$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft File: q2JivH0C7BrUi3HamLc9IqNi2vA.mft (raw, json) Hash identifier: pJFM4Zg45BR/IwGQAnD3S22VFaZPENJMlRK3/C/6D/k= Subject key identifier: BA:B0:05:D4:E9:F8:5C:5C:A7:9B:93:D2:8D:C1:25:DE:84:91:75:AF Authority key identifier: AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0 Certificate issuer: /CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0 Certificate serial: 3623 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft Manifest number: 3558 Signing time: Fri 22 Aug 2025 14:29:17 +0000 Manifest this update: Fri 22 Aug 2025 14:29:16 +0000 Manifest next update: Fri 29 Aug 2025 14:29:16 +0000 Files and hashes: 1: q2JivH0C7BrUi3HamLc9IqNi2vA.crl (hash: 2qbdTpbW22k2Jy4tRcxFzxGBC4AlQudVWXM01K6+010=) 2: 4D5247EEA4C911E782854F50C4F9AE02.roa (hash: 0ae8AXI4ti/g7kjicz0FuqIQr5KuRMl+VwlLXivxPFk=) 3: 78123422B0CD11E58B55FC73C4F9AE02.roa (hash: ELjtbDvUJdRIE0OkklMq1ckQ7DJ/Pb2ipSH84CeiKCg=) 4: 7B938024B0CD11E58B55FC73C4F9AE02.roa (hash: 7ydpzn/QoSWEXvjnGZJ1ta2JwlGF9ANK2aScVlru+Tc=) 5: 7F4D30ACB0CD11E58B55FC73C4F9AE02.roa (hash: YwQuCfTd/qrlJSeamxwuUJ+BvQmXE+p3bNmQY1uUsFo=) 6: 4BF67550A4C911E782854F50C4F9AE02.roa (hash: nr6/7CG6oXudz0l6iz2yM+GZu8wisnZlSv+XVHe+5pE=) 7: 7D920C1AB0CD11E58B55FC73C4F9AE02.roa (hash: GEX+sNV+gjoBRlfbvjQXv3uXeYnL4cH1wK1KCC8jYpA=) 8: 9C193BAC08C511EDBC862E48C4F9AE02.roa (hash: 896PbO0EonUimzXSLkBsI3knk6hd3BAHtAyqYKCmbBE=) 9: 816FA9C0B07611EFA5773917C4F9AE02.roa (hash: Pe6tz3jNRPR6gXfsK8tx8lrjl8rvWTB+EFpcz7nsWc8=) 10: 4C9925F2A4C911E782854F50C4F9AE02.roa (hash: R2/SizcxlFy6GiKbWh9BC6IePjx7ZGaL4yUJEBHXwDg=) 11: 8207CCA0906C11EC86E8B711C4F9AE02.roa (hash: /ugniFpN/rGX8I1uxfmMZJryeFfYuWgB3WroPzoi6qU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:29:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13859 (0x3623) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2454, serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0 Validity Not Before: Aug 22 14:29:16 2025 GMT Not After : Aug 29 14:29:16 2025 GMT Subject: CN=68a87ebc-b0ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:83:46:82:57:7f:36:f0:c8:09:d4:8a:dd:6c: 1b:c2:42:a1:56:27:13:a2:ed:21:8d:93:27:4c:a8: a1:c6:37:65:b5:35:d6:e9:0c:0a:70:7f:d8:87:aa: 46:15:64:00:59:4b:0f:ba:a1:26:00:3f:09:0b:bc: 74:c5:92:9f:c9:64:5e:7a:dd:fd:e8:f0:df:fb:a5: b7:bc:0f:3d:8c:e8:59:a6:38:a5:45:7c:a4:88:f7: fa:7b:4a:70:ef:fe:8f:ed:16:02:c8:b7:77:55:26: c6:6b:0a:84:9d:75:4c:b0:20:a2:f4:b5:e0:97:92: dc:e3:2f:44:2f:01:27:c5:9f:aa:8c:26:2a:19:17: 33:ae:f6:cf:43:cd:77:20:52:6e:b4:be:15:24:d1: b4:6b:66:f7:29:75:1a:7e:89:79:a6:d6:b5:1f:ba: 8c:08:a2:16:ee:fa:b9:ea:60:55:6a:1d:4d:67:5b: 19:1a:0b:ef:e0:d3:a9:34:2e:05:9e:95:36:84:b3: