$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft File: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft (raw, json) Hash identifier: sDlluldKI4rdmiDMI8pth9sbVe20jwslrIUaUetSwbE= Subject key identifier: 68:7C:EB:70:5B:73:CE:F0:B4:F1:A0:8B:C3:D6:DD:81:D6:9E:F9:14 Authority key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 Certificate issuer: /CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Certificate serial: 12B8 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft Manifest number: 4783 Signing time: Fri 22 Aug 2025 14:21:22 +0000 Manifest this update: Fri 22 Aug 2025 14:21:22 +0000 Manifest next update: Fri 29 Aug 2025 14:21:22 +0000 Files and hashes: 1: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl (hash: Kc+/KD+2wwvIJ9W2H2bYaMTwl/lhNYHRfSm/rLI0p+E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:21:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4792 (0x12b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458 Validity Not Before: Aug 22 14:21:22 2025 GMT Not After : Aug 29 14:21:22 2025 GMT Subject: CN=68a87ce2-4023 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:46:14:a4:c3:43:fa:73:79:50:42:b8:43:9e: 52:55:c7:af:12:e2:d5:db:33:05:69:e8:30:18:96: 49:2a:58:0f:8e:6b:28:56:dc:3b:68:26:f9:27:30: 39:b8:b6:5d:ec:8d:97:ca:3b:47:f5:97:6f:9d:8b: 7b:36:a4:60:16:e2:9b:84:59:91:1f:25:5c:53:e8: ad:11:72:31:59:1c:ac:f8:e2:4d:fa:61:e5:1f:50: 66:b7:43:0b:02:f3:f6:7a:dc:cc:b8:ca:fe:01:b3: 63:cf:d9:1f:fe:cb:51:4a:71:25:84:3c:25:db:a5: 98:c0:55:2c:89:a2:9c:d3:46:fc:60:14:88:3b:3b: 8f:15:fb:d6:0a:ca:33:60:00:7a:96:47:03:23:9d: 5b:05:ee:b6:5a:26:24:99:70:a5:37:9a:de:f7:d7: b8:a8:84:0d:7a:5e:cd:93:dd:a4:ac:4a:30:8b:83: 75:9a:7b:ee:2c:1d:ff:d9:7c:e5:a1:68:2a:72:e5: 4e:92:af:ac:24:03:8c:ee:c0:0c:e6:7b:2a:37:cb: d6:19:98:ae:e9:b8:54:ad:8b:a8:ff:8d:af:82:cd: a9:8e:b1:67:c8:90:9e:e9:91:b3:f3:52:f7:31:8b: f4:85:31:c9:75:78:c8:88:8d:9f:76:15:3b:04:39: 01:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7C:EB:70:5B:73:CE:F0:B4:F1:A0:8B:C3:D6:DD:81:D6:9E:F9:14 X509v3 Authority Key Identifier: keyid:41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:0c:dc:fc:ca:4b:df:b5:f9:f3:aa:39:54:56:0e:33:d1:68: 64:ec:21:f2:b3:fc:61:79:c5:19:41:9c:51:ab:7b:d6:74:4d: bf:3e:71:8f:40:30:1a:55:9b:20:90:d3:a4:fb:27:74:97:f1: dd:d1:d6:cd:7c:ae:be:a9:10:f1:63:fb:fa:2c:13:db:49:9c: b9:f3:27:33:51:36:11:5a:a0:b1:f9:6c:ae:f1:0c:be:34:18: 74:61:ff:7a:9a:c8:f0:5f:b4:04:8f:5b:5f:8f:8c:16:5d:0a: 65:78:bd:7a:32:22:24:21:21:99:dc:63:ca:2f:8b:44:58:45: 34:06:5f:0c:8b:62:ba:ce:c7:03:06:e7:7a:f2:ff:e6:12:52: 35:9f:a1:1f:13:6b:5f:61:98:4e:14:f7:7b:a6:32:48:8f:13: 33:e0:be:5e:95:1c:07:39:06:6c:a2:70:0f:6e:29:7b:88:ac: 8a:c5:ba:a1:86:3d:67:e9:6c:e3:6d:b3:83:ec:e9:9b:6a:91: 9d:f3:4e:26:e3:5c:80:06:a0:77:57:e0:6f:fc:08:47:8d:b5: 99:fb:ff:71:d9:1c:fd:43:df:1d:58:38:0d:6e:2a:6e:3e:8a: 64:bb:6f:26:14:67:c8:07:f0:00:45:8a:38:17:6f:77:82:57: 63:85:58:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICErgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTVENjExMTAvBgNVBAUTKDQxNkQ2Q0Q2MDM5MEZCN0M5NkVENzlENzhDRTc2RjU0 QUZDRjQ0NTgwHhcNMjUwODIyMTQyMTIyWhcNMjUwODI5MTQyMTIyWjAYMRYwFAYD VQQDEw02OGE4N2NlMi00MDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw0YUpMND+nN5UEK4Q55SVcevEuLV2zMFaegwGJZJKlgPjmsoVtw7aCb5JzA5 uLZd7I2XyjtH9ZdvnYt7NqRgFuKbhFmRHyVcU+itEXIxWRys+OJN+mHlH1Bmt0ML AvP2etzMuMr+AbNjz9kf/stRSnElhDwl26WYwFUsiaKc00b8YBSIOzuPFfvWCsoz YAB6lkcDI51bBe62WiYkmXClN5re99e4qIQNel7Nk92krEowi4N1mnvuLB3/2Xzl oWgqcuVOkq+sJAOM7sAM5nsqN8vWGZiu6bhUrYuo/42vgs2pjrFnyJCe6ZGz81L3 MYv0hTHJdXjIiI2fdhU7BDkBZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGh863Bb c87wtPGgi8PW3YHWnvkUMB8GA1UdIwQYMBaAFEFtbNYDkPt8lu1514znb1Svz0RY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQ2MS8yQTdDN0Q5ODFE NzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0zeVc3WG5Yak9kdlZLX1BS RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1FXMXMxZ09RLTN5VzdYblhqT2R2VktfUFJGZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NUQ2MS8yQTdDN0Q5ODFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0z eVc3WG5Yak9kdlZLX1BSRmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZDNz8ykvftfnzqjlUVg4z0Whk7CHys/xhecUZQZxRq3vWdE2/PnGP QDAaVZsgkNOk+yd0l/Hd0dbNfK6+qRDxY/v6LBPbSZy58yczUTYRWqCx+Wyu8Qy+ NBh0Yf96msjwX7QEj1tfj4wWXQpleL16MiIkISGZ3GPKL4tEWEU0Bl8Mi2K6zscD Bud68v/mElI1n6EfE2tfYZhOFPd7pjJIjxMz4L5elRwHOQZsonAPbil7iKyKxbqh hj1n6WzjbbOD7OmbapGd804m41yABqB3V+Bv/AhHjbWZ+/9x2Rz9Q98dWDgNbipu Popku28mFGfIB/AARYo4F293gldjhVgn -----END CERTIFICATE-----Generated at Sun Aug 24 06:25:02 2025 by rpki-client