$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.mft File: QcdXFCmaV43RkP0fcwlVsf2awfQ.mft (raw, json) Hash identifier: BqAS8OpDeYhRS05DG2+lsk+erX/g2bH77ugODovv0vA= Subject key identifier: 03:05:EE:65:77:D2:82:66:68:59:88:D2:0E:D4:DE:C0:9B:28:DC:30 Authority key identifier: 41:C7:57:14:29:9A:57:8D:D1:90:FD:1F:73:09:55:B1:FD:9A:C1:F4 Certificate issuer: /CN=A91BEA8B/serialNumber=41C75714299A578DD190FD1F730955B1FD9AC1F4 Certificate serial: 0A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QcdXFCmaV43RkP0fcwlVsf2awfQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.mft Manifest number: 09 Signing time: Tue 01 Jul 2025 08:57:22 +0000 Manifest this update: Tue 01 Jul 2025 08:57:22 +0000 Manifest next update: Tue 08 Jul 2025 08:57:22 +0000 Files and hashes: 1: QcdXFCmaV43RkP0fcwlVsf2awfQ.crl (hash: b1ZtoqaZDqAw+exnMiBvD8qSBoBi+0GjFPHBfjj0oBc=) 2: C425CEE64B8211F0A94CFD82C4F9AE02.roa (hash: fil/oQotRM+MIGw/cNqLrz8OgmoOYQq+ywbG5ZxtQK8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.crl rsync://rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QcdXFCmaV43RkP0fcwlVsf2awfQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:57:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEA8B, serialNumber=41C75714299A578DD190FD1F730955B1FD9AC1F4 Validity Not Before: Jul 1 08:57:22 2025 GMT Not After : Jul 8 08:57:22 2025 GMT Subject: CN=6863a2f2-96ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a4:dd:f0:ef:59:d3:cd:a3:a4:f9:c2:f3:b1: bd:09:54:a2:c9:f2:dc:1c:51:17:1e:a2:6a:bb:3d: 5c:a1:9f:67:f8:0b:e2:3c:e4:e7:54:a9:6c:12:fb: 34:8a:eb:d0:97:1c:89:b2:43:6c:c6:a0:99:8e:42: 0d:4e:80:e5:23:fe:c1:da:9a:f4:02:47:19:18:d2: 7d:04:d7:61:bb:ba:09:65:5d:1e:53:fe:60:fd:7a: 4b:fa:f8:2b:67:3e:0b:ee:12:50:86:79:3a:91:46: 44:a2:a3:7d:bb:7c:94:ff:9c:07:f5:de:a1:c3:45: b2:a8:90:38:3e:7b:a3:db:b4:61:a6:a3:a4:39:4e: 92:f0:d1:71:2b:9c:c9:91:71:00:14:fd:39:8f:22: bb:26:7b:15:8b:79:78:30:d1:08:31:76:07:ae:3a: 66:42:10:df:2c:ac:e6:60:6b:0f:36:4a:3d:36:85: 14:a5:7a:45:84:82:9e:64:e4:5f:26:95:7b:68:b5: 19:d4:bd:e2:a5:59:25:25:b0:e4:23:27:f8:c5:f3: 2e:da:9c:7f:86:a4:cf:c8:93:5c:04:7e:27:dd:9f: e9:cb:c7:99:dd:31:ef:b6:bb:2f:f1:6b:d1:56:e3: 25:92:28:5b:0b:ed:8c:7b:fe:41:b3:3d:78:0e:56: 54:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:05:EE:65:77:D2:82:66:68:59:88:D2:0E:D4:DE:C0:9B:28:DC:30 X509v3 Authority Key Identifier: