Manifest this update: Fri 30 May 2025 21:38:07 +0000 Manifest next update: Fri 06 Jun 2025 21:38:07 +0000 Files and hashes: 1: cqUfTuqiGLczbu_3p6WMsa5UQjk.crl (hash: anlv69JTRy1E+k1rc38eTfTqSL5xg3GW/vBe3DImZfY=) 2: DAAB94840EC911EBA913852BC4F9AE02.roa (hash: 5bBWhpUzFVVFApumie9XG8UpL1cOYbfpPDdsz7OV/tg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.crl rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:38:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1937 (0x791) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D121, serialNumber=72A51F4EEAA218B7336EEFF7A7A58CB1AE544239 Validity Not Before: May 30 21:38:07 2025 GMT Not After : Jun 6 21:38:07 2025 GMT Subject: CN=683a2540-a8ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9d:10:69:46:f0:e1:b2:c6:aa:62:9c:fa:ff: a2:bd:4f:2e:17:d2:5e:4c:61:77:ad:e5:f7:a6:7d: b7:4b:5e:86:a6:d9:59:03:3c:74:d7:63:8b:1e:82: d8:8f:94:b7:dc:e5:55:9d:72:5e:b9:b5:8a:b4:61: 85:7c:25:27:36:77:06:90:1a:83:fa:4a:57:37:e4: 0f:9e:a0:45:59:bf:21:bb:b1:ae:3a:1f:1b:2c:8e: e6:12:bb:50:ca:e6:91:65:11:04:f2:4a:8f:ae:8c: d1:a9:a2:69:d0:3c:ee:66:ed:29:05:86:bd:c7:e3: cd:1c:05:42:8a:d7:27:bc:6c:6f:24:8b:3e:a3:fb: e3:2a:33:48:4e:d4:0a:37:73:ca:ca:db:ac:b7:7c: 3f:9b:97:20:31:62:62:3b:13:1e:48:dc:37:9b:ce: bb:c8:6e:c7:65:c3:a6:bf:9d:8e:4f:f7:8c:05:9f: 6e:00:5b:2c:11:2f:f7:48:75:14:90:92:74:c9:b8: d2:f8:88:ba:08:e6:23:04:b8:60:38:f1:0f:60:4b: 33:c3:13:dd:86:70:80:e8:9d:19:da:b8:05:cc:b1: cb:f6:cb:47:6b:fe:5b:45:2e:39:18:a4:88:5a:90: d4:ab:f1:15:25:de:9b:a3:9b:03:49:96:10:9f:79: 63:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:F8:FC:CE:5A:D9:5C:27:23:82:7E:EA:16:FE:88:69:04:C4:64:51 X509v3 Authority Key Identifier: keyid:72:A5:1F:4E:EA:A2:18:B7:33:6E:EF:F7:A7:A5:8C:B1:AE:54:42:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cqUfTuqiGLczbu_3p6WMsa5UQjk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D121/8B0F8B0C0EC811EBA5042C2AC4F9AE02/cqUfTuqiGLczbu_3p6WMsa5UQjk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:2e:cb:d7:ab:1b:b5:4b:0a:da:e4:57:ed:04:e5:5f:7b:5b: 0c:ff:eb:bd:57:a8:52:cc:06:ee:a4:09:3e:0a:a5:81:2b:c2: 60:33:ff:d0:eb:8a:43:77:09:19:e1:64:57:5f:c9:3f:a0:c5: 0a:25:71:e7:d5:37:c1:12:7e:1c:7e:80:aa:31:a9:5f:42:94: 64:eb:6f:02:7f:26:e3:ac:b8:9f:fc:04:d2:7e:19:87:35:37: 0e:10:98:94:f1:23:f0:a2:1d:33:37:66:e2:44:d7:35:e8:c6: ac:99:97:bb:13:17:68:ab:72:80:d2:5c:41:61:0e:2d:0d:b5: 8d:d6:53:bd:4c:d9:57:5a:51:f4:34:a4:33:b2:8a:6f:88:80: 38:a1:e6:47:8a:5e:21:57:d2:3b:d1:83:d6:8e:79:ec:13:b5: b9:8d:4d:77:e8:4c:d3:90:03:31:8b:52:d4:97:bf:14:77:f7: 47:e4:bd:1a:7c:d2:eb:3b:5c:fe:3b:e3:cc:19:7c:fe:e9:8b: 79:cd:90:8f:cd:cc:8e:d3:49:5c:12:30:ab:96:c7:37:2f:51: 11:93:d3:17:74:d1:b6:d9:3f:e1:0f:86:b4:1d:80:ac:e4:7a: f2:c6:f7:a6:30:f6:01:2a:9b:0d:1a:7c:72:d4:d3:89:a1:b8: c4:98:08:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0QxMjExMTAvBgNVBAUTKDcyQTUxRjRFRUFBMjE4QjczMzZFRUZGN0E3QTU4Q0Ix QUU1NDQyMzkwHhcNMjUwNTMwMjEzODA3WhcNMjUwNjA2MjEzODA3WjAYMRYwFAYD VQQDEw02ODNhMjU0MC1hOGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsZ0QaUbw4bLGqmKc+v+ivU8uF9JeTGF3reX3pn23S16GptlZAzx012OLHoLY j5S33OVVnXJeubWKtGGFfCUnNncGkBqD+kpXN+QPnqBFWb8hu7GuOh8bLI7mErtQ yuaRZREE8kqProzRqaJp0DzuZu0pBYa9x+PNHAVCitcnvGxvJIs+o/vjKjNITtQK N3PKytust3w/m5cgMWJiOxMeSNw3m867yG7HZcOmv52OT/eMBZ9uAFssES/3SHUU kJJ0ybjS+Ii6COYjBLhgOPEPYEszwxPdhnCA6J0Z2rgFzLHL9stHa/5bRS45GKSI WpDUq/EVJd6bo5sDSZYQn3ljMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIb4/M5a 2VwnI4J+6hb+iGkExGRRMB8GA1UdIwQYMBaAFHKlH07qohi3M27v96eljLGuVEI5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDEyMS84QjBGOEIwQzBF QzgxMUVCQTUwNDJDMkFDNEY5QUUwMi9jcVVmVHVxaUdMY3pidV8zcDZXTXNhNVVR amsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxVWZUdXFpR0xjemJ1XzNwNldNc2E1VVFqay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDEyMS84QjBGOEIwQzBFQzgxMUVCQTUwNDJDMkFDNEY5QUUwMi9jcVVmVHVxaUdM Y3pidV8zcDZXTXNhNVVRamsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALLsvXqxu1Swra5FftBOVfe1sM/+u9V6hSzAbupAk+CqWBK8JgM//Q 64pDdwkZ4WRXX8k/oMUKJXHn1TfBEn4cfoCqMalfQpRk628CfybjrLif/ATSfhmH NTcOEJiU8SPwoh0zN2biRNc16MasmZe7Exdoq3KA0lxBYQ4tDbWN1lO9TNlXWlH0 NKQzsopviIA4oeZHil4hV9I70YPWjnnsE7W5jU136EzTkAMxi1LUl78Ud/dH5L0a fNLrO1z+O+PMGXz+6Yt5zZCPzcyO00lcEjCrlsc3L1ERk9MXdNG22T/hD4a0HYCs 5HryxvemMPYBKpsNGnxy1NOJobjEmAiL -----END CERTIFICATE-----Generated at Sat May 31 16:59:27 2025 by rpki-client