e4:0f:23:f4:a3:b2:c3:7b:32:1c:ed:f1:6b:6d:29: 82:3b:85:4d:44:66:f0:90:77:31:c1:de:67:b0:23: 11:52:7f:93:01:e5:38:1f:3e:48:06:f6:af:74:4b: 43:20:6d:38:9d:21:0f:53:18:b8:9e:7d:cf:98:3d: 45:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:B0:05:D4:E9:F8:5C:5C:A7:9B:93:D2:8D:C1:25:DE:84:91:75:AF X509v3 Authority Key Identifier: keyid:AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:60:a4:85:5d:1d:69:ad:b0:50:9e:c6:f1:e7:20:31:8b:03: 4e:3d:01:ab:bf:86:1e:00:68:78:5c:65:76:e5:b9:1e:3c:9a: ce:6c:ee:1a:d4:cb:b5:41:2e:7f:43:03:d5:26:b3:e8:51:bb: 2e:60:f4:e3:bd:3a:5a:7c:ab:68:71:4f:c3:b9:8c:e9:2a:1e: f5:24:15:9b:88:5c:9f:d2:a2:55:72:3a:31:f6:a1:bc:b5:0f: 52:72:5a:28:06:1f:07:a9:32:91:db:25:5c:e6:da:6d:7c:fa: 99:e9:72:a4:a0:73:59:ce:30:f2:d2:9f:62:50:02:90:84:bb: ed:4f:17:3f:0a:5c:b4:fe:63:18:52:7c:0e:dc:88:dd:0b:82: 2f:3f:31:a6:97:42:16:b1:bd:f2:3e:2f:c2:61:b9:fd:c9:21: 79:a0:f1:ea:22:d3:52:b1:42:c3:ce:09:f5:12:f1:15:c1:84: f3:71:60:eb:ce:71:b3:00:5c:23:6c:bf:3d:8c:82:5c:9d:f9: 0e:3f:0c:98:6f:a2:a2:26:fe:be:c9:86:d5:2e:18:e6:a5:9f: 0e:88:be:49:22:4d:1d:25:96:71:df:6f:9e:60:de:7b:d4:b3: 0e:2a:aa:26:54:f3:23:63:94:2e:41:6d:f7:2f:b9:42:25:67: 1d:68:e4:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFEQTk4QjczRDIy QTM2MkRBRjAwHhcNMjUwODIyMTQyOTE2WhcNMjUwODI5MTQyOTE2WjAYMRYwFAYD VQQDEw02OGE4N2ViYy1iMGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArINGgld/NvDICdSK3WwbwkKhVicTou0hjZMnTKihxjdltTXW6QwKcH/Yh6pG FWQAWUsPuqEmAD8JC7x0xZKfyWReet396PDf+6W3vA89jOhZpjilRXykiPf6e0pw 7/6P7RYCyLd3VSbGawqEnXVMsCCi9LXgl5Lc4y9ELwEnxZ+qjCYqGRczrvbPQ813 IFJutL4VJNG0a2b3KXUafol5pta1H7qMCKIW7vq56mBVah1NZ1sZGgvv4NOpNC4F npU2hLPkDyP0o7LDezIc7fFrbSmCO4VNRGbwkHcxwd5nsCMRUn+TAeU4Hz5IBvav dEtDIG04nSEPUxi4nn3PmD1FiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLqwBdTp +Fxcp5uT0o3BJd6EkXWvMB8GA1UdIwQYMBaAFKtiYrx9Auwa1Itx2pi3PSKjYtrw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjQ1NC9ENEMzMEI0MjFE ODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdCclVpM0hhbUxjOUlxTmky dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3EySml2SDBDN0JyVWkzSGFtTGM5SXFOaTJ2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjQ1NC9ENEMzMEI0MjFEODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdC clVpM0hhbUxjOUlxTmkydkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhYKSFXR1prbBQnsbx5yAxiwNOPQGrv4YeAGh4XGV25bkePJrObO4a 1Mu1QS5/QwPVJrPoUbsuYPTjvTpafKtocU/DuYzpKh71JBWbiFyf0qJVcjox9qG8 tQ9SclooBh8HqTKR2yVc5tptfPqZ6XKkoHNZzjDy0p9iUAKQhLvtTxc/Cly0/mMY UnwO3IjdC4IvPzGml0IWsb3yPi/CYbn9ySF5oPHqItNSsULDzgn1EvEVwYTzcWDr znGzAFwjbL89jIJcnfkOPwyYb6KiJv6+yYbVLhjmpZ8OiL5JIk0dJZZx32+eYN57 1LMOKqomVPMjY5QuQW33L7lCJWcdaORD -----END CERTIFICATE-----Generated at Sun Aug 24 04:58:40 2025 by rpki-client