$ rpki-client -vvf rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft File: QN1mK29ul7NNO3WoAH3lOI2SclM.mft (raw, json) Hash identifier: JnZufVKfEcjbmXTrG9vSUXxpIOGY+PcwqZ4cssWec6s= Subject key identifier: 32:E9:C9:7C:06:36:7E:18:33:34:FD:96:4C:96:7B:4A:E3:24:B5:BA Authority key identifier: 40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 Certificate issuer: /CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Certificate serial: 067C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft Manifest number: 0674 Signing time: Fri 22 Aug 2025 22:36:45 +0000 Manifest this update: Fri 22 Aug 2025 22:36:44 +0000 Manifest next update: Fri 29 Aug 2025 22:36:44 +0000 Files and hashes: 1: QN1mK29ul7NNO3WoAH3lOI2SclM.crl (hash: 2luwS7J+fJSrKI4GxXdUFDoLyDXajbyk3Ls2O8kl4yo=) 2: 85613B4E8C8411EBB68DD829C4F9AE02.roa (hash: JUDELwHgPtKuVC+Zxi+8ziVhRWeVBos3PiAym1dLOsg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:36:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1660 (0x67c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CF44, serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Validity Not Before: Aug 22 22:36:44 2025 GMT Not After : Aug 29 22:36:44 2025 GMT Subject: CN=68a8f0fc-7fd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fb:67:85:a5:fc:e5:9c:e1:c2:ba:82:8d:c0: 16:5c:fa:1e:f8:b4:50:29:4f:28:9f:77:b1:93:75: ae:03:42:a0:b2:f1:cc:1c:b9:5c:7a:18:ed:4c:d7: b5:f6:55:4c:47:04:5c:ae:04:be:89:78:4c:e1:b7: f8:d8:84:63:e7:5a:42:cc:ae:19:2b:f3:f0:41:da: d3:fb:74:a8:ff:b9:85:67:44:b2:2a:d1:f9:e9:3c: fc:10:d0:af:0e:7a:cf:d0:89:56:38:2d:76:4d:14: 94:fd:04:a0:4f:d1:da:56:b0:c7:1f:95:d0:25:0a: dc:54:0c:5d:30:ba:de:ec:d9:f4:1a:ab:4e:aa:11: c1:da:c9:7c:2c:b0:ae:ba:51:61:d5:90:e3:2a:d6: 89:b6:75:7f:c7:4d:f9:17:5c:25:e3:cb:0a:79:b1: 7b:58:eb:d2:ab:f0:c4:c0:4b:d3:7d:09:78:3d:a0: 55:32:6f:a8:36:bb:e1:23:a3:ef:ba:6c:10:7c:36: 26:ca:79:9b:d3:9c:5d:b8:49:9c:09:98:c4:02:27: 78:dc:df:d1:c3:3b:e6:b8:f8:68:45:78:7c:f5:a0: 14:3d:f5:e8:e9:ef:56:40:51:29:c1:0c:6f:3f:5f: 2c:b5:2d:d0:3f:43:1c:72:1e:72:e6:f1:8c:9d:f8: e1:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:E9:C9:7C:06:36:7E:18:33:34:FD:96:4C:96:7B:4A:E3:24:B5:BA X509v3 Authority Key Identifier: keyid:40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:53:15:9c:b9:0f:c6:19:18:77:26:ff:26:e1:41:e6:30:2a: 7f:5e:38:af:42:89:08:48:b7:cd:15:f8:30:e6:a8:cb:d3:71: d5:d4:ea:0a:24:09:d8:21:cf:86:14:e2:83:cc:d1:7b:8e:d4: 45:89:eb:c7:42:ab:de:d8:8d:68:7e:83:9e:83:f6:3a:f1:0b: ac:18:6c:18:3f:96:23:64:4a:a0:2a:3a:98:62:fe:18:f0:f1: 26:06:16:31:7d:f8:0a:a1:04:d4:12:fe:ad:c2:a9:db:89:a0: 3e:b0:34:33:34:55:fd:ca:55:d4:6b:ec:e1:2a:27:f6:2c:ea: 6d:ad:42:77:22:b6:7c:02:70:67:07:47:4e:db:0e:78:e7:77: 82:15:7c:52:7c:8b:c0:07:e7:8b:34:2c:cd:05:f6:1b:f1:39: ce:43:81:9f:b6:41:a7:5b:25:af:d2:b7:45:8a:9d:7a:54:ad: c4:12:c1:35:8a:56:10:9c:ec:0b:85:85:53:45:61:c3:4f:8c: 27:aa:a3:4f:b7:9b:3d:1f:f6:55:21:2b:cf:ed:fd:e3:7c:5b: e9:6c:ca:e9:8b:d8:11:1c:b8:e9:d3:29:7b:56:38:eb:fd:ea: 9f:5f:16:da:2a:a6:06:51:9d:e5:ee:7a:79:ba:5d:fa:4f:72: 16:97:d6:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNGNDQxMTAvBgNVBAUTKDQwREQ2NjJCNkY2RTk3QjM0RDNCNzVBODAwN0RFNTM4 OEQ5MjcyNTMwHhcNMjUwODIyMjIzNjQ0WhcNMjUwODI5MjIzNjQ0WjAYMRYwFAYD VQQDEw02OGE4ZjBmYy03ZmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvvtnhaX85ZzhwrqCjcAWXPoe+LRQKU8on3exk3WuA0KgsvHMHLlcehjtTNe1 9lVMRwRcrgS+iXhM4bf42IRj51pCzK4ZK/PwQdrT+3So/7mFZ0SyKtH56Tz8ENCv DnrP0IlWOC12TRSU/QSgT9HaVrDHH5XQJQrcVAxdMLre7Nn0GqtOqhHB2sl8LLCu ulFh1ZDjKtaJtnV/x035F1wl48sKebF7WOvSq/DEwEvTfQl4PaBVMm+oNrvhI6Pv umwQfDYmynmb05xduEmcCZjEAid43N/RwzvmuPhoRXh89aAUPfXo6e9WQFEpwQxv P18stS3QP0Mcch5y5vGMnfjhCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLpyXwG Nn4YMzT9lkyWe0rjJLW6MB8GA1UdIwQYMBaAFEDdZitvbpezTTt1qAB95TiNknJT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0Y0NC82Njc3QkVCNjhD ODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3Tk5PM1dvQUgzbE9JMlNj bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOMW1LMjl1bDdOTk8zV29BSDNsT0kyU2NsTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0Y0NC82Njc3QkVCNjhDODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3 Tk5PM1dvQUgzbE9JMlNjbE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFUxWcuQ/GGRh3Jv8m4UHmMCp/XjivQokISLfNFfgw5qjL03HV1OoK JAnYIc+GFOKDzNF7jtRFievHQqve2I1ofoOeg/Y68QusGGwYP5YjZEqgKjqYYv4Y 8PEmBhYxffgKoQTUEv6twqnbiaA+sDQzNFX9ylXUa+zhKif2LOptrUJ3IrZ8AnBn B0dO2w5453eCFXxSfIvAB+eLNCzNBfYb8TnOQ4GftkGnWyWv0rdFip16VK3EEsE1 ilYQnOwLhYVTRWHDT4wnqqNPt5s9H/ZVISvP7f3jfFvpbMrpi9gRHLjp0yl7Vjjr /eqfXxbaKqYGUZ3l7np5ul36T3IWl9bF -----END CERTIFICATE-----Generated at Sat Aug 23 21:23:21 2025 by rpki-client