keyid:41:C7:57:14:29:9A:57:8D:D1:90:FD:1F:73:09:55:B1:FD:9A:C1:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QcdXFCmaV43RkP0fcwlVsf2awfQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEA8B/BA08AA424B8111F08F65507EC4F9AE02/QcdXFCmaV43RkP0fcwlVsf2awfQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:b6:20:31:a1:26:ba:cc:67:54:88:5a:32:82:ad:67:7a:1e: 65:1a:79:3f:fe:a0:64:87:75:cd:88:43:aa:ca:f0:d2:5f:5f: e1:c0:31:b8:e1:07:9b:50:b9:60:e9:bc:a0:24:b8:a6:4d:c5: 48:7e:66:4c:14:8a:77:77:9c:72:73:25:7e:e0:01:b6:2c:9a: 72:d0:8a:c7:33:a4:87:3a:b5:2a:cf:74:cc:15:4d:f3:e3:ef: 65:5b:f2:4a:41:ee:4b:0a:13:5a:10:65:f2:21:aa:78:08:4d: f1:de:6a:83:e3:49:01:4c:20:2d:0b:c2:95:04:9c:ac:72:28: d5:f5:d8:46:71:81:f4:87:62:95:ca:98:6c:06:73:47:4a:23: 65:1c:58:0c:83:1c:de:32:d5:d7:ee:95:17:a6:a5:79:ab:a9: f8:66:c7:65:de:6c:49:8f:1c:c8:19:06:aa:83:7a:08:73:3b: c0:7f:01:15:63:1c:9b:4e:58:c9:39:18:02:23:8d:f8:f0:3f: 07:63:4d:6f:a9:ce:fb:62:2a:15:81:cf:4d:10:c2:91:92:e2: 1c:61:64:ad:35:3c:7f:0d:04:9f:33:8a:ec:7e:fd:40:0d:b2: 8b:38:6d:b1:ea:54:c4:11:e1:ec:67:9b:84:5f:59:33:68:db: 19:52:c6:71 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUE4QjExMC8GA1UEBRMoNDFDNzU3MTQyOTlBNTc4REQxOTBGRDFGNzMwOTU1QjFG RDlBQzFGNDAeFw0yNTA3MDEwODU3MjJaFw0yNTA3MDgwODU3MjJaMBgxFjAUBgNV BAMTDTY4NjNhMmYyLTk2YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClpN3w71nTzaOk+cLzsb0JVKLJ8twcURceomq7PVyhn2f4C+I85OdUqWwS+zSK 69CXHImyQ2zGoJmOQg1OgOUj/sHamvQCRxkY0n0E12G7ugllXR5T/mD9ekv6+Ctn PgvuElCGeTqRRkSio327fJT/nAf13qHDRbKokDg+e6PbtGGmo6Q5TpLw0XErnMmR cQAU/TmPIrsmexWLeXgw0QgxdgeuOmZCEN8srOZgaw82Sj02hRSlekWEgp5k5F8m lXtotRnUveKlWSUlsOQjJ/jF8y7anH+GpM/Ik1wEfifdn+nLx5ndMe+2uy/xa9FW 4yWSKFsL7Yx7/kGzPXgOVlTrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAwXuZXfS gmZoWYjSDtTewJso3DAwHwYDVR0jBBgwFoAUQcdXFCmaV43RkP0fcwlVsf2awfQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFQThCL0JBMDhBQTQyNEI4 MTExRjA4RjY1NTA3RUM0RjlBRTAyL1FjZFhGQ21hVjQzUmtQMGZjd2xWc2YyYXdm US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUWNkWEZDbWFWNDNSa1AwZmN3bFZzZjJhd2ZRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF QThCL0JBMDhBQTQyNEI4MTExRjA4RjY1NTA3RUM0RjlBRTAyL1FjZFhGQ21hVjQz UmtQMGZjd2xWc2YyYXdmUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFS2IDGhJrrMZ1SIWjKCrWd6HmUaeT/+oGSHdc2IQ6rK8NJfX+HAMbjh B5tQuWDpvKAkuKZNxUh+ZkwUind3nHJzJX7gAbYsmnLQisczpIc6tSrPdMwVTfPj 72Vb8kpB7ksKE1oQZfIhqngITfHeaoPjSQFMIC0LwpUEnKxyKNX12EZxgfSHYpXK mGwGc0dKI2UcWAyDHN4y1dfulRempXmrqfhmx2XebEmPHMgZBqqDeghzO8B/ARVj HJtOWMk5GAIjjfjwPwdjTW+pzvtiKhWBz00QwpGS4hxhZK01PH8NBJ8ziux+/UAN sos4bbHqVMQR4exnm4RfWTNo2xlSxnE= -----END CERTIFICATE-----Generated at Wed Jul 2 11:14:04 2025 by rpki-client