$ rpki-client -vvf rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft File: CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft (raw, json) Hash identifier: 3196eRj+eSd3+K/R+t8jaLxhqJPzutWGM9bNQ7Fomks= Subject key identifier: D9:CD:2D:01:EA:FE:1E:BF:BB:C9:DC:A4:66:2C:5A:30:F8:E3:4A:84 Authority key identifier: 0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10 Certificate issuer: /CN=A9176E1D/serialNumber=0AA6E48328425E124C561C2AC187C8A196247110 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft Manifest number: 40 Signing time: Sun 29 Jun 2025 06:32:29 +0000 Manifest this update: Sun 29 Jun 2025 06:32:28 +0000 Manifest next update: Sun 06 Jul 2025 06:32:28 +0000 Files and hashes: 1: CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl (hash: 6XrWPQuQns0Njgt08jiwq7qh7p2R2U1tdNh3Jv9ZHO8=) 2: 8A5CF8F0FB7411EF83C11685C4F9AE02.roa (hash: gNUxEstcyYM8bAYzOWKSq0siVBhwvrTxTLZTCsVvFik=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 06:32:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9176E1D, serialNumber=0AA6E48328425E124C561C2AC187C8A196247110 Validity Not Before: Jun 29 06:32:28 2025 GMT Not After : Jul 6 06:32:28 2025 GMT Subject: CN=6860ddfd-8e18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bf:9a:c6:62:1d:1c:37:73:50:8d:77:21:58: 4c:96:1c:ad:8e:04:de:72:16:74:63:f1:95:25:24: e1:b6:dc:9a:d8:d4:7a:46:ed:61:ee:69:e4:61:58: 3e:b3:e5:18:3a:84:de:d0:a4:cd:e4:fc:f8:10:8d: e5:00:4a:d5:0e:83:80:65:b8:ac:8b:78:db:dd:e5: d6:12:59:5f:12:83:61:12:53:68:79:b8:e7:93:54: 34:3a:0b:1b:44:bd:d7:46:39:70:4e:bc:53:d8:98: 91:95:a0:69:16:28:0a:bd:05:76:07:f8:fd:7b:87: aa:8a:c0:65:34:aa:71:e6:3a:4f:70:d6:39:a4:eb: 5e:01:9e:3b:8f:93:76:6b:32:10:07:0b:07:52:61: a3:23:f5:f5:5d:9b:01:01:8a:2c:b6:18:08:4d:61: bc:12:48:c5:d7:57:6e:18:38:7b:f1:d6:93:5b:ba: 78:3e:7c:d2:18:20:8b:9e:d1:7f:fd:08:3a:10:83: ce:de:70:1c:9b:95:53:cd:fa:26:95:78:ae:f1:f2: 44:c8:54:a2:c5:87:0e:6c:f9:86:ac:b9:0b:60:46: fc:6c:ae:2d:8a:3e:6b:6b:27:50:e2:3e:bf:f0:c4: 59:14:03:4b:ba:a8:40:99:7c:8c:2a:90:b0:f9:33: 1e:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:CD:2D:01:EA:FE:1E:BF:BB:C9:DC:A4:66:2C:5A:30:F8:E3:4A:84 X509v3 Authority Key Identifier: keyid:0A:A6:E4:83:28:42:5E:12:4C:56:1C:2A:C1:87:C8:A1:96:24:71:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CqbkgyhCXhJMVhwqwYfIoZYkcRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176E1D/FE8835BCF9F011EFB77A8C6EC4F9AE02/CqbkgyhCXhJMVhwqwYfIoZYkcRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:30:67:58:a6:f8:f5:06:dd:f1:b7:d6:12:d2:e4:e9:67:8b: 