$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: KITw9cjCnnxrj/00zgmzfa4mE2p/W8BGoA6lwDitK0g= Subject key identifier: C9:C3:F8:4C:BF:51:8D:5E:66:56:A1:D9:75:6A:1A:39:EF:4B:3C:15 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 21BB Signing time: Sat 18 Oct 2025 16:10:46 +0000 Manifest this update: Sat 18 Oct 2025 16:10:45 +0000 Manifest next update: Sat 25 Oct 2025 16:10:45 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: FFvRcC6Mz6S1y8NJGT8P/ZGPnxz8FxpvlOsb5jVjjKU=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 5: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 7: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:10:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8694 (0x21f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Oct 18 16:10:45 2025 GMT Not After : Oct 25 16:10:45 2025 GMT Subject: CN=68f3bc06-e61f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:07:02:b1:f8:48:67:e6:b5:a0:ea:07:c7:a6: f9:67:1c:7c:3c:78:88:b3:5b:5b:6d:74:de:f4:b4: ae:05:e7:fb:d2:98:06:d3:1d:02:1d:eb:8a:e8:3f: c1:35:35:2e:0e:d5:86:40:0b:58:77:8e:2b:5c:e8: ad:10:67:b5:90:a5:36:40:e0:4c:8c:a0:be:ff:a7: ed:7f:b4:bf:50:a2:44:80:cf:6d:e3:0e:8b:47:4f: 28:5c:ed:71:11:1c:f6:65:3e:96:71:82:cc:f4:1c: 48:f2:2a:e3:22:27:38:ed:2b:e9:1e:5b:2d:ac:ef: 97:79:9e:38:fb:56:ef:24:74:2b:cc:f4:25:83:c6: 56:ac:5a:0c:60:4a:23:6d:c0:cd:c8:01:04:65:4d: d5:1a:17:80:58:0c:31:fe:8b:40:f5:92:56:34:8d: ae:21:69:8d:0c:4b:01:72:85:77:76:f2:97:57:84: 8b:37:b5:f3:27:7f:c2:b1:36:35:3b:eb:1d:d2:fa: 6d:be:4c:85:4b:ac:cb:b8:b0:88:2a:89:3d:25:d3: a9:ed:bc:97:5a:c4:9e:38:60:3d:b0:25:5b:a7:ba: ad:91:76:de:0f:89:35:74:33:63:0b:b0:23:36:f7: 78:f3:a7:8b:00:4c:c2:14:11:4e:a4:d9:2b:bf:af: f2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:C3:F8:4C:BF:51:8D:5E:66:56:A1:D9:75:6A:1A:39:EF:4B:3C:15 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:09:d8:d5:3c:61:ae:c4:0e:c6:9f:14:5d:a9:5e:0c:5e:d3: 94:f7:9a:17:af:07:37:90:28:a8:05:ab:70:72:bb:a5:d2:f6: 7f:6b:7a:ad:ae:6b:0a:47:0e:ab:8f:cb:96:2e:6c:2b:63:94: 83:81:93:ce:d4:7c:4b:7b:74:8a:bc:80:59:6e:0b:3c:c4:74: 07:aa:be:e9:df:50:8f:6d:7c:8a:94:91:12:8d:6c:2a:62:cd: d2:bd:6c:c9:1f:8a:c6:88:5d:af:04:d4:2a:77:60:6a:3b:bb: 73:ca:c1:01:ee:d5:4b:85:00:2d:2f:27:29:5a:41:c9:f3:40: c4:9f:b7:24:42:cf:08:5f:56:e3:ee:0c:bf:aa:8e:0f:55:84: d2:65:5a:d0:4f:1c:86:3a:bb:51:7b:8b:7c:46:c3:cc:42:16: dc:e7:fc:89:e2:5d:56:1b:f9:8f:8b:38:96:f3:7e:80:03:a2: ab:ad:c2:e9:a0:9b:37:43:fa:aa:ee:ea:fc:d2:b5:4d:af:8c: 25:bc:c4:05:f2:c1:8c:52:ca:ee:e8:13:b3:7a:8c:01:ed:20: ad:20:1a:49:34:c6:c0:29:9f:6f:2f:0b:4c:79:f4:d1:2c:f6: e8:6c:12:d0:8e:78:95:e0:4e:52:f3:72:c0:f2:9d:6e:59:6d: 99:73:c9:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUxMDE4MTYxMDQ1WhcNMjUxMDI1MTYxMDQ1WjAYMRYwFAYD VQQDEw02OGYzYmMwNi1lNjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArgcCsfhIZ+a1oOoHx6b5Zxx8PHiIs1tbbXTe9LSuBef70pgG0x0CHeuK6D/B NTUuDtWGQAtYd44rXOitEGe1kKU2QOBMjKC+/6ftf7S/UKJEgM9t4w6LR08oXO1x ERz2ZT6WcYLM9BxI8irjIic47SvpHlstrO+XeZ44+1bvJHQrzPQlg8ZWrFoMYEoj bcDNyAEEZU3VGheAWAwx/otA9ZJWNI2uIWmNDEsBcoV3dvKXV4SLN7XzJ3/CsTY1 O+sd0vptvkyFS6zLuLCIKok9JdOp7byXWsSeOGA9sCVbp7qtkXbeD4k1dDNjC7Aj Nvd486eLAEzCFBFOpNkrv6/ynQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMnD+Ey/ UY1eZlah2XVqGjnvSzwVMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcCdjVPGGuxA7GnxRdqV4MXtOU95oXrwc3kCioBatwcrul0vZ/a3qt rmsKRw6rj8uWLmwrY5SDgZPO1HxLe3SKvIBZbgs8xHQHqr7p31CPbXyKlJESjWwq Ys3SvWzJH4rGiF2vBNQqd2BqO7tzysEB7tVLhQAtLycpWkHJ80DEn7ckQs8IX1bj 7gy/qo4PVYTSZVrQTxyGOrtRe4t8RsPMQhbc5/yJ4l1WG/mPiziW836AA6KrrcLp oJs3Q/qq7ur80rVNr4wlvMQF8sGMUsru6BOzeowB7SCtIBpJNMbAKZ9vLwtMefTR LPbobBLQjniV4E5S83LA8p1uWW2Zc8lL -----END CERTIFICATE-----Generated at Sun Oct 19 23:28:19 2025 by rpki-client