$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: htH1kBUhPCsP6wS+EnDHXKVKR8OnrSB+sqLtc06jTI4= Subject key identifier: 99:E3:7C:54:CB:AD:B6:D0:3D:19:68:88:62:8B:A9:69:58:0F:20:AB Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 219B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2160 Signing time: Mon 28 Apr 2025 16:02:39 +0000 Manifest this update: Mon 28 Apr 2025 16:02:38 +0000 Manifest next update: Mon 05 May 2025 16:02:38 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: 4tWII0SOZzkyvEOE2/p6k27q0laLhjJi8jI+QEhY2OU=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 9: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 15:55:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8603 (0x219b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Apr 28 16:02:38 2025 GMT Not After : May 5 16:02:38 2025 GMT Subject: CN=680fa69f-5971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:90:95:20:d7:c4:64:25:d9:1e:20:95:21:64: 5d:29:03:5f:a0:2e:31:67:8c:e9:6c:8e:a3:6b:14: d0:93:18:c4:86:78:7d:97:59:cc:f8:2f:fb:bf:16: 88:dc:86:52:b6:10:cb:73:24:48:28:a8:f6:6a:66: ec:b5:2a:67:f7:31:df:7d:e2:91:2c:89:3d:8b:7d: e0:fc:be:cd:51:69:23:cf:3d:fb:03:af:89:3b:3a: 81:37:19:0f:a2:85:f0:f3:c8:98:d8:8c:e0:19:54: 40:b4:1e:13:76:b3:93:3b:81:33:0a:80:c0:bc:27: f1:5c:b7:cc:73:8a:ff:e5:c2:e8:46:94:85:91:9c: df:45:10:2b:20:05:80:23:31:70:e4:c2:75:76:4c: 24:d1:ba:80:13:9c:18:24:0a:bb:a4:fc:66:67:7f: cb:06:9f:3b:e5:20:db:7f:fc:8a:55:75:0d:9d:16: 31:bd:ca:dc:6a:6a:69:3d:e5:3d:65:b5:c3:4f:09: e7:ac:27:ec:51:0f:ad:a9:cc:3a:f7:7b:52:c5:d1: 96:d4:b8:01:0f:b9:6a:cb:86:b4:33:52:90:eb:1d: 8f:b7:f4:36:cc:02:5f:42:5b:c3:3f:ec:bf:25:45: 66:ab:e1:42:ad:2a:94:7b:b4:ae:59:ad:3d:17:26: d2:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:E3:7C:54:CB:AD:B6:D0:3D:19:68:88:62:8B:A9:69:58:0F:20:AB X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:e5:3f:1b:9a:b1:de:a1:87:ff:27:4a:f2:b9:b0:54:e6:90: 49:a6:5b:12:50:0a:e2:c8:ae:17:55:1d:01:76:cb:99:9b:95: 4a:8c:ca:55:c0:05:a6:02:09:a2:26:5c:2c:59:e0:ff:10:5e: 42:fb:c5:de:f3:39:66:7b:86:d8:80:4e:06:20:0c:60:b2:f3: 09:1a:e6:03:77:2f:d7:f4:07:eb:fd:b5:10:ca:52:a5:f6:86: 3d:90:36:0d:45:88:96:ff:32:6b:93:c8:b4:b6:c2:29:93:29: e7:bb:f9:84:60:3b:c0:d1:3c:48:df:9e:c6:55:f6:4f:0f:56: 8c:4d:d9:b7:85:9f:b2:b0:23:a7:05:37:84:c1:8b:46:1b:49: 2a:82:9d:69:00:19:a4:2d:b3:57:89:c2:be:94:e5:17:44:e7: 38:ff:cb:56:f4:31:b2:3b:04:82:51:4c:0d:72:f8:ac:f3:46: 23:c7:fd:ed:a0:13:43:3d:59:f8:71:e5:a4:63:cc:2e:a5:37: 1a:61:73:f2:d1:52:67:f7:de:c2:3c:83:91:5b:85:79:ac:5e: 90:ef:e9:d1:23:d2:8d:79:20:ff:d1:74:16:09:21:1a:b5:99: ff:94:05:ac:b0:ce:f5:ff:6f:11:9a:95:bb:27:b4:11:61:9e: 76:32:cd:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNDI4MTYwMjM4WhcNMjUwNTA1MTYwMjM4WjAYMRYwFAYD VQQDEw02ODBmYTY5Zi01OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8ZCVINfEZCXZHiCVIWRdKQNfoC4xZ4zpbI6jaxTQkxjEhnh9l1nM+C/7vxaI 3IZSthDLcyRIKKj2ambstSpn9zHffeKRLIk9i33g/L7NUWkjzz37A6+JOzqBNxkP ooXw88iY2IzgGVRAtB4TdrOTO4EzCoDAvCfxXLfMc4r/5cLoRpSFkZzfRRArIAWA IzFw5MJ1dkwk0bqAE5wYJAq7pPxmZ3/LBp875SDbf/yKVXUNnRYxvcrcamppPeU9 ZbXDTwnnrCfsUQ+tqcw693tSxdGW1LgBD7lqy4a0M1KQ6x2Pt/Q2zAJfQlvDP+y/ JUVmq+FCrSqUe7SuWa09FybSDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJnjfFTL rbbQPRloiGKLqWlYDyCrMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCj5T8bmrHeoYf/J0ryubBU5pBJplsSUAriyK4XVR0BdsuZm5VKjMpV wAWmAgmiJlwsWeD/EF5C+8Xe8zlme4bYgE4GIAxgsvMJGuYDdy/X9Afr/bUQylKl 9oY9kDYNRYiW/zJrk8i0tsIpkynnu/mEYDvA0TxI357GVfZPD1aMTdm3hZ+ysCOn BTeEwYtGG0kqgp1pABmkLbNXicK+lOUXROc4/8tW9DGyOwSCUUwNcvis80Yjx/3t oBNDPVn4ceWkY8wupTcaYXPy0VJn997CPIORW4V5rF6Q7+nRI9KNeSD/0XQWCSEa tZn/lAWssM71/28RmpW7J7QRYZ52Ms1T -----END CERTIFICATE-----Generated at Mon Apr 28 17:46:07 2025 by rpki-client on console.sobornost.net