$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft File: q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft (raw, json) Hash identifier: KwwSRn+6vTkK6dYC6h4ORMCyR/MWI8zkPTvYFnyLA5U= Subject key identifier: FC:C5:FB:BF:C7:34:C0:E9:E2:8B:DB:5B:BD:C3:56:55:CE:21:D2:B3 Authority key identifier: AB:53:D9:92:81:02:B9:19:DB:7C:54:65:C8:DD:5F:F2:66:74:43:B3 Certificate issuer: /CN=A91C7E5B/serialNumber=AB53D9928102B919DB7C5465C8DD5FF2667443B3 Certificate serial: 2F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft Manifest number: 2E Signing time: Sat 23 Aug 2025 07:56:40 +0000 Manifest this update: Sat 23 Aug 2025 07:56:40 +0000 Manifest next update: Sat 30 Aug 2025 07:56:40 +0000 Files and hashes: 1: q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl (hash: qz91EsYQ4tIWnrMSnAjMbddYAGroNhX9LHZgpR/18nc=) 2: 765A9AEC3C6F11F0A83E954EC4F9AE02.roa (hash: 1LK4ltfDfUObnmcEpgqLd5X9zDYVgPh3Q6BVcaMlN3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7E5B, serialNumber=AB53D9928102B919DB7C5465C8DD5FF2667443B3 Validity Not Before: Aug 23 07:56:40 2025 GMT Not After : Aug 30 07:56:40 2025 GMT Subject: CN=68a97438-b776 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7f:65:16:91:a4:5d:e3:00:90:ee:ce:90:2a: be:ee:32:69:23:3e:65:2a:b2:28:8b:ac:4a:71:e2: 71:31:44:0f:28:81:9a:6e:bf:94:42:35:28:01:38: a2:86:4f:ef:ed:29:64:be:6b:6f:8d:4c:33:90:3a: 4c:66:d4:c4:22:ed:7a:22:9d:f0:c8:49:ff:5b:1f: 77:99:42:81:ee:95:36:ee:0b:42:b7:70:2d:a4:85: bf:b4:97:b9:26:65:d1:f8:66:90:f4:75:8d:82:c3: 2e:41:42:b8:cb:0e:f9:c3:65:65:6b:3b:32:ad:9d: 41:51:3a:ba:c1:ae:57:0e:1c:eb:5c:79:6d:93:41: 9d:b2:31:cf:95:c7:ed:62:ce:76:52:b3:7f:cd:fa: 0d:37:5b:f7:5a:98:1f:6e:f2:d7:37:5b:84:61:92: 54:1f:27:1f:48:27:79:d5:35:3d:be:b5:83:ba:bf: d4:f1:de:b2:6b:b7:5d:26:96:11:bb:83:63:72:f5: d5:b5:47:ae:f2:e6:c3:7d:86:f3:b0:8a:a7:f0:ff: 82:47:20:f8:c6:72:79:f8:95:ec:a7:74:5a:2e:36: f4:c2:3b:c3:b4:81:ef:21:65:ad:6d:fd:19:bc:d9: 76:dc:6c:af:64:8b:2b:11:5e:a2:cc:fb:5f:10:c8: c9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:C5:FB:BF:C7:34:C0:E9:E2:8B:DB:5B:BD:C3:56:55:CE:21:D2:B3 X509v3 Authority Key Identifier: keyid:AB:53:D9:92:81:02:B9:19:DB:7C:54:65:C8:DD:5F:F2:66:74:43:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7E5B/D84E7BF23C6E11F09D76A24DC4F9AE02/q1PZkoECuRnbfFRlyN1f8mZ0Q7M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:88:cf:70:88:5b:a0:81:b1:fb:f1:4d:c1:33:82:1f:dd:c6: 