$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.mft File: QxsKSDX89paz7NM1klqOE2EM0Tc.mft (raw, json) Hash identifier: AaqDyveshdiXpdjhclkGb9oX1mQmh0DD+g+LkuinO04= Subject key identifier: F1:C4:C2:24:CB:AC:8E:F8:91:CE:25:01:C0:E2:D4:2B:1A:8A:B9:08 Authority key identifier: 43:1B:0A:48:35:FC:F6:96:B3:EC:D3:35:92:5A:8E:13:61:0C:D1:37 Certificate issuer: /CN=A91BE89F/serialNumber=431B0A4835FCF696B3ECD335925A8E13610CD137 Certificate serial: 8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QxsKSDX89paz7NM1klqOE2EM0Tc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.mft Manifest number: 8A Signing time: Sat 31 May 2025 06:07:10 +0000 Manifest this update: Sat 31 May 2025 06:07:10 +0000 Manifest next update: Sat 07 Jun 2025 06:07:10 +0000 Files and hashes: 1: QxsKSDX89paz7NM1klqOE2EM0Tc.crl (hash: GcKx0uUQMVWfgbJTQHBVq1hR6AFp0oLkmSXQ/WGGZaM=) 2: 49ADB44C6DCC11EF8BE2A566C4F9AE02.roa (hash: mtRkpBofIEP/NFZvK+kr1cdx0dZa5TNObQf1xWdBFqI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.crl rsync://rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QxsKSDX89paz7NM1klqOE2EM0Tc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:07:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 140 (0x8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BE89F, serialNumber=431B0A4835FCF696B3ECD335925A8E13610CD137 Validity Not Before: May 31 06:07:10 2025 GMT Not After : Jun 7 06:07:10 2025 GMT Subject: CN=683a9c8e-7ccc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8d:02:a3:76:49:18:b9:77:d4:69:00:6f:58: 0e:c2:11:1f:f8:13:d3:7b:f8:4a:a5:45:80:75:b7: 14:77:2d:ae:f8:fa:d5:c8:3d:cf:43:70:d2:77:19: 62:dc:f5:5f:ed:a2:5b:bb:f4:71:85:92:43:6b:e5: 37:2e:84:7c:ba:28:ef:82:88:0a:54:cb:b3:31:08: 9a:c3:ff:d5:a4:f1:cc:67:5f:09:76:b9:ba:31:e6: ee:76:70:ef:e0:4e:1c:15:a6:f2:88:ba:0a:bd:b4: d2:1e:9e:6a:8a:ce:22:4a:30:41:f3:ae:56:46:63: ba:99:85:dc:c6:f5:29:94:66:3f:05:10:a4:0b:e5: a3:9e:0c:a7:7c:45:6c:59:c0:4e:d4:41:1b:a5:9f: bd:ed:7d:2e:2a:ad:3f:0a:bf:3a:8e:fa:bd:7e:7d: bd:89:27:c4:36:c0:41:29:d6:63:ae:cb:f4:50:d2: b1:3e:d5:36:3d:3c:52:2b:a1:95:9e:ba:04:f0:92: d2:ec:f9:7e:9b:65:fe:97:79:25:6f:76:aa:76:21: 79:0c:3a:57:22:02:b4:ef:25:2f:4e:23:0e:3b:5a: 03:26:03:67:93:4a:1d:53:98:2d:d9:90:8a:4b:ef: 40:04:4f:ab:6d:0b:bf:8d:56:b7:a1:38:04:ff:c0: 2a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:C4:C2:24:CB:AC:8E:F8:91:CE:25:01:C0:E2:D4:2B:1A:8A:B9:08 X509v3 Authority Key Identifier: keyid:43:1B:0A:48:35:FC:F6:96:B3:EC:D3:35:92:5A:8E:13:61:0C:D1:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QxsKSDX89paz7NM1klqOE2EM0Tc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE89F/AFFD21706DCB11EF9B39B865C4F9AE02/QxsKSDX89paz7NM1klqOE2EM0Tc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:9e:c5:61:24:7b:20:84:39:62:9a:fe:28:6e:ed:6b:b4:17: b9:b8:fd:c6:31:b0:20:36:f4:81:47:50:c8:a2:60:b6:d0:af: 85:ee:a6:71:57:bf:fb:1d:9d:ed:6c:a4:ae:d0:22:38:38:9a: 0d:af:f8:32:a2:00:f6:23:0f:96:53:2d:9f:9e:0d:87:8f:48: 1b:91:d0:b9:94:dc:10:09:62:69:6d:84:08:f6:64:ae:64:b5: ba:90:18:bd:93:ff:c3:a9:f1:ff:59:c4:15:ea:c9:a9:93:50: e3:4d:94:1b:03:5f:51:dc:ae:d7:39:ad:5c:b5:ec:0c:1c:3b: 3e:2a:f3:cf:85:24:f5:bf:48:0b:aa:05:03:73:42:89:cf:0f: 16:d4:91:50:82:59:2d:53:b8:30:ba:e9:fc:26:e4:a2:64:c1: 1a:14:e1:a1:47:de:16:1c:c5:e5:53:64:6d:aa:e8:f9:1f:b0: 4f:38:f8:15:61:ef:b5:d6:b0:fd:91:15:f5:c1:b1:83:cc:ea: 16:0e:36:20:a5:57:59:81:b2:1b:9a:30:8e:4a:ce:87:6f:6e: b5:e3:27:f2:67:54:c4:2c:ab:e3:54:f9:c9:0a:53:e2:a5:18: a3:a1:c1:7b:6b:cf:95:cf:f5:69:a2:75:61:03:a2:a2:84:a5: ee:be:30:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkU4OUYxMTAvBgNVBAUTKDQzMUIwQTQ4MzVGQ0Y2OTZCM0VDRDMzNTkyNUE4RTEz NjEwQ0QxMzcwHhcNMjUwNTMxMDYwNzEwWhcNMjUwNjA3MDYwNzEwWjAYMRYwFAYD VQQDEw02ODNhOWM4ZS03Y2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAro0Co3ZJGLl31GkAb1gOwhEf+BPTe/hKpUWAdbcUdy2u+PrVyD3PQ3DSdxli 3PVf7aJbu/RxhZJDa+U3LoR8uijvgogKVMuzMQiaw//VpPHMZ18Jdrm6MebudnDv 4E4cFabyiLoKvbTSHp5qis4iSjBB865WRmO6mYXcxvUplGY/BRCkC+WjngynfEVs WcBO1EEbpZ+97X0uKq0/Cr86jvq9fn29iSfENsBBKdZjrsv0UNKxPtU2PTxSK6GV nroE8JLS7Pl+m2X+l3klb3aqdiF5DDpXIgK07yUvTiMOO1oDJgNnk0odU5gt2ZCK S+9ABE+rbQu/jVa3oTgE/8AqywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPHEwiTL rI74kc4lAcDi1CsairkIMB8GA1UdIwQYMBaAFEMbCkg1/PaWs+zTNZJajhNhDNE3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTg5Ri9BRkZEMjE3MDZE Q0IxMUVGOUIzOUI4NjVDNEY5QUUwMi9ReHNLU0RYODlwYXo3Tk0xa2xxT0UyRU0w VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1F4c0tTRFg4OXBhejdOTTFrbHFPRTJFTTBUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RTg5Ri9BRkZEMjE3MDZEQ0IxMUVGOUIzOUI4NjVDNEY5QUUwMi9ReHNLU0RYODlw YXo3Tk0xa2xxT0UyRU0wVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCnsVhJHsghDlimv4obu1rtBe5uP3GMbAgNvSBR1DIomC20K+F7qZx V7/7HZ3tbKSu0CI4OJoNr/gyogD2Iw+WUy2fng2Hj0gbkdC5lNwQCWJpbYQI9mSu ZLW6kBi9k//DqfH/WcQV6smpk1DjTZQbA19R3K7XOa1ctewMHDs+KvPPhST1v0gL qgUDc0KJzw8W1JFQglktU7gwuun8JuSiZMEaFOGhR94WHMXlU2Rtquj5H7BPOPgV Ye+11rD9kRX1wbGDzOoWDjYgpVdZgbIbmjCOSs6Hb2614yfyZ1TELKvjVPnJClPi pRijocF7a8+Vz/VponVhA6KihKXuvjBK -----END CERTIFICATE-----Generated at Sat May 31 16:46:48 2025 by rpki-client