$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft File: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft (raw, json) Hash identifier: wxP55W/5UnYmBejqaTG4q+8VPLdtdcuLw60di9xw628= Subject key identifier: 57:65:CC:EE:69:8A:E9:B1:B8:44:F1:28:E4:9F:CE:FE:DE:DD:7C:31 Authority key identifier: 41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD Certificate issuer: /CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Certificate serial: 02FF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft Manifest number: 02FA Signing time: Sun 01 Jun 2025 01:30:58 +0000 Manifest this update: Sun 01 Jun 2025 01:30:57 +0000 Manifest next update: Sun 08 Jun 2025 01:30:57 +0000 Files and hashes: 1: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl (hash: 8wDVMz9eYHWOJQtaV+2u7JJ73OJFXSTcNKWSGEWLeYM=) 2: 7BCC4B32E85C11EE9593933FC4F9AE02.roa (hash: vSji2PW77227MPuRms4fNHOSHefJ2bW6akHMJ/kFIj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 01:30:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 767 (0x2ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E91BC, serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Validity Not Before: Jun 1 01:30:57 2025 GMT Not After : Jun 8 01:30:57 2025 GMT Subject: CN=683bad51-a4d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d5:47:8a:58:d7:3f:1a:54:14:c3:c7:18:32: 8b:fb:a0:18:7b:f2:98:1d:c5:06:1e:c3:8d:24:ee: 3f:5e:e3:7e:72:28:22:2c:1e:2e:4e:27:d4:38:71: da:b4:cf:b4:b6:99:22:e5:d1:e9:df:f9:ab:bc:1b: 9a:ed:3f:f5:ff:9e:2d:a2:a6:e9:e5:5c:51:7a:2b: f3:ad:54:c3:65:53:07:fd:92:d3:9d:1f:7a:27:d8: f8:c9:9c:8e:ba:d0:56:bb:46:d7:c9:d2:4c:d5:3a: 25:d2:77:48:92:4b:31:86:62:0c:38:4a:71:9b:6d: b9:77:d5:54:6a:a5:fa:8a:32:46:3c:c2:f8:e0:1b: e5:21:55:3d:ca:c7:fa:2c:53:1e:8b:10:d1:60:e2: c3:98:22:2e:37:50:e6:dc:26:df:06:b4:92:17:59: 0c:b7:a3:e6:cc:20:b0:e1:72:9f:26:7d:84:22:6e: 9b:04:f9:c7:db:78:dd:21:26:a1:8e:84:f0:d2:4e: 90:61:7c:76:0f:db:8a:35:6f:27:70:77:4a:ab:e8: 1e:21:03:ea:a4:2c:af:4d:ff:e3:28:a1:76:d1:60: 3a:b2:cc:60:d8:66:67:a9:30:58:db:0f:27:52:54: ff:ec:f7:b5:99:3f:c3:4a:d5:4d:ab:aa:87:f6:64: 94:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:65:CC:EE:69:8A:E9:B1:B8:44:F1:28:E4:9F:CE:FE:DE:DD:7C:31 X509v3 Authority Key Identifier: keyid:41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:b4:85:86:70:f0:27:6d:e2:84:3c:e8:53:95:e6:13:7a:e6: 5b:7b:7e:6d:20:46:cd:d4:3a:ca:ff:6a:39:d9:73:c2:a3:87: 74:db:60:d2:e1:96:e3:71:28:16:1b:75:7d:8b:5c:62:fa:71: 1b:e9:11:fa:ba:ab:e2:a4:0c:6e:b2:94:2f:c6:aa:b5:75:ef: 96:d3:66:5c:00:dd:9e:79:74:13:82:3e:0f:85:fe:fb:a5:f8: f5:36:20:ff:c2:8d:4e:45:ee:3c:fe:df:2c:48:4d:0a:fe:ce: 97:da:9f:7d:2f:04:2e:2a:f1:74:cb:66:55:73:63:51:53:86: 54:51:9f:ac:27:22:4c:d3:80:c4:02:eb:33:9a:cc:1d:75:53: f1:dc:48:37:24:33:cb:aa:04:20:a1:4c:98:fc:b9:b0:65:ac: be:99:8e:32:94:64:bc:89:9c:5a:37:c8:77:db:b7:d8:94:b4: 9e:2e:f2:84:0d:31:f7:76:21:e3:a5:88:1e:f0:b3:d2:02:98: c9:4e:f0:06:a4:b1:99:d3:47:40:00:13:c6:45:97:13:7c:8d: 03:58:48:9c:ba:de:7e:e1:b8:fb:f4:80:51:3d:a0:60:d2:de: 8f:66:53:fa:5d:42:d3:11:89:7f:a3:f8:a3:3c:d9:43:2e:1f: 04:f3:79:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTkxQkMxMTAvBgNVBAUTKDQxNEZCNjE3ODg2OTEzMEY4MjZFOUUzMEMwQjc5NDA4 NEQ5NzYwREQwHhcNMjUwNjAxMDEzMDU3WhcNMjUwNjA4MDEzMDU3WjAYMRYwFAYD VQQDEw02ODNiYWQ1MS1hNGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNVHiljXPxpUFMPHGDKL+6AYe/KYHcUGHsONJO4/XuN+cigiLB4uTifUOHHa tM+0tpki5dHp3/mrvBua7T/1/54toqbp5VxReivzrVTDZVMH/ZLTnR96J9j4yZyO utBWu0bXydJM1Tol0ndIkksxhmIMOEpxm225d9VUaqX6ijJGPML44BvlIVU9ysf6 LFMeixDRYOLDmCIuN1Dm3CbfBrSSF1kMt6PmzCCw4XKfJn2EIm6bBPnH23jdISah joTw0k6QYXx2D9uKNW8ncHdKq+geIQPqpCyvTf/jKKF20WA6ssxg2GZnqTBY2w8n UlT/7Pe1mT/DStVNq6qH9mSUHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFdlzO5p iumxuETxKOSfzv7e3XwxMB8GA1UdIwQYMBaAFEFPtheIaRMPgm6eMMC3lAhNl2Dd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BNEU2NzNDQURC RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3LUNicDR3d0xlVUNFMlhZ TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FVLTJGNGhwRXctQ2JwNHd3TGVVQ0UyWFlOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTFCQy9BNEU2NzNDQURCRTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3 LUNicDR3d0xlVUNFMlhZTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBetIWGcPAnbeKEPOhTleYTeuZbe35tIEbN1DrK/2o52XPCo4d022DS 4ZbjcSgWG3V9i1xi+nEb6RH6uqvipAxuspQvxqq1de+W02ZcAN2eeXQTgj4Phf77 pfj1NiD/wo1ORe48/t8sSE0K/s6X2p99LwQuKvF0y2ZVc2NRU4ZUUZ+sJyJM04DE AuszmswddVPx3Eg3JDPLqgQgoUyY/LmwZay+mY4ylGS8iZxaN8h327fYlLSeLvKE DTH3diHjpYge8LPSApjJTvAGpLGZ00dAABPGRZcTfI0DWEicut5+4bj79IBRPaBg 0t6PZlP6XULTEYl/o/ijPNlDLh8E83m8 -----END CERTIFICATE-----Generated at Mon Jun 2 20:40:56 2025 by rpki-client