$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft File: QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft (raw, json) Hash identifier: XyYN1jkAI+C5Tq3hLLhYtGfYpTNlMtaAnbrojcFK0yw= Subject key identifier: 21:6B:5D:E8:D8:88:9C:F1:6A:D2:9E:93:97:B0:67:20:5E:CE:E4:A5 Authority key identifier: 41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C Certificate issuer: /CN=A91EC8C9/serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Certificate serial: 03DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft Manifest number: 03D7 Signing time: Sat 23 Aug 2025 00:49:01 +0000 Manifest this update: Sat 23 Aug 2025 00:49:01 +0000 Manifest next update: Sat 30 Aug 2025 00:49:01 +0000 Files and hashes: 1: QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl (hash: rpEt/ZE3yCOXNpgMUbRfUo9b6TsQwUbGkrsi6Vng8M8=) 2: FFDA736894CB11ECA827746DC4F9AE02.roa (hash: pj2LnVj5JMKgQoW/CIO4SmTNgNuQfByzQiOUhiNM/dY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 988 (0x3dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC8C9, serialNumber=4123AC2EC069D2EF27201F4DBCAAC6C19121902C Validity Not Before: Aug 23 00:49:01 2025 GMT Not After : Aug 30 00:49:01 2025 GMT Subject: CN=68a90ffd-109a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:35:07:5f:69:3e:8c:3d:0b:48:e0:7f:b4:36: 69:78:0b:c6:9e:6e:cf:98:09:19:97:9f:96:72:cd: c9:9c:86:e3:9c:4d:13:2c:aa:66:e9:f6:95:1d:a8: 50:5d:26:1c:d2:d1:e3:20:ac:0f:e3:ad:bf:3e:77: c5:5d:fc:f2:15:04:64:9d:95:93:f2:4e:87:39:38: 82:4b:c1:e4:99:21:6c:96:9e:ef:11:a3:84:88:64: 66:ee:de:b4:e3:ed:51:eb:64:75:c2:d5:27:6b:43: 3e:03:44:99:4a:ed:73:31:fe:96:64:b3:e4:57:3b: 92:0c:dd:0d:93:81:04:4d:09:35:4e:95:89:fe:a5: 5d:0c:17:b8:00:e4:b9:78:af:1a:3a:a0:8d:34:40: d9:af:52:c9:87:be:cd:42:4b:8c:08:dd:df:92:54: ae:8a:ee:3a:2f:fa:50:50:07:be:ac:da:d9:9e:14: ee:a6:49:e9:fc:7b:36:fd:6b:76:81:eb:7f:b0:f7: 29:18:7a:a2:e5:41:c1:48:c2:97:45:a6:86:90:d8: 37:35:bf:e9:ee:36:f1:ef:70:c9:be:4f:9d:bb:a2: 20:21:3b:d8:4b:cd:0a:c9:7a:1d:79:02:4b:64:89: d8:bb:94:4d:92:d3:18:ab:bf:53:d1:f9:79:4b:b5: 31:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:6B:5D:E8:D8:88:9C:F1:6A:D2:9E:93:97:B0:67:20:5E:CE:E4:A5 X509v3 Authority Key Identifier: keyid:41:23:AC:2E:C0:69:D2:EF:27:20:1F:4D:BC:AA:C6:C1:91:21:90:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSOsLsBp0u8nIB9NvKrGwZEhkCw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC8C9/738DDFC494C811EC95CB9765C4F9AE02/QSOsLsBp0u8nIB9NvKrGwZEhkCw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:64:16:2f:3f:2d:14:2c:bf:c4:b6:4f:6d:ea:76:b4:d8:cc: 