67:03:74:68:d3:c2:45:4f:67:d5:8c:b8:b9:fc:db:2a:95:25: 07:d4:73:a5:4b:3e:60:93:a3:2c:24:a9:7f:15:54:15:51:62: 18:22:06:b6:cf:43:19:78:1d:83:4e:b9:73:ea:c6:44:65:4d: 08:c0:fc:5c:95:f0:00:a1:ff:f4:f5:10:39:40:37:27:49:ec: 9f:5e:b7:a2:58:57:af:d5:6b:7b:89:bb:0f:54:09:e9:22:9f: cd:32:aa:43:23:81:f2:ba:19:15:5c:82:59:5b:49:62:7b:fd: 34:53:01:63:3d:c8:8f:f2:ec:f1:ed:83:57:8d:b5:6b:7f:31: 80:c8:25:bb:04:41:c0:56:00:d2:6d:3d:80:5c:76:c4:bb:c1: 54:1d:51:48:c4:c8:fa:3d:25:75:1d:1e:4f:7e:9c:29:13:c0: c4:7f:86:65:ad:f6:6a:35:42:88:47:2f:f1:41:77:be:dc:fa: 0a:d2:6e:f5:22:c8:90:fb:0a:9c:19:0f:8f:e3:a4:6b:9c:f3: ed:ac:43:5a:ab:47:f1:e7:4c:4a:87:e9:d7:52:a0:7b:58:42: c2:0f:a1:a8:35:d8:7a:78:a0:c9:5c:98:d7:75:75:9d:44:69: 7a:35:47:4e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NkUxRDExMC8GA1UEBRMoMEFBNkU0ODMyODQyNUUxMjRDNTYxQzJBQzE4N0M4QTE5 NjI0NzExMDAeFw0yNTA2MjkwNjMyMjhaFw0yNTA3MDYwNjMyMjhaMBgxFjAUBgNV BAMTDTY4NjBkZGZkLThlMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDKv5rGYh0cN3NQjXchWEyWHK2OBN5yFnRj8ZUlJOG23JrY1HpG7WHuaeRhWD6z 5Rg6hN7QpM3k/PgQjeUAStUOg4BluKyLeNvd5dYSWV8Sg2ESU2h5uOeTVDQ6CxtE vddGOXBOvFPYmJGVoGkWKAq9BXYH+P17h6qKwGU0qnHmOk9w1jmk614BnjuPk3Zr MhAHCwdSYaMj9fVdmwEBiiy2GAhNYbwSSMXXV24YOHvx1pNbung+fNIYIIue0X/9 CDoQg87ecByblVPN+iaVeK7x8kTIVKLFhw5s+YasuQtgRvxsri2KPmtrJ1DiPr/w xFkUA0u6qECZfIwqkLD5Mx5DAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2c0tAer+ Hr+7ydykZixaMPjjSoQwHwYDVR0jBBgwFoAUCqbkgyhCXhJMVhwqwYfIoZYkcRAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2RTFEL0ZFODgzNUJDRjlG MDExRUZCNzdBOEM2RUM0RjlBRTAyL0NxYmtneWhDWGhKTVZod3F3WWZJb1pZa2NS QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQ3Fia2d5aENYaEpNVmh3cXdZZklvWllrY1JBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2 RTFEL0ZFODgzNUJDRjlGMDExRUZCNzdBOEM2RUM0RjlBRTAyL0NxYmtneWhDWGhK TVZod3F3WWZJb1pZa2NSQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEkwZ1im+PUG3fG31hLS5Olni2cDdGjTwkVPZ9WMuLn82yqVJQfUc6VL PmCToywkqX8VVBVRYhgiBrbPQxl4HYNOuXPqxkRlTQjA/FyV8ACh//T1EDlANydJ 7J9et6JYV6/Va3uJuw9UCekin80yqkMjgfK6GRVcgllbSWJ7/TRTAWM9yI/y7PHt g1eNtWt/MYDIJbsEQcBWANJtPYBcdsS7wVQdUUjEyPo9JXUdHk9+nCkTwMR/hmWt 9mo1QohHL/FBd77c+grSbvUiyJD7CpwZD4/jpGuc8+2sQ1qrR/HnTEqH6ddSoHtY QsIPoag12Hp4oMlcmNd1dZ1EaXo1R04= -----END CERTIFICATE-----Generated at Sun Jun 29 20:22:54 2025 by rpki-client