$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft File: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft (raw, json) Hash identifier: XTDQTqFJapOCrfKHzS8Q6fFzusueuDv/BuUgAOqdV0M= Subject key identifier: 83:F5:70:4C:AB:FE:9E:93:9D:02:60:B3:0C:F6:06:AA:FB:4E:4D:81 Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Certificate serial: 0AB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft Manifest number: 0A0E Signing time: Mon 28 Apr 2025 20:29:05 +0000 Manifest this update: Mon 28 Apr 2025 20:29:04 +0000 Manifest next update: Mon 05 May 2025 20:29:04 +0000 Files and hashes: 1: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl (hash: HgbNVbTZk8CSgIZ2YnT3080HJnHgmteSeIeLWImjREg=) 2: C3E2252E205F11EE8117111CC4F9AE02.roa (hash: b89a9XRc4AM1AMlF52w1xwkFcE20RCssOx3I+fNCh44=) 3: 8626FFC65AE511EBA452D33EC4F9AE02.roa (hash: p+jw9LTgVlA4Fas32lm4S+s3Nf7H/SOUto4eg7ZR3k4=) 4: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (hash: 544CGw77adzKZSVB6a/EsmcNRdkcJyyJICXTpEPCpPk=) 5: 84023C06D24611EABDDF5344C4F9AE02.roa (hash: 1tQbOZGCpdjO+Y55KBqDyrU6PI7sCOp/TxXvN4NzOO0=) 6: 553170245AC511EBA052F663C4F9AE02.roa (hash: zZIIEfeakO+43e0JDOBIzAkL5O9TeO1Bv2dEETveidg=) 7: 61EFB2ACAC3611EDA5995F3FC4F9AE02.roa (hash: 4F/pO+DMZTaTanjCd4dRpqI6rwchzZD2B/zrGpX4dy4=) 8: DCF88EAE5ED811EBAB677671C4F9AE02.roa (hash: +xAAC0Q1keCic3iZwKSmyffjMCHYPPvNkq4JH4+m/zo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 20:29:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2741 (0xab5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Validity Not Before: Apr 28 20:29:04 2025 GMT Not After : May 5 20:29:04 2025 GMT Subject: CN=680fe511-ea4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:32:b3:4e:f7:69:ad:a3:e3:ef:ff:85:51:b4: a4:4b:d3:b4:a5:be:74:02:d8:3c:7a:20:23:03:54: 94:8b:85:c1:ba:0a:0d:e4:1f:ed:98:65:8e:e0:e7: 34:83:5d:32:0b:22:84:73:b3:ac:77:81:5e:a4:57: 13:71:cb:c0:e4:ca:c3:94:31:72:0f:61:3a:49:83: a7:1f:50:4a:52:d8:3f:56:52:32:5c:ea:cc:00:66: f0:24:1d:2d:d5:ae:cf:a8:9c:d9:79:98:c9:03:41: df:82:d7:8c:bb:e6:b1:35:89:cb:76:f0:c2:3a:be: 24:b5:33:17:39:8a:93:47:8a:04:0d:19:82:6a:89: f1:4b:c3:3c:01:79:ee:dc:7f:93:82:9a:28:ad:01: 8e:75:f6:ee:30:cb:56:ee:ac:13:5f:01:58:5c:6b: fb:fb:c0:b9:b3:ff:bc:71:d4:b0:a6:32:2e:c7:6a: 1c:77:a9:f0:5c:65:1f:ae:78:68:37:cd:6c:79:cd: 90:b2:ab:2b:81:5c:23:43:75:70:11:0b:0d:ba:b6: 7d:35:87:97:b7:e9:90:2a:4a:6b:42:a5:d8:d5:3d: cf:ef:41:47:40:7c:28:89:68:88:05:74:b7:89:bb: 6d:4a:a7:ff:c7:a9:3a:ac:eb:56:65:4c:db:42:47: 9c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:F5:70:4C:AB:FE:9E:93:9D:02:60:B3:0C:F6:06:AA:FB:4E:4D:81 X509v3 Authority Key Identifier: keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:88:2c:22:4f:28:a3:5c:42:86:ba:27:d8:d6:08:9c:8c:5e: 64:f4:c7:2c:f6:f3:ee:38:c3:c3:e3:33:c8:39:40:68:82:e4: 2a:cb:b4:57:1a:1c:ee:3a:83:f2:56:e6:74:a0:e1:9c:9c:30: 6a:d6:ad:1f:60:bc:8e:52:33:5b:e2:ee:0f:6f:f4:88:12:6e: 01:f9:36:be:e4:f5:ff:cb:5b:eb:e0:c6:17:5d:53:2b:7d:28: dd:17:93:1d:88:a5:37:17:2f:83:63:ed:e7:b5:b5:43:46:41: a1:45:a9:5c:e1:96:55:1c:3f:47:77:c2:a0:23:83:8a:a3:be: 47:53:69:2b:40:0a:5e:d6:99:fb:e8:51:25:7d:b5:1b:2c:59: 6b:a0:bd:a8:b6:cc:a4:32:3d:a5:ea:81:7b:3d:86:b7:c5:94: 2b:37:df:34:35:70:4a:a0:c6:71:d9:34:42:44:c7:2d:8a:73: 31:6f:14:b0:e3:7c:cc:84:5c:97:f7:45:1d:f4:9c:43:29:f5: 53:16:42:d2:f6:25:a7:0b:a4:11:98:05:67:11:ce:74:16:a4: 6f:a7:52:d4:9b:43:36:34:0e:cc:fc:e0:de:5b:52:a2:90:6a: 4f:85:cf:a9:71:86:e6:ea:26:13:a6:bf:af:cc:8a:4e:d3:6c: d6:41:fa:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE NTQ0QTYyQTYwHhcNMjUwNDI4MjAyOTA0WhcNMjUwNTA1MjAyOTA0WjAYMRYwFAYD VQQDEw02ODBmZTUxMS1lYTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmTKzTvdpraPj7/+FUbSkS9O0pb50Atg8eiAjA1SUi4XBugoN5B/tmGWO4Oc0 g10yCyKEc7Osd4FepFcTccvA5MrDlDFyD2E6SYOnH1BKUtg/VlIyXOrMAGbwJB0t 1a7PqJzZeZjJA0HfgteMu+axNYnLdvDCOr4ktTMXOYqTR4oEDRmCaonxS8M8AXnu 3H+TgpoorQGOdfbuMMtW7qwTXwFYXGv7+8C5s/+8cdSwpjIux2ocd6nwXGUfrnho N81sec2QsqsrgVwjQ3VwEQsNurZ9NYeXt+mQKkprQqXY1T3P70FHQHwoiWiIBXS3 ibttSqf/x6k6rOtWZUzbQkecjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIP1cEyr /p6TnQJgswz2Bqr7Tk2BMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1 MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NjQ3Qy80MzdDQzQwNjg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhL ZEJ4cUpKM0FGYWJWUktZcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLiCwiTyijXEKGuifY1gicjF5k9Mcs9vPuOMPD4zPIOUBoguQqy7RX GhzuOoPyVuZ0oOGcnDBq1q0fYLyOUjNb4u4Pb/SIEm4B+Ta+5PX/y1vr4MYXXVMr fSjdF5MdiKU3Fy+DY+3ntbVDRkGhRalc4ZZVHD9Hd8KgI4OKo75HU2krQApe1pn7 6FElfbUbLFlroL2otsykMj2l6oF7PYa3xZQrN980NXBKoMZx2TRCRMctinMxbxSw 43zMhFyX90Ud9JxDKfVTFkLS9iWnC6QRmAVnEc50FqRvp1LUm0M2NA7M/ODeW1Ki kGpPhc+pcYbm6iYTpr+vzIpO02zWQfoy -----END CERTIFICATE-----Generated at Mon Apr 28 23:04:49 2025 by rpki-client on console.sobornost.net