$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.mft File: Qp7OGTjMiSSxEQllyc9PlkhgIBg.mft (raw, json) Hash identifier: eTVKcOHM5rAEOn0mavXcyium3NhxSFL9e3q+NlYe65Y= Subject key identifier: 1A:03:4A:A9:D8:94:E4:4A:3E:B5:73:C2:49:DC:1C:3A:9F:BE:A7:15 Authority key identifier: 42:9E:CE:19:38:CC:89:24:B1:11:09:65:C9:CF:4F:96:48:60:20:18 Certificate issuer: /CN=A914EAE4/serialNumber=429ECE1938CC8924B1110965C9CF4F9648602018 Certificate serial: 1AFF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qp7OGTjMiSSxEQllyc9PlkhgIBg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.mft Manifest number: 1AFB Signing time: Mon 28 Apr 2025 16:24:50 +0000 Manifest this update: Mon 28 Apr 2025 16:24:50 +0000 Manifest next update: Mon 05 May 2025 16:24:50 +0000 Files and hashes: 1: Qp7OGTjMiSSxEQllyc9PlkhgIBg.crl (hash: KmTD4R6C19iAIfScKPEyZYpGdrXEPghTGqNrw/KkVGw=) 2: 7E1ADD74E00E11EDA7E1B640C4F9AE02.roa (hash: l8rbVcrxpBL4K1nr5JzCpQg12eUyxOnsIOK36gYUlKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.crl rsync://rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qp7OGTjMiSSxEQllyc9PlkhgIBg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6911 (0x1aff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4, serialNumber=429ECE1938CC8924B1110965C9CF4F9648602018 Validity Not Before: Apr 28 16:24:50 2025 GMT Not After : May 5 16:24:50 2025 GMT Subject: CN=680fabd2-6621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:56:9e:bb:a8:8a:d5:e0:62:63:f3:72:52:94: e7:30:a2:ea:8e:e6:19:35:b3:87:a0:27:cd:3a:81: 74:25:07:60:06:6b:53:ef:63:dd:0a:7d:4f:dc:ca: f8:52:43:43:b5:db:c3:53:56:bf:80:a0:72:ad:d5: fd:59:e7:b5:f3:69:35:11:93:2d:7d:36:8d:97:8e: 0e:df:e6:85:c6:b6:f9:a3:78:64:ab:b7:70:97:0d: 83:88:89:31:9c:24:88:bf:0a:49:c6:95:6e:60:3d: 85:4e:33:c8:49:ec:5b:f1:e2:ad:be:bb:4b:cc:0e: 74:60:fd:ea:0a:b9:52:71:1a:5b:b5:8f:ba:75:e0: 8e:95:07:97:a8:31:32:02:53:2e:4a:7d:77:ea:7c: f3:03:f7:c0:ce:b3:64:0c:fc:55:41:45:6b:a3:01: 65:f7:ec:36:9b:11:00:3e:67:8f:ab:96:0e:3d:f4: 24:25:7b:4e:34:5b:60:1d:bc:7e:45:c9:a8:44:d7: fe:22:ac:2f:02:75:bb:1d:e2:a2:42:3d:60:f5:cc: 28:38:c4:3b:57:6a:04:05:07:74:4e:02:b9:c6:9c: e2:96:65:35:02:cb:34:f2:01:62:43:06:14:63:49: de:d0:f0:c3:0d:ae:cf:51:9e:11:d3:70:03:67:2d: 2b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:03:4A:A9:D8:94:E4:4A:3E:B5:73:C2:49:DC:1C:3A:9F:BE:A7:15 X509v3 Authority Key Identifier: