$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft File: sqo-Olsp4PQc3Vphf3-2o3obkBE.mft (raw, json) Hash identifier: EkwZhSuHPCtbApD0sxWY6vh1MTsQbtDJ/rdDSg6smxE= Subject key identifier: D1:B4:31:B6:6F:6B:26:8F:15:0A:FC:43:EF:42:CC:74:F8:C0:6D:C2 Authority key identifier: B2:AA:3E:3A:5B:29:E0:F4:1C:DD:5A:61:7F:7F:B6:A3:7A:1B:90:11 Certificate issuer: /CN=A91FB924/serialNumber=B2AA3E3A5B29E0F41CDD5A617F7FB6A37A1B9011 Certificate serial: 3497 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft Manifest number: 3490 Signing time: Wed 04 Jun 2025 14:36:59 +0000 Manifest this update: Wed 04 Jun 2025 14:36:58 +0000 Manifest next update: Wed 11 Jun 2025 14:36:58 +0000 Files and hashes: 1: sqo-Olsp4PQc3Vphf3-2o3obkBE.crl (hash: jvQx4HVEi+KVOm8I2KnDeJ+VR5ikpGROUwA/nlptEb4=) 2: DF502EECD44511E984021644C4F9AE02.roa (hash: lhTwffgGoDZ+11LSS1CyopFlM7JUjXizmn+X+Kky/Wk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.crl rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 14:36:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13463 (0x3497) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB924, serialNumber=B2AA3E3A5B29E0F41CDD5A617F7FB6A37A1B9011 Validity Not Before: Jun 4 14:36:58 2025 GMT Not After : Jun 11 14:36:58 2025 GMT Subject: CN=68405a0a-7ce0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:68:ea:5a:ca:88:6c:55:32:11:37:eb:45:1c: 41:08:f3:9c:04:95:bf:aa:12:e7:96:09:af:2e:2e: 87:01:5a:9a:31:d3:d5:6f:61:a0:b0:ea:7c:2e:1c: e6:2c:a7:12:68:b6:b9:0d:cf:24:1e:64:29:5c:4a: 83:06:6b:c6:ea:9c:81:88:d2:92:33:6e:42:a4:9d: 3d:b9:d1:b5:a3:17:cb:33:fc:fe:43:2a:6c:a5:10: 1d:e5:38:20:3e:9c:23:b3:8d:3c:c2:40:8f:ba:63: d2:74:72:49:90:f6:c9:5e:88:74:36:69:eb:1e:cf: cc:a4:96:e3:95:05:c9:54:04:30:c3:a3:96:e9:2e: 75:b3:84:2e:17:e4:81:8f:00:7e:80:b5:38:7f:37: 7c:e4:33:fe:43:67:f5:44:4a:9b:ee:37:23:b1:33: e1:95:6d:9e:be:6b:7e:05:a1:19:50:74:f4:72:ae: c5:79:ba:0d:2a:b2:32:a1:be:0b:a3:f6:fd:56:ef: 90:5a:5f:e5:fb:64:02:d3:d6:c8:3a:53:16:df:14: 07:b0:49:35:a2:16:ec:07:4d:cb:7c:1d:db:a1:14: f3:8e:7e:80:80:64:7c:20:27:a2:d6:13:6f:85:4c: 57:70:34:ec:00:7e:ac:e2:d2:44:c4:b5:d5:bd:91: ef:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B4:31:B6:6F:6B:26:8F:15:0A:FC:43:EF:42:CC:74:F8:C0:6D:C2 X509v3 Authority Key Identifier: keyid:B2:AA:3E:3A:5B:29:E0:F4:1C:DD:5A:61:7F:7F:B6:A3:7A:1B:90:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:61:b9:56:1e:26:39:3f:9f:59:3d:af:05:30:ff:33:36:f4: