$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft File: qkHKgdI-9YhhkyqtErMWkNvPEAM.mft (raw, json) Hash identifier: FBi65EX03Bvx9MecU+8YOIs76SCg8yhs03BNNc8W5mo= Subject key identifier: 35:01:13:17:76:71:BA:F3:B1:C7:BA:31:4D:E1:C5:FE:E5:88:DB:56 Authority key identifier: AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 Certificate issuer: /CN=A91A5744/serialNumber=AA41CA81D23EF58861932AAD12B31690DBCF1003 Certificate serial: 0C8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft Manifest number: 0C86 Signing time: Sat 18 Oct 2025 19:05:06 +0000 Manifest this update: Sat 18 Oct 2025 19:05:06 +0000 Manifest next update: Sat 25 Oct 2025 19:05:06 +0000 Files and hashes: 1: qkHKgdI-9YhhkyqtErMWkNvPEAM.crl (hash: 3xW8BcQYPd9mofQGj9QPF2HEMl58QohhSDbJY4kRJ/o=) 2: 220DBB66054011EA90A20C7EC4F9AE02.roa (hash: l5CGLlauMb+Ni/lNc+v9jsE4+D1HZp9e9rAFpWt3fHE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:05:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3211 (0xc8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5744, serialNumber=AA41CA81D23EF58861932AAD12B31690DBCF1003 Validity Not Before: Oct 18 19:05:06 2025 GMT Not After : Oct 25 19:05:06 2025 GMT Subject: CN=68f3e4e2-08ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:80:72:17:da:b9:08:56:3c:f0:e2:86:62:e8: 3c:ee:e9:19:96:03:28:5c:83:33:ac:f5:87:5b:bb: 1b:8b:5d:0b:56:34:5d:2c:3d:77:5c:52:d4:f4:f6: f1:1b:73:0f:10:e4:76:fe:04:be:82:e1:79:0a:96: f7:26:74:83:12:41:30:51:71:4f:20:18:01:87:72: 5f:cb:69:80:d4:06:fe:80:0b:72:df:59:3f:a4:d6: 31:ad:89:06:9a:7b:54:05:43:f4:db:46:67:6d:fc: e0:55:4f:6d:38:43:1c:1d:86:41:3b:04:fd:3a:bb: 27:47:b2:1a:be:c3:6a:2b:11:6a:2e:9b:6c:89:93: 0c:a8:6d:5b:e3:a0:6d:ff:17:26:5b:b5:ac:75:0b: 44:ae:2a:2e:bb:6b:f2:45:bb:1f:94:71:5d:70:f8: 72:d7:f3:9a:59:16:4f:25:f6:ee:b7:90:6b:c0:38: 40:f0:5c:7e:6b:1c:3c:7e:a5:16:14:a5:3c:aa:4c: c0:2c:ac:86:95:79:c8:01:65:f1:39:a0:9a:cb:1a: 9c:05:26:39:4e:90:c5:53:2c:72:27:6c:4c:0c:c1: 95:96:8f:d2:88:10:eb:b2:f1:e6:18:03:18:ab:ff: 5e:ba:29:68:5e:06:ea:4d:d7:09:c9:47:70:ad:e5: c7:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:01:13:17:76:71:BA:F3:B1:C7:BA:31:4D:E1:C5:FE:E5:88:DB:56 X509v3 Authority Key Identifier: keyid:AA:41:CA:81:D2:3E:F5:88:61:93:2A:AD:12:B3:16:90:DB:CF:10:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkHKgdI-9YhhkyqtErMWkNvPEAM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5744/397F6CD4052E11EA9D314145C4F9AE02/qkHKgdI-9YhhkyqtErMWkNvPEAM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:b4:58:c5:c2:eb:dd:74:de:11:c3:44:00:8b:3d:42:a4:10: 