keyid:42:9E:CE:19:38:CC:89:24:B1:11:09:65:C9:CF:4F:96:48:60:20:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qp7OGTjMiSSxEQllyc9PlkhgIBg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/5ECC15AA257511E7AC0D172AC4F9AE02/Qp7OGTjMiSSxEQllyc9PlkhgIBg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:a9:74:5a:16:3a:b1:d4:7d:81:02:88:8b:e9:3a:88:e7:43: 73:72:17:d0:62:c1:9a:0a:ea:ea:48:ce:c4:98:1e:42:ab:56: 47:42:90:13:de:eb:c1:78:32:50:0a:f4:8f:b0:0a:5e:b9:e8: 1e:5e:f3:55:bb:70:d2:c9:b5:31:88:0e:97:b9:6d:18:69:75: c2:40:f9:f2:71:3e:11:b5:84:a4:84:1f:29:e8:8b:5c:3f:fd: f3:e4:30:28:e2:06:c8:35:7e:93:1c:62:95:48:84:2b:a1:ae: ea:0d:f7:2a:91:b4:69:5e:a9:9f:c1:6d:9b:a2:5f:cc:b4:a7: 61:f6:40:27:97:8c:02:77:62:8f:68:60:40:b2:d0:06:bb:5c: 11:bf:e3:f9:2e:47:16:7e:6f:d2:c6:5f:6c:67:1c:d3:02:7f: 6f:9c:e3:b3:bc:e5:f8:06:0e:49:05:90:f0:b1:2d:14:3c:4f: 8e:5e:e3:28:e0:22:96:4d:66:d2:63:53:dd:2d:89:82:d1:5c: ec:20:df:6a:46:5b:7e:34:62:29:5f:ec:c2:62:83:0d:00:37: 28:4c:c6:b7:d7:36:6b:c7:c4:e5:c2:eb:25:97:be:cf:ed:f4: b0:d1:85:02:50:61:0a:95:46:95:14:29:bb:3e:2a:ca:ca:08: 7a:94:0f:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKDQyOUVDRTE5MzhDQzg5MjRCMTExMDk2NUM5Q0Y0Rjk2 NDg2MDIwMTgwHhcNMjUwNDI4MTYyNDUwWhcNMjUwNTA1MTYyNDUwWjAYMRYwFAYD VQQDEw02ODBmYWJkMi02NjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Vaeu6iK1eBiY/NyUpTnMKLqjuYZNbOHoCfNOoF0JQdgBmtT72PdCn1P3Mr4 UkNDtdvDU1a/gKByrdX9Wee182k1EZMtfTaNl44O3+aFxrb5o3hkq7dwlw2DiIkx nCSIvwpJxpVuYD2FTjPISexb8eKtvrtLzA50YP3qCrlScRpbtY+6deCOlQeXqDEy AlMuSn136nzzA/fAzrNkDPxVQUVrowFl9+w2mxEAPmePq5YOPfQkJXtONFtgHbx+ RcmoRNf+IqwvAnW7HeKiQj1g9cwoOMQ7V2oEBQd0TgK5xpzilmU1Ass08gFiQwYU Y0ne0PDDDa7PUZ4R03ADZy0rEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBoDSqnY lORKPrVzwkncHDqfvqcVMB8GA1UdIwQYMBaAFEKezhk4zIkksREJZcnPT5ZIYCAY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC81RUNDMTVBQTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9RcDdPR1RqTWlTU3hFUWxseWM5UGxraGdJ QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FwN09HVGpNaVNTeEVRbGx5YzlQbGtoZ0lCZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RUFFNC81RUNDMTVBQTI1NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9RcDdPR1RqTWlT U3hFUWxseWM5UGxraGdJQmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAqXRaFjqx1H2BAoiL6TqI50NzchfQYsGaCurqSM7EmB5Cq1ZHQpAT 3uvBeDJQCvSPsApeuegeXvNVu3DSybUxiA6XuW0YaXXCQPnycT4RtYSkhB8p6Itc P/3z5DAo4gbINX6THGKVSIQroa7qDfcqkbRpXqmfwW2bol/MtKdh9kAnl4wCd2KP aGBAstAGu1wRv+P5LkcWfm/Sxl9sZxzTAn9vnOOzvOX4Bg5JBZDwsS0UPE+OXuMo 4CKWTWbSY1PdLYmC0VzsIN9qRlt+NGIpX+zCYoMNADcoTMa31zZrx8Tlwusll77P 7fSw0YUCUGEKlUaVFCm7PirKygh6lA+H -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:33 2025 by rpki-client on console.sobornost.net