c5:4f:25:c8:c5:18:87:dc:b3:7b:3f:ac:f8:a9:0a:db:69:8f: 58:a3:a7:98:37:b1:01:28:af:29:ac:18:36:b6:60:94:4f:5d: 1f:90:82:28:56:0a:48:e0:27:8d:3d:fc:35:41:cc:1b:da:ae: a5:dc:ef:57:36:3d:93:e1:00:d5:fe:c0:96:69:89:19:f3:a7: a7:f6:31:d1:b8:69:fd:0b:48:e4:fd:46:7a:fb:ae:80:6f:2e: 55:96:ce:17:e2:e7:39:dc:99:ea:6b:c2:77:43:d9:fd:81:bf: 8b:da:91:0c:35:e3:e1:16:28:19:50:17:ba:d1:99:61:7b:3f: fc:a7:f1:cd:f2:98:0d:6e:3b:80:7d:4f:7f:ce:02:c7:ee:22: e2:5d:cf:e8:21:c7:b5:9c:9e:b3:c5:df:76:4a:98:a8:9b:01: 22:28:d8:53:a7:0e:4d:4b:f9:34:8a:9c:21:9b:58:75:a1:71: 81:20:72:f3:8a:5a:99:7e:3b:95:12:bc:80:5e:f8:20:1b:af: 76:71:fd:23:54:9d:d2:47:e0:7d:95:44:fa:6e:2f:ca:4e:18: 4e:7e:ff:81:c1:e0:81:d7:41:d1:ca:6a:f5:41:09:84:18:15: 86:63:17:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkI5MjQxMTAvBgNVBAUTKEIyQUEzRTNBNUIyOUUwRjQxQ0RENUE2MTdGN0ZCNkEz N0ExQjkwMTEwHhcNMjUwNjA0MTQzNjU4WhcNMjUwNjExMTQzNjU4WjAYMRYwFAYD VQQDEw02ODQwNWEwYS03Y2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnGjqWsqIbFUyETfrRRxBCPOcBJW/qhLnlgmvLi6HAVqaMdPVb2GgsOp8Lhzm LKcSaLa5Dc8kHmQpXEqDBmvG6pyBiNKSM25CpJ09udG1oxfLM/z+QypspRAd5Tgg Ppwjs408wkCPumPSdHJJkPbJXoh0NmnrHs/MpJbjlQXJVAQww6OW6S51s4QuF+SB jwB+gLU4fzd85DP+Q2f1REqb7jcjsTPhlW2evmt+BaEZUHT0cq7FeboNKrIyob4L o/b9Vu+QWl/l+2QC09bIOlMW3xQHsEk1ohbsB03LfB3boRTzjn6AgGR8ICei1hNv hUxXcDTsAH6s4tJExLXVvZHvhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNG0MbZv ayaPFQr8Q+9CzHT4wG3CMB8GA1UdIwQYMBaAFLKqPjpbKeD0HN1aYX9/tqN6G5AR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQjkyNC9GRUQyM0Q4MjFE OEIxMUUyODZBMkU1RTYwOEIwMkNEMi9zcW8tT2xzcDRQUWMzVnBoZjMtMm8zb2Jr QkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Nxby1PbHNwNFBRYzNWcGhmMy0ybzNvYmtCRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QjkyNC9GRUQyM0Q4MjFEOEIxMUUyODZBMkU1RTYwOEIwMkNEMi9zcW8tT2xzcDRQ UWMzVnBoZjMtMm8zb2JrQkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAYblWHiY5P59ZPa8FMP8zNvTFTyXIxRiH3LN7P6z4qQrbaY9Yo6eY N7EBKK8prBg2tmCUT10fkIIoVgpI4CeNPfw1Qcwb2q6l3O9XNj2T4QDV/sCWaYkZ 86en9jHRuGn9C0jk/UZ6+66Aby5Vls4X4uc53Jnqa8J3Q9n9gb+L2pEMNePhFigZ UBe60Zlhez/8p/HN8pgNbjuAfU9/zgLH7iLiXc/oIce1nJ6zxd92SpiomwEiKNhT pw5NS/k0ipwhm1h1oXGBIHLzilqZfjuVEryAXvggG692cf0jVJ3SR+B9lUT6bi/K ThhOfv+BweCB10HRymr1QQmEGBWGYxdV -----END CERTIFICATE-----Generated at Thu Jun 5 18:14:21 2025 by rpki-client