9b:f9:3e:fd:03:28:93:22:1e:71:5c:cc:90:da:44:72:97:c7: 32:d2:6d:f4:62:0b:45:90:77:f0:42:f6:eb:37:be:d7:44:28: 06:68:79:0c:85:2d:97:60:b5:9e:04:4d:a6:b1:bc:a1:87:f3: 39:aa:1f:30:d8:fc:67:5d:ad:84:ab:b1:a5:e4:ab:ce:a8:05: f3:f5:96:a4:23:8f:86:56:df:03:d0:77:13:27:88:ea:a4:f0: 8a:12:ba:97:92:62:20:44:dd:fb:ee:63:8c:cd:df:14:4f:51: f6:7d:04:64:7e:73:6b:67:8a:49:d4:bb:24:7d:c5:bf:a5:c0: bc:df:b5:a4:80:e6:5f:00:d9:8d:a3:44:cf:03:cd:01:a5:a9: 4b:97:f5:a2:d7:3b:c1:4b:7e:3e:59:f8:cd:a5:10:7f:72:8e: b8:8c:ab:6d:ea:fe:e8:8c:b5:fb:4d:a6:1b:34:3e:e9:ff:c1: 16:bc:33:73:7a:7a:12:0b:2d:c8:af:26:49:b3:70:8f:e7:0e: 31:78:45:b9:b2:4a:6c:c1:c2:bb:82:77:65:49:aa:0b:5f:78: fb:c8:a2:8f:47:d5:ac:43:13:93:7e:83:9c:83:77:2a:19:7d: 96:e9:ed:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU3NDQxMTAvBgNVBAUTKEFBNDFDQTgxRDIzRUY1ODg2MTkzMkFBRDEyQjMxNjkw REJDRjEwMDMwHhcNMjUxMDE4MTkwNTA2WhcNMjUxMDI1MTkwNTA2WjAYMRYwFAYD VQQDEw02OGYzZTRlMi0wOGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6IByF9q5CFY88OKGYug87ukZlgMoXIMzrPWHW7sbi10LVjRdLD13XFLU9Pbx G3MPEOR2/gS+guF5Cpb3JnSDEkEwUXFPIBgBh3Jfy2mA1Ab+gAty31k/pNYxrYkG mntUBUP020ZnbfzgVU9tOEMcHYZBOwT9OrsnR7IavsNqKxFqLptsiZMMqG1b46Bt /xcmW7WsdQtEriouu2vyRbsflHFdcPhy1/OaWRZPJfbut5BrwDhA8Fx+axw8fqUW FKU8qkzALKyGlXnIAWXxOaCayxqcBSY5TpDFUyxyJ2xMDMGVlo/SiBDrsvHmGAMY q/9euiloXgbqTdcJyUdwreXHmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDUBExd2 cbrzsce6MU3hxf7liNtWMB8GA1UdIwQYMBaAFKpByoHSPvWIYZMqrRKzFpDbzxAD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTc0NC8zOTdGNkNENDA1 MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZaGhreXF0RXJNV2tOdlBF QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FrSEtnZEktOVloaGt5cXRFck1Xa052UEVBTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTc0NC8zOTdGNkNENDA1MkUxMUVBOUQzMTQxNDVDNEY5QUUwMi9xa0hLZ2RJLTlZ aGhreXF0RXJNV2tOdlBFQU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhtFjFwuvddN4Rw0QAiz1CpBCb+T79AyiTIh5xXMyQ2kRyl8cy0m30 YgtFkHfwQvbrN77XRCgGaHkMhS2XYLWeBE2msbyhh/M5qh8w2PxnXa2Eq7Gl5KvO qAXz9ZakI4+GVt8D0HcTJ4jqpPCKErqXkmIgRN377mOMzd8UT1H2fQRkfnNrZ4pJ 1LskfcW/pcC837WkgOZfANmNo0TPA80BpalLl/Wi1zvBS34+WfjNpRB/co64jKtt 6v7ojLX7TaYbND7p/8EWvDNzenoSCy3IryZJs3CP5w4xeEW5skpswcK7gndlSaoL X3j7yKKPR9WsQxOTfoOcg3cqGX2W6e35 -----END CERTIFICATE-----Generated at Mon Oct 20 14:03:39 2025 by rpki-client