4e:21:e1:51:1d:fc:47:97:82:40:44:a2:14:0a:0f:c9:5a:5e: 67:4f:92:af:d0:e8:08:49:d5:fb:8c:85:c6:d8:b4:27:c3:c0: de:11:1e:9b:53:08:fb:e4:6a:b6:7e:04:c1:14:f4:fa:46:35: b6:a6:59:ad:10:da:42:a6:fb:ac:94:3c:8d:97:4c:d4:9f:99: f0:c1:be:1d:ac:31:7a:b7:bc:23:7b:7a:ab:e2:03:4e:ac:bc: 3c:a2:86:66:fc:a6:ac:1e:ff:37:2f:28:b9:88:72:8e:29:46: a7:62:54:0f:c4:af:34:03:24:2f:22:a2:57:ec:8d:66:a9:fe: 9b:3c:ef:8a:87:9a:47:cc:35:c8:5d:4b:0c:14:0f:a6:a5:a4: 24:34:dd:c0:f5:9e:81:64:00:16:80:00:17:a0:fe:f0:ea:f0: eb:46:9b:fd:78:92:40:21:f9:aa:93:11:57:2d:5b:f6:43:eb: bb:77:d7:ed:84:1d:dc:fa:7e:ef:8e:fa:b6:e3:10:cd:f2:f3: 60:7b:3f:05:26:fb:c2:a8:1d:0e:3d:6d:b8:2a:98:2d:35:d0: e6:c7:1e:1e:b1:55:58:cf:4b:0b:02:70:88:a1:86:95:62:d3: b7:31:6f:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM4QzkxMTAvBgNVBAUTKDQxMjNBQzJFQzA2OUQyRUYyNzIwMUY0REJDQUFDNkMx OTEyMTkwMkMwHhcNMjUwODIzMDA0OTAxWhcNMjUwODMwMDA0OTAxWjAYMRYwFAYD VQQDEw02OGE5MGZmZC0xMDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoTUHX2k+jD0LSOB/tDZpeAvGnm7PmAkZl5+Wcs3JnIbjnE0TLKpm6faVHahQ XSYc0tHjIKwP462/PnfFXfzyFQRknZWT8k6HOTiCS8HkmSFslp7vEaOEiGRm7t60 4+1R62R1wtUna0M+A0SZSu1zMf6WZLPkVzuSDN0Nk4EETQk1TpWJ/qVdDBe4AOS5 eK8aOqCNNEDZr1LJh77NQkuMCN3fklSuiu46L/pQUAe+rNrZnhTupknp/Hs2/Wt2 get/sPcpGHqi5UHBSMKXRaaGkNg3Nb/p7jbx73DJvk+du6IgITvYS80KyXodeQJL ZInYu5RNktMYq79T0fl5S7UxewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFrXejY iJzxatKek5ewZyBezuSlMB8GA1UdIwQYMBaAFEEjrC7AadLvJyAfTbyqxsGRIZAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzhDOS83MzhEREZDNDk0 QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1OG5JQjlOdktyR3daRWhr Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FTT3NMc0JwMHU4bklCOU52S3JHd1pFaGtDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzhDOS83MzhEREZDNDk0QzgxMUVDOTVDQjk3NjVDNEY5QUUwMi9RU09zTHNCcDB1 OG5JQjlOdktyR3daRWhrQ3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKZBYvPy0ULL/Etk9t6na02MxOIeFRHfxHl4JARKIUCg/JWl5nT5Kv 0OgISdX7jIXG2LQnw8DeER6bUwj75Gq2fgTBFPT6RjW2plmtENpCpvuslDyNl0zU n5nwwb4drDF6t7wje3qr4gNOrLw8ooZm/KasHv83Lyi5iHKOKUanYlQPxK80AyQv IqJX7I1mqf6bPO+Kh5pHzDXIXUsMFA+mpaQkNN3A9Z6BZAAWgAAXoP7w6vDrRpv9 eJJAIfmqkxFXLVv2Q+u7d9fthB3c+n7vjvq24xDN8vNgez8FJvvCqB0OPW24Kpgt NdDmxx4esVVYz0sLAnCIoYaVYtO3MW/8 -----END CERTIFICATE-----Generated at Sun Aug 24 04:35:57 2025 by rpki-client