4b:cf:0d:0c:11:f8:a6:62:a3:fb:3b:0e:48:e5:c7:28:e2:be: 58:32:b8:b2:5c:a8:f4:d5:dc:69:c1:e9:de:ea:3c:98:34:d3: dd:2c:83:ee:17:e4:fb:78:2e:f8:0e:60:f3:6b:8c:2f:b5:f8: 84:e4:60:b6:2f:df:43:93:62:2c:a9:b7:58:10:ea:f3:c9:d6: 21:30:7b:ca:c6:e4:5e:7a:c9:bf:79:af:d1:f8:2b:40:b1:b4: 6b:0d:96:b3:9d:bf:de:fc:2c:b3:0e:48:a9:2c:46:63:a6:46: 1e:4c:99:d3:84:16:ff:95:c1:21:7d:5b:b8:c0:a6:54:0e:3a: 84:86:8b:c8:f7:9a:06:af:d5:37:34:e3:f7:9f:65:9a:57:3c: 2f:1f:4f:ab:01:11:c2:f4:44:95:a7:f7:ce:71:aa:9e:1d:6e: 8c:3c:ed:1d:ec:e4:1b:5c:2c:bd:09:37:ee:ee:f7:fb:ff:8a: 44:e0:ee:7f:a7:ca:ad:55:0e:eb:94:81:9a:63:b0:a0:4d:d8: aa:ba:4f:f9:66:ef:1a:98:f4:ae:0b:de:4e:cc:4d:b0:f9:34: 27:43:21:13:f9:af:27:42:a6:b0:12:1a:9f:66:a1:19:2c:82: 4f:d5:f5:66 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0U1QjExMC8GA1UEBRMoQUI1M0Q5OTI4MTAyQjkxOURCN0M1NDY1QzhERDVGRjI2 Njc0NDNCMzAeFw0yNTA4MjMwNzU2NDBaFw0yNTA4MzAwNzU2NDBaMBgxFjAUBgNV BAMTDTY4YTk3NDM4LWI3NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9f2UWkaRd4wCQ7s6QKr7uMmkjPmUqsiiLrEpx4nExRA8ogZpuv5RCNSgBOKKG T+/tKWS+a2+NTDOQOkxm1MQi7XoinfDISf9bH3eZQoHulTbuC0K3cC2khb+0l7km ZdH4ZpD0dY2Cwy5BQrjLDvnDZWVrOzKtnUFROrrBrlcOHOtceW2TQZ2yMc+Vx+1i znZSs3/N+g03W/damB9u8tc3W4RhklQfJx9IJ3nVNT2+tYO6v9Tx3rJrt10mlhG7 g2Ny9dW1R67y5sN9hvOwiqfw/4JHIPjGcnn4leyndFouNvTCO8O0ge8hZa1t/Rm8 2XbcbK9kiysRXqLM+18QyMnHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/MX7v8c0 wOnii9tbvcNWVc4h0rMwHwYDVR0jBBgwFoAUq1PZkoECuRnbfFRlyN1f8mZ0Q7Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3RTVCL0Q4NEU3QkYyM0M2 RTExRjA5RDc2QTI0REM0RjlBRTAyL3ExUFprb0VDdVJuYmZGUmx5TjFmOG1aMFE3 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcTFQWmtvRUN1Um5iZkZSbHlOMWY4bVowUTdNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 RTVCL0Q4NEU3QkYyM0M2RTExRjA5RDc2QTI0REM0RjlBRTAyL3ExUFprb0VDdVJu YmZGUmx5TjFmOG1aMFE3TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAESIz3CIW6CBsfvxTcEzgh/dxkvPDQwR+KZio/s7DkjlxyjivlgyuLJc qPTV3GnB6d7qPJg0090sg+4X5Pt4LvgOYPNrjC+1+ITkYLYv30OTYiypt1gQ6vPJ 1iEwe8rG5F56yb95r9H4K0CxtGsNlrOdv978LLMOSKksRmOmRh5MmdOEFv+VwSF9 W7jAplQOOoSGi8j3mgav1Tc04/efZZpXPC8fT6sBEcL0RJWn985xqp4dbow87R3s 5BtcLL0JN+7u9/v/ikTg7n+nyq1VDuuUgZpjsKBN2Kq6T/lm7xqY9K4L3k7MTbD5 NCdDIRP5rydCprASGp9moRksgk/V9WY= -----END CERTIFICATE-----Generated at Sat Aug 23 10:24:38 2025 by rpki-client