$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: PVkT6LWIY8SjT29KdfM7jbua2aEhsHdogaRP8Q+jSJ8= Subject key identifier: A6:B0:6E:D1:75:C2:18:6B:9B:B9:5F:3D:D0:4C:7C:2D:92:16:2E:9D Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 41 Signing time: Sun 19 Oct 2025 10:56:06 +0000 Manifest this update: Sun 19 Oct 2025 10:56:06 +0000 Manifest next update: Sun 26 Oct 2025 10:56:06 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: hFvx8eqDwmZxSMWJmARC2hFuOfXDtV254SYmqzh7DI8=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 6vL95HASIeMq5sE95QjJyODMvxYaOtsSaHmjFpdm+bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:56:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Oct 19 10:56:06 2025 GMT Not After : Oct 26 10:56:06 2025 GMT Subject: CN=68f4c3c6-603b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:52:46:73:9e:9d:e8:e6:4e:d1:10:6c:4d:00: 82:73:35:10:9c:74:aa:6a:7d:23:0b:7c:ff:25:bc: 08:33:21:93:b0:83:87:2e:e9:7b:30:f7:00:d3:43: 3e:bb:c6:77:aa:59:d4:ec:a5:e9:db:9d:9a:46:7b: 6e:a8:48:b6:4f:91:75:40:c2:b1:6c:ad:50:22:9b: f6:15:c8:af:89:c9:11:10:53:7c:71:e4:1a:ae:73: d8:6b:d2:c3:74:b6:25:ab:d0:97:11:88:93:f8:f2: 95:26:33:c0:10:b6:9f:45:22:be:51:eb:b7:d2:f5: 9e:bd:34:96:7b:e7:88:3d:54:5f:cb:8b:41:ff:9c: ed:e2:01:cf:03:d3:d3:e5:d5:da:bb:98:24:bb:e7: 88:b0:27:dd:3e:33:51:bf:2c:9d:1e:c3:15:2e:ca: 20:39:c5:6b:5f:d9:70:9e:9b:89:b7:ec:c6:31:d1: 7e:1d:b9:f0:d3:1c:12:30:c9:78:82:65:77:56:3b: 1d:5c:c7:fc:c4:8b:22:90:f1:1b:20:a7:7e:2a:2a: 79:5f:1d:c6:f0:40:05:fb:f7:cf:f2:0d:92:f1:fc: c1:16:94:26:7c:0e:6f:b7:b0:55:db:56:e2:64:9f: 3e:a3:b3:46:c4:54:2e:47:4d:e3:b1:67:04:3f:5f: ed:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:B0:6E:D1:75:C2:18:6B:9B:B9:5F:3D:D0:4C:7C:2D:92:16:2E:9D X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:22:ea:bd:44:16:2a:4b:ab:16:29:57:bd:25:50:71:21:b5: e1:19:4a:27:9c:bf:f7:60:21:56:ba:b6:22:09:5c:c4:e7:78: 02:3e:20:e7:18:ef:86:56:d5:e8:e3:aa:c7:ec:ea:4a:0e:41: 1d:7a:47:59:1c:ab:3d:10:95:64:d2:8d:1a:cf:33:a3:dc:09: 66:4f:0a:59:f0:a4:fb:55:93:34:b6:8c:14:05:82:de:38:2d: c3:6f:b2:19:f1:d1:0f:1d:01:ff:b5:54:e9:97:31:bd:c8:66: 22:ff:c4:93:0f:43:cb:f6:fb:19:dc:55:78:7b:2a:ea:a4:a5: 49:a9:0c:38:2a:a8:54:bd:c8:85:c9:9b:00:6e:b4:7a:43:40: 30:c7:8e:a1:29:c0:0d:69:b1:1c:e9:32:58:bb:f6:88:c5:c7: 30:43:4b:a0:98:b9:d7:c8:aa:d8:c9:b1:1f:5b:d6:4b:b5:4c: ba:a8:c0:0b:1d:86:32:3b:26:e5:c0:a3:d9:72:6b:29:12:34: ff:0f:34:60:a8:80:43:8b:3d:c6:0e:66:42:64:25:c0:42:58: f6:66:9b:76:2f:bb:d8:72:a6:75:02:ae:36:38:ef:ab:12:59: 08:4b:af:77:fa:7f:c8:13:6d:fe:77:8f:86:94:26:4b:e2:d4: 14:46:bf:69 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTEwMTkxMDU2MDZaFw0yNTEwMjYxMDU2MDZaMBgxFjAUBgNV BAMTDTY4ZjRjM2M2LTYwM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDtUkZznp3o5k7REGxNAIJzNRCcdKpqfSMLfP8lvAgzIZOwg4cu6Xsw9wDTQz67 xneqWdTspenbnZpGe26oSLZPkXVAwrFsrVAim/YVyK+JyREQU3xx5Bquc9hr0sN0 tiWr0JcRiJP48pUmM8AQtp9FIr5R67fS9Z69NJZ754g9VF/Li0H/nO3iAc8D09Pl 1dq7mCS754iwJ90+M1G/LJ0ewxUuyiA5xWtf2XCem4m37MYx0X4dufDTHBIwyXiC ZXdWOx1cx/zEiyKQ8Rsgp34qKnlfHcbwQAX798/yDZLx/MEWlCZ8Dm+3sFXbVuJk nz6js0bEVC5HTeOxZwQ/X+1NAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUprBu0XXC GGubuV890Ex8LZIWLp0wHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACgi6r1EFipLqxYpV70lUHEhteEZSiecv/dgIVa6tiIJXMTneAI+IOcY 74ZW1ejjqsfs6koOQR16R1kcqz0QlWTSjRrPM6PcCWZPClnwpPtVkzS2jBQFgt44 LcNvshnx0Q8dAf+1VOmXMb3IZiL/xJMPQ8v2+xncVXh7KuqkpUmpDDgqqFS9yIXJ mwButHpDQDDHjqEpwA1psRzpMli79ojFxzBDS6CYudfIqtjJsR9b1ku1TLqowAsd hjI7JuXAo9lyaykSNP8PNGCogEOLPcYOZkJkJcBCWPZmm3Yvu9hypnUCrjY476sS WQhLr3f6f8gTbf53j4aUJkvi1BRGv2k= -----END CERTIFICATE-----Generated at Tue Oct 21 02:25:32 2025 by rpki-client