$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: SqquZOPKew5GAAkz/OZPeHNSgRneBeKMGfnoMU64haM= Subject key identifier: 2E:C8:5C:16:4C:0F:B5:66:07:BA:84:E6:E9:BE:0F:C8:5D:C4:25:26 Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 24 Signing time: Sat 23 Aug 2025 08:05:10 +0000 Manifest this update: Sat 23 Aug 2025 08:05:10 +0000 Manifest next update: Sat 30 Aug 2025 08:05:10 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: i2NprnIIu8gsRTyzJbZ/DwbtbpETJefkJt4Sr3N91h8=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 6vL95HASIeMq5sE95QjJyODMvxYaOtsSaHmjFpdm+bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Aug 23 08:05:10 2025 GMT Not After : Aug 30 08:05:10 2025 GMT Subject: CN=68a97636-c1b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:82:7f:e0:52:b4:88:17:db:ae:1e:5c:de:48: 0f:e3:65:67:4d:4f:5e:ff:96:df:e7:50:f4:a0:4f: 6b:5b:0c:11:41:b0:d2:8e:d2:75:99:ec:35:93:4d: a2:ab:d8:fc:72:70:49:dd:01:e0:54:fb:bf:d6:5b: 57:4d:cb:62:ab:89:58:d9:6a:b9:30:6e:a7:77:b8: 24:8f:0d:ab:1b:86:8a:d3:75:48:a3:85:c4:08:bf: d7:56:06:b4:ea:52:81:19:84:e5:31:9d:d0:b7:ec: 12:20:38:04:9f:a2:46:90:f2:2c:b2:1e:b9:9a:ab: 4c:43:3f:34:90:44:85:71:fe:b5:72:8f:79:b1:91: 90:ff:90:58:f4:90:8d:e7:4f:d4:73:aa:ef:bd:ee: 7b:e4:da:fd:a6:03:5d:45:c1:29:6f:a0:fb:14:05: d4:07:15:85:41:97:01:e6:26:e3:19:24:df:97:93: c6:ff:99:55:b7:05:a5:5e:4f:49:32:c2:be:25:a2: 62:7c:01:b4:96:17:8d:1f:54:5f:43:1f:0f:27:06: 48:6a:4e:57:bc:59:2f:81:1b:a0:35:e5:87:b9:60: 6d:33:cf:d7:31:19:13:cf:cd:a9:ca:98:7f:ad:ae: 68:24:25:db:c6:8c:02:9a:8f:17:fd:a8:15:3a:2a: 50:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C8:5C:16:4C:0F:B5:66:07:BA:84:E6:E9:BE:0F:C8:5D:C4:25:26 X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:72:c2:ac:ab:a5:1b:6a:1b:ee:b6:86:0e:32:f2:08:a8:cf: 02:bc:04:c5:07:67:f3:bf:49:4f:3e:e0:0a:49:23:74:7c:08: 99:56:c6:bc:f6:e4:1d:25:98:17:94:1c:a0:e6:bd:56:2c:1d: f8:6f:42:35:3a:13:46:64:83:15:ae:ca:7f:9e:79:9c:24:d4: 33:cc:87:1f:f5:5c:ab:e8:4d:19:d0:89:5a:aa:b0:7b:a3:f1: e7:d3:48:b2:75:b0:7f:ab:df:24:80:fe:34:07:36:48:7c:c4: 6d:31:53:27:88:82:a1:5c:8c:2a:1b:00:bf:6f:a0:3e:ad:1d: 25:02:0e:23:27:44:c7:83:75:dc:79:e6:46:30:0b:04:d5:cd: f7:bb:ec:01:1b:82:81:d6:ca:73:4b:39:fd:f6:ce:41:87:2f: a6:1a:36:0c:c5:8d:1b:a7:60:e2:81:d3:28:26:11:81:fb:38: 43:8b:70:a9:ec:d9:6c:10:b2:ec:b6:8c:37:81:9f:95:c0:08: e3:26:77:57:de:be:7d:9a:33:24:d0:df:e7:8d:ef:ca:e2:53: 51:bd:2e:4b:d5:1c:0b:22:e9:f9:c4:8a:0b:6b:49:31:14:18: 05:69:ad:37:8d:73:95:85:e2:d5:d2:bb:09:eb:df:c8:1f:cf: a9:0b:c8:bd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTA4MjMwODA1MTBaFw0yNTA4MzAwODA1MTBaMBgxFjAUBgNV BAMTDTY4YTk3NjM2LWMxYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGgn/gUrSIF9uuHlzeSA/jZWdNT17/lt/nUPSgT2tbDBFBsNKO0nWZ7DWTTaKr 2PxycEndAeBU+7/WW1dNy2KriVjZarkwbqd3uCSPDasbhorTdUijhcQIv9dWBrTq UoEZhOUxndC37BIgOASfokaQ8iyyHrmaq0xDPzSQRIVx/rVyj3mxkZD/kFj0kI3n T9Rzqu+97nvk2v2mA11FwSlvoPsUBdQHFYVBlwHmJuMZJN+Xk8b/mVW3BaVeT0ky wr4lomJ8AbSWF40fVF9DHw8nBkhqTle8WS+BG6A15Ye5YG0zz9cxGRPPzanKmH+t rmgkJdvGjAKajxf9qBU6KlDRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULshcFkwP tWYHuoTm6b4PyF3EJSYwHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADBywqyrpRtqG+62hg4y8giozwK8BMUHZ/O/SU8+4ApJI3R8CJlWxrz2 5B0lmBeUHKDmvVYsHfhvQjU6E0ZkgxWuyn+eeZwk1DPMhx/1XKvoTRnQiVqqsHuj 8efTSLJ1sH+r3ySA/jQHNkh8xG0xUyeIgqFcjCobAL9voD6tHSUCDiMnRMeDddx5 5kYwCwTVzfe77AEbgoHWynNLOf32zkGHL6YaNgzFjRunYOKB0ygmEYH7OEOLcKns 2WwQsuy2jDeBn5XACOMmd1fevn2aMyTQ3+eN78riU1G9LkvVHAsi6fnEigtrSTEU GAVprTeNc5WF4tXSuwnr38gfz6kLyL0= -----END CERTIFICATE-----Generated at Sat Aug 23 12:50:16 2025 by rpki-client