$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft File: QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft (raw, json) Hash identifier: 55iZnqaDN4c36W/5jJyjyX8IqjG9uUi+C+6hfL6fpdM= Subject key identifier: DB:E9:C4:DC:DD:FB:7B:EB:7C:F6:39:4C:53:FF:7A:78:F5:C6:A3:1A Authority key identifier: 41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C Certificate issuer: /CN=A91EC8C9/serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Certificate serial: 03B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft Manifest number: 03AC Signing time: Sat 31 May 2025 00:54:28 +0000 Manifest this update: Sat 31 May 2025 00:54:28 +0000 Manifest next update: Sat 07 Jun 2025 00:54:28 +0000 Files and hashes: 1: QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl (hash: 2KQcRYJ5v0OCbW7iyxlS/VfHef+cCZPW5BkmEUAY9W4=) 2: FFDA736894CB11ECA827746DC4F9AE02.roa (hash: pj2LnVj5JMKgQoW/CIO4SmTNgNuQfByzQiOUhiNM/dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:54:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 945 (0x3b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC8C9, serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Validity Not Before: May 31 00:54:28 2025 GMT Not After : Jun 7 00:54:28 2025 GMT Subject: CN=683a5344-8313 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ba:6a:b1:84:37:dd:f8:f5:0b:fc:71:50:14: 0c:ca:80:61:5f:7b:79:1a:9d:5d:a5:b5:29:39:7c: 29:62:4a:a1:95:e9:1f:6e:d8:fc:18:38:9c:1a:e0: b8:e0:7f:19:02:15:7f:d3:73:15:7e:3b:d0:fb:a8: 84:90:f7:48:49:a8:c2:ca:ff:7b:81:b9:39:81:f2: c2:44:58:e5:b1:24:3e:7e:c6:d8:3d:ff:9c:01:ec: 0f:30:24:6d:e0:f3:60:33:41:a8:26:b1:71:eb:4a: b6:5b:b8:72:b0:e4:20:96:2c:5b:72:21:8e:b2:8d: 74:38:75:7b:4a:84:c6:bb:1e:2f:75:c8:6c:af:e5: 9f:19:3d:ed:6a:56:e4:8b:c7:13:ba:d0:1e:cb:45: 05:48:74:37:fb:af:46:d9:3c:6d:ee:11:b4:ed:90: ff:0a:7c:00:53:4b:33:cf:75:8c:25:b1:75:9e:68: f1:3d:4b:d9:c1:98:cc:71:be:ea:b2:b1:d2:9d:27: dc:84:90:bd:76:09:d4:d2:93:cb:60:74:60:ad:ea: e1:a7:a7:e0:2c:0e:4a:5b:90:81:08:76:68:db:98: 58:96:82:6f:ab:67:7a:90:00:46:ee:fd:26:cf:3b: 07:6b:ca:a1:d7:e3:51:1a:e8:d5:ae:b6:3d:5d:33: 93:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:E9:C4:DC:DD:FB:7B:EB:7C:F6:39:4C:53:FF:7A:78:F5:C6:A3:1A X509v3 Authority Key Identifier: keyid:41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:68:26:3f:32:0a:11:c4:63:4d:80:64:e5:3f:fc:29:2c:04: a7:4a:67:1e:d9:1e:c9:1f:74:2f:36:82:5a:9a:b4:6d:c6:95: 14:62:d7:f8:ac:3b:35:1d:67:fe:7a:9c:76:5b:d8:44:aa:71: 75:be:01:23:02:8d:ad:ee:8e:03:72:25:41:03:1a:3d:76:4f: a6:3a:2d:15:1f:d3:b6:be:fe:c8:18:b8:dc:e7:13:79:e7:c5: 7b:5a:fa:d0:02:10:cc:8c:a5:66:80:05:e7:5f:68:16:70:e8: 17:f0:c1:a5:a7:2c:45:0b:34:71:6b:1c:48:db:13:9f:20:2c: 47:45:9e:fc:c1:6f:97:2c:61:e1:7b:02:61:f0:ac:4a:1b:6f: f5:06:44:6d:c6:c3:fa:59:e1:5d:a5:06:43:f6:d0:fd:3f:09: 3e:2a:3b:7c:69:86:06:de:b7:91:45:5f:84:37:dc:e1:b5:0f: 58:27:d9:23:b2:d8:b7:36:f7:ce:01:f7:3f:3f:13:95:89:ea: 50:21:e2:c6:7a:d8:24:63:4b:c4:fd:15:3e:f3:2a:a2:29:0b: de:c5:58:07:96:3a:13:1b:d4:8e:e6:e7:e0:a0:43:55:ef:1c: d0:af:07:18:a8:d4:fa:cf:dd:a0:c7:e4:64:a8:8d:6e:eb:fe: b4:22:52:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM4QzkxMTAvBgNVBAUTKDQxMjNBQzJFQzA2OUQyRUYyNzIwMUY0REJDQUFDNkMx OTEyMTkwMkMwHhcNMjUwNTMxMDA1NDI4WhcNMjUwNjA3MDA1NDI4WjAYMRYwFAYD VQQDEw02ODNhNTM0NC04MzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnrpqsYQ33fj1C/xxUBQMyoBhX3t5Gp1dpbUpOXwpYkqhlekfbtj8GDicGuC4 4H8ZAhV/03MVfjvQ+6iEkPdISajCyv97gbk5gfLCRFjlsSQ+fsbYPf+cAewPMCRt 4PNgM0GoJrFx60q2W7hysOQglixbciGOso10OHV7SoTGux4vdchsr+WfGT3talbk i8cTutAey0UFSHQ3+69G2Txt7hG07ZD/CnwAU0szz3WMJbF1nmjxPUvZwZjMcb7q srHSnSfchJC9dgnU0pPLYHRgrerhp6fgLA5KW5CBCHZo25hYloJvq2d6kABG7v0m zzsHa8qh1+NRGujVrrY9XTOTGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNvpxNzd +3vrfPY5TFP/enj1xqMaMB8GA1UdIwQYMBaAFEEjrC7AadLvJyAfTbyqxsGRIZAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzhDOS83MzhEREZDNDk0 QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1OG5JQjlOdktyR3daRWhr Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FTT3NMc0JwMHU4bklCOU52S3JHd1pFaGtDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzhDOS83MzhEREZDNDk0QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1 OG5JQjlOdktyR3daRWhrQ3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEaCY/MgoRxGNNgGTlP/wpLASnSmce2R7JH3QvNoJamrRtxpUUYtf4 rDs1HWf+epx2W9hEqnF1vgEjAo2t7o4DciVBAxo9dk+mOi0VH9O2vv7IGLjc5xN5 58V7WvrQAhDMjKVmgAXnX2gWcOgX8MGlpyxFCzRxaxxI2xOfICxHRZ78wW+XLGHh ewJh8KxKG2/1BkRtxsP6WeFdpQZD9tD9Pwk+Kjt8aYYG3reRRV+EN9zhtQ9YJ9kj sti3NvfOAfc/PxOViepQIeLGetgkY0vE/RU+8yqiKQvexVgHljoTG9SO5ufgoENV 7xzQrwcYqNT6z92gx+RkqI1u6/60IlKm -----END CERTIFICATE-----Generated at Sat May 31 16:46:47 2025 by rpki-client