$ rpki-client -vvf rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft File: QgBM9ryh-lZCT17qJPYqkrJc3s8.mft (raw, json) Hash identifier: LSGJk2+TlLNid2z4Q/TwGlc6SQQE5ydIWFipV49pwt0= Subject key identifier: 6A:43:69:95:5D:9D:10:AD:13:29:3C:BC:58:A9:3B:44:A8:54:97:28 Authority key identifier: 42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF Certificate issuer: /CN=A919960D/serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF Certificate serial: 01CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft Manifest number: 01CA Signing time: Wed 11 Jun 2025 02:25:36 +0000 Manifest this update: Wed 11 Jun 2025 02:25:35 +0000 Manifest next update: Wed 18 Jun 2025 02:25:35 +0000 Files and hashes: 1: QgBM9ryh-lZCT17qJPYqkrJc3s8.crl (hash: AmRYsa68gNL71PYk+GKTuKRV7RMW/FTbmDwjGareeTg=) 2: BE9174768DDE11ED97AFDA82C4F9AE02.roa (hash: L+V30ULZZ1KBiifHC7zDGdNJ17lrpWMv8iHx76Nc92w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 02:25:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 463 (0x1cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919960D, serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF Validity Not Before: Jun 11 02:25:35 2025 GMT Not After : Jun 18 02:25:35 2025 GMT Subject: CN=6848e920-0042 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e4:d0:46:a0:9e:45:11:e7:f4:26:5b:3f:fb: f6:22:f9:88:8c:e9:5a:20:77:78:8b:f2:ee:d1:91: d0:f3:b7:cb:71:a5:57:11:c8:10:99:4e:56:a4:17: a7:e1:a8:bb:e6:dd:e5:a3:d9:30:e2:f8:3b:e0:6d: 96:6b:88:fb:ce:7f:38:ef:3d:5c:c0:dc:05:fd:65: 1e:e7:4f:b4:22:41:b0:9b:bf:1a:ae:35:e5:19:26: 28:e3:12:dc:bd:eb:3e:e5:92:5f:a6:fa:f1:84:37: 4a:78:29:1b:61:9b:f1:0b:c3:be:77:e5:4c:10:75: 00:fd:5b:98:ed:7b:7d:17:60:17:1d:5f:a8:4a:9c: 59:f1:ac:ee:aa:72:e3:f8:51:c0:f3:f4:ff:e7:48: 5d:30:e0:48:4a:8b:74:6f:c0:99:53:ea:7b:3e:58: ec:3a:c9:a4:e3:da:8c:dd:48:2b:82:aa:d3:df:7f: cc:86:f2:65:f5:c3:ee:ba:6e:ea:98:4f:a6:09:9f: 08:15:59:72:2a:a4:9a:36:83:84:15:c1:c4:6e:ce: 6c:14:45:f8:f0:b8:76:12:13:8c:3b:2e:2c:ca:55: 5b:3b:c6:ac:28:dd:bc:3e:02:ee:fa:b2:34:52:b7: af:fd:59:94:cf:1c:8d:25:d2:7c:47:dc:35:de:a4: 54:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:43:69:95:5D:9D:10:AD:13:29:3C:BC:58:A9:3B:44:A8:54:97:28 X509v3 Authority Key Identifier: keyid:42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:7e:7b:11:33:17:67:2c:6a:02:6a:30:35:8a:ca:59:c3:98: ca:b6:c4:55:07:d0:cf:38:9d:9e:e4:e4:a9:7b:f7:57:67:d3: 75:68:00:88:e9:64:92:43:45:1d:6b:16:ae:5c:91:c6:da:a6: b1:ae:1c:e2:c5:6f:6f:34:bc:30:f7:c1:42:31:4d:61:42:8f: e9:9c:f4:a5:7f:82:29:76:08:99:51:89:45:a6:68:33:19:45: 7c:8f:eb:56:f4:15:8a:7d:ff:10:86:ea:21:a1:9a:2c:63:13: f4:58:0f:6a:90:56:aa:91:66:4e:25:dd:6d:c6:b2:43:3d:2f: e5:31:fd:80:a5:9f:fb:ab:68:e4:a1:66:23:78:f2:1d:85:a8: 25:42:4c:92:c3:c3:c1:23:61:91:d4:49:46:1e:e5:cb:bb:f4: a0:8b:e9:ce:a7:bd:b1:e3:00:cf:c2:93:17:7a:ff:82:0e:8f: 58:17:1b:5a:31:e2:f9:10:45:d4:ab:12:c3:4b:60:22:a4:14: 4d:6b:e4:f2:24:2d:98:d3:73:25:b0:1d:85:3b:4a:19:4f:3b: cc:90:79:46:4f:ba:b0:44:73:11:fa:68:b7:0c:13:46:39:70: a7:c8:84:49:7c:87:5b:ed:6e:07:03:6f:f2:a2:7d:7a:fa:88: 7a:1e:f7:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVFQTI0RjYyQTky QjI1Q0RFQ0YwHhcNMjUwNjExMDIyNTM1WhcNMjUwNjE4MDIyNTM1WjAYMRYwFAYD VQQDEw02ODQ4ZTkyMC0wMDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAueTQRqCeRRHn9CZbP/v2IvmIjOlaIHd4i/Lu0ZHQ87fLcaVXEcgQmU5WpBen 4ai75t3lo9kw4vg74G2Wa4j7zn847z1cwNwF/WUe50+0IkGwm78arjXlGSYo4xLc ves+5ZJfpvrxhDdKeCkbYZvxC8O+d+VMEHUA/VuY7Xt9F2AXHV+oSpxZ8azuqnLj +FHA8/T/50hdMOBISot0b8CZU+p7PljsOsmk49qM3UgrgqrT33/MhvJl9cPuum7q mE+mCZ8IFVlyKqSaNoOEFcHEbs5sFEX48Lh2EhOMOy4sylVbO8asKN28PgLu+rI0 Urev/VmUzxyNJdJ8R9w13qRU6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGpDaZVd nRCtEyk8vFipO0SoVJcoMB8GA1UdIwQYMBaAFEIATPa8ofpWQk9e6iT2KpKyXN7P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTYwRC9CRDBCNjRDNjhE REExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1sWkNUMTdxSlBZcWtySmMz czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FnQk05cnloLWxaQ1QxN3FKUFlxa3JKYzNzOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTYwRC9CRDBCNjRDNjhEREExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5aC1s WkNUMTdxSlBZcWtySmMzczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqfnsRMxdnLGoCajA1ispZw5jKtsRVB9DPOJ2e5OSpe/dXZ9N1aACI 6WSSQ0UdaxauXJHG2qaxrhzixW9vNLww98FCMU1hQo/pnPSlf4IpdgiZUYlFpmgz GUV8j+tW9BWKff8QhuohoZosYxP0WA9qkFaqkWZOJd1txrJDPS/lMf2ApZ/7q2jk oWYjePIdhaglQkySw8PBI2GR1ElGHuXLu/Sgi+nOp72x4wDPwpMXev+CDo9YFxta MeL5EEXUqxLDS2AipBRNa+TyJC2Y03MlsB2FO0oZTzvMkHlGT7qwRHMR+mi3DBNG OXCnyIRJfIdb7W4HA2/yon16+oh6HvdG -----END CERTIFICATE-----Generated at Thu Jun 12 03:21:53 2025 by rpki-client