$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: uWT0TN43mR9E/7tUVixJNfqoPeX9CJI/zJZYGgKiExk= Subject key identifier: 06:54:7B:65:D0:D5:A7:E6:46:14:29:C7:46:10:9D:8A:98:5B:9B:8D Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 349A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 348F Signing time: Sat 31 May 2025 15:07:44 +0000 Manifest this update: Sat 31 May 2025 15:07:43 +0000 Manifest next update: Sat 07 Jun 2025 15:07:43 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: OzeZEbus3XFr6PMk+Qa1xFzvU/Ux3Hdm3Ss9myFJ3H4=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:07:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13466 (0x349a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: May 31 15:07:43 2025 GMT Not After : Jun 7 15:07:43 2025 GMT Subject: CN=683b1b40-a92d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:c6:e1:2f:bb:b8:7d:50:a3:ba:b0:05:b6:61: e8:f4:df:85:65:18:2c:88:8d:b4:2a:ba:7b:b6:a5: f3:6e:13:6d:b9:6a:e1:4b:8e:01:7a:c3:fd:59:af: 13:c6:76:d8:61:90:3e:17:bb:b4:fb:44:c3:08:50: f9:aa:99:e1:d7:54:ac:9a:dd:cf:45:03:ba:6c:8d: ea:fe:2c:48:84:3d:9a:1a:f4:bb:d1:da:44:77:fe: 74:86:95:49:67:c9:ce:16:0a:64:76:a4:a7:64:98: 6b:08:b4:37:f5:90:c2:58:ac:03:c9:63:a4:71:d8: 46:b1:68:e3:bb:5f:e6:f1:e3:49:0b:e9:f4:53:8c: ac:d7:18:5b:1f:a1:97:2a:49:75:f2:22:01:19:60: f0:b8:9b:2c:3d:4b:94:3f:86:e2:4d:96:04:0a:56: 59:8d:39:29:f1:5a:a8:f9:6d:87:eb:bd:a6:5a:5f: 6f:18:4d:93:d7:ec:51:5c:11:f1:a6:c2:ee:98:bb: ed:bb:ba:35:cc:ac:a9:43:ea:bc:46:a4:34:10:76: dd:84:13:19:a7:5f:98:da:81:0d:c7:1e:87:d8:62: 88:56:46:b7:07:21:f0:03:08:a4:d7:90:a4:a6:ce: 3d:9c:de:1b:15:e8:98:6d:c7:4c:b7:8c:d4:6c:a7: cf:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:54:7B:65:D0:D5:A7:E6:46:14:29:C7:46:10:9D:8A:98:5B:9B:8D X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:ea:34:1d:3f:8e:bf:da:16:ec:3d:8a:ba:7a:50:e1:12:dc: 56:67:51:0b:b8:90:b0:bf:12:bf:73:4b:ea:ca:7e:96:33:bf: c2:db:31:66:5e:0d:d9:33:ba:76:67:16:11:76:56:08:3d:53: f5:a6:55:66:80:37:1c:88:25:89:1a:1c:3d:34:73:ff:0e:68: c6:e5:6e:40:d4:00:ed:b6:f8:40:2e:bd:e2:3c:51:a5:17:71: 47:19:ef:8b:cc:61:77:b8:03:ce:3a:34:89:c9:e1:cc:d9:91: 8c:ac:aa:fc:7b:ea:b0:33:da:82:39:3b:63:c9:6b:98:c8:a0: f0:28:0f:90:cc:10:2c:1c:d0:4d:36:85:a1:8b:84:b5:d8:16: 2d:c4:a1:9b:50:04:ff:8e:10:c3:4f:f5:58:e9:68:f0:9b:dd: c2:14:f6:72:16:32:34:ed:90:7e:00:77:e8:ae:6e:ac:4e:49: 45:0e:66:e3:9f:97:19:59:44:21:e7:48:45:be:40:69:af:8f: 53:8d:42:58:01:20:bf:d6:ea:9d:f3:04:55:a7:a5:e7:13:09: 72:0b:78:a7:a4:5a:01:74:f2:ae:ff:61:dd:d0:da:1a:d9:2b: 34:16:20:ed:30:c9:56:a2:d2:c0:01:d0:c3:14:2e:fa:ab:1a: e7:28:44:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUwNTMxMTUwNzQzWhcNMjUwNjA3MTUwNzQzWjAYMRYwFAYD VQQDEw02ODNiMWI0MC1hOTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAncbhL7u4fVCjurAFtmHo9N+FZRgsiI20Krp7tqXzbhNtuWrhS44BesP9Wa8T xnbYYZA+F7u0+0TDCFD5qpnh11Ssmt3PRQO6bI3q/ixIhD2aGvS70dpEd/50hpVJ Z8nOFgpkdqSnZJhrCLQ39ZDCWKwDyWOkcdhGsWjju1/m8eNJC+n0U4ys1xhbH6GX Kkl18iIBGWDwuJssPUuUP4biTZYEClZZjTkp8Vqo+W2H672mWl9vGE2T1+xRXBHx psLumLvtu7o1zKypQ+q8RqQ0EHbdhBMZp1+Y2oENxx6H2GKIVka3ByHwAwik15Ck ps49nN4bFeiYbcdMt4zUbKfPFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAZUe2XQ 1afmRhQpx0YQnYqYW5uNMB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAq6jQdP46/2hbsPYq6elDhEtxWZ1ELuJCwvxK/c0vqyn6WM7/C2zFm Xg3ZM7p2ZxYRdlYIPVP1plVmgDcciCWJGhw9NHP/DmjG5W5A1ADttvhALr3iPFGl F3FHGe+LzGF3uAPOOjSJyeHM2ZGMrKr8e+qwM9qCOTtjyWuYyKDwKA+QzBAsHNBN NoWhi4S12BYtxKGbUAT/jhDDT/VY6Wjwm93CFPZyFjI07ZB+AHform6sTklFDmbj n5cZWUQh50hFvkBpr49TjUJYASC/1uqd8wRVp6XnEwlyC3inpFoBdPKu/2Hd0Noa 2Ss0FiDtMMlWotLAAdDDFC76qxrnKEQW -----END CERTIFICATE-----Generated at Sat May 31 16:47:51 2025 by rpki-client