$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 26zdT5+XzYfNS41VMh3iBoNnQFHm2bjPeKP4ZDyx+Qo= Subject key identifier: 55:32:AD:B3:43:54:43:0E:CB:E8:26:EA:89:2B:51:BB:D2:99:2F:CA Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2268 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2211 Signing time: Tue 24 Mar 2026 15:49:58 +0000 Manifest this update: Tue 24 Mar 2026 15:49:58 +0000 Manifest next update: Tue 31 Mar 2026 15:49:58 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: hdCC7qj4qYfckystxf4abFYeFcNMeZggEeg72DKSmP8=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: KYaSzwf1L2QkO+jOOMTkJ2kvbpBzCO+jKOwM50VbrBw=) 3: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: Bbmi/J5Lpn7aHAntaVp/ckgJSOlUGXUjQqXrthSWKgU=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: YxBTBicabikn08Aqg/dvf+PsgRQVrImZt4AAt8rvHnc=) 5: 1C628A90671411EEA0040661C4F9AE02.roa (hash: M0M27e7jpHMqjXXvltEuadHWRQl0UpCUB3Q3dSoBa+I=) 6: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: V2GgiDiVdp7icGNp8uei2QdYQy4qfASwmRrufFn1mxg=) 7: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: v4lm1t03b9gy+zkyAg0MsXuQLEziIg1Uau5peZt74RY=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 3IlwneiT3OIjV7tuhT2g5I0grdOyE91JkHSLmUB2BEY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 15:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8808 (0x2268) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Mar 24 15:49:58 2026 GMT Not After : Mar 31 15:49:58 2026 GMT Subject: CN=69c2b2a6-03a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f7:26:2a:fb:34:00:1a:a1:40:67:fc:d3:23: 9e:1f:79:63:ed:2c:a0:a0:52:77:0c:ae:97:83:58: ce:c2:1f:2f:69:11:c7:75:22:ab:bf:33:cb:59:f2: 5d:5d:56:60:c0:7d:d6:1c:2f:6d:6d:5d:c2:0c:8a: 55:b0:fe:38:a2:a9:d5:7d:6e:e2:91:44:a5:3c:07: 5b:a3:df:08:59:f3:3e:39:12:3f:3e:0c:f5:17:50: ea:8f:13:69:22:bd:1c:9e:eb:75:8b:20:71:32:ca: 17:d7:6e:b3:06:c6:25:c3:89:6c:71:7b:c8:5a:40: ca:38:f5:f6:85:d4:2d:88:da:f6:0e:cf:e6:ef:fe: 4a:7b:2a:3e:a4:b4:5a:ea:de:8e:30:44:c6:9c:97: b0:92:41:7e:f7:fd:c6:0a:5e:f4:29:e0:23:a7:79: 08:c4:db:22:89:12:8e:d6:d9:ec:e3:74:c3:a4:fd: 50:e8:31:e0:2a:e3:00:4f:b5:58:5b:70:6a:c7:52: 01:ad:f7:2f:a3:82:c9:f3:6e:07:7e:74:ab:44:f6: 68:ca:2b:7a:c4:b6:4d:47:13:7a:91:0f:a1:df:ba: 6e:39:ec:fb:27:2f:72:16:17:02:42:13:32:c9:d6: 35:38:db:d6:af:21:4e:61:28:de:8a:a9:e8:f4:60: bd:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:32:AD:B3:43:54:43:0E:CB:E8:26:EA:89:2B:51:BB:D2:99:2F:CA X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:93:f8:f2:d1:82:87:ac:69:64:4b:35:5d:e8:11:f4:33:da: 4b:45:e6:b2:a3:48:65:d2:8b:6e:45:b0:91:a5:52:dd:47:73: ac:18:dd:1d:12:f7:57:d3:14:a6:b8:8d:63:02:ec:99:3d:34: 5f:6e:42:c3:6a:42:c7:b0:70:2a:2d:6f:be:bd:a8:93:d2:6e: 32:f4:6a:b6:cf:e7:39:03:e4:4f:85:41:84:3f:bf:50:dc:92: d5:ca:20:f7:cf:e4:da:bc:a6:17:b7:b8:a0:f6:8a:f1:a2:50: 2e:e8:c3:2f:f3:d4:a9:05:80:a6:b2:72:2c:6e:47:d4:28:c9: 58:ce:a6:78:02:52:b3:11:a0:d8:33:75:46:b1:dc:cc:b0:68: 68:e9:f0:e5:c9:fe:5b:fb:d0:7f:a6:8e:7b:2a:44:5e:8b:15: 6a:35:5a:88:78:8e:0a:c3:86:08:67:da:63:c3:88:63:e6:ab: 34:af:f9:82:d4:47:66:77:d9:a7:ce:dc:f1:0b:78:28:1f:d8: 31:eb:99:20:d9:cd:10:a1:05:48:57:d9:f0:4d:03:66:9d:56: 53:98:55:c2:36:e0:65:cf:4d:20:3d:fd:90:e7:61:39:6a:88: b2:7d:86:30:33:4a:99:e7:40:4d:88:1f:8d:6a:81:55:bc:27: f7:a1:ae:76 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICImgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjYwMzI0MTU0OTU4WhcNMjYwMzMxMTU0OTU4WjAYMRYwFAYD VQQDEw02OWMyYjJhNi0wM2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArfcmKvs0ABqhQGf80yOeH3lj7SygoFJ3DK6Xg1jOwh8vaRHHdSKrvzPLWfJd XVZgwH3WHC9tbV3CDIpVsP44oqnVfW7ikUSlPAdbo98IWfM+ORI/Pgz1F1DqjxNp Ir0cnut1iyBxMsoX126zBsYlw4lscXvIWkDKOPX2hdQtiNr2Ds/m7/5Keyo+pLRa 6t6OMETGnJewkkF+9/3GCl70KeAjp3kIxNsiiRKO1tns43TDpP1Q6DHgKuMAT7VY W3Bqx1IBrfcvo4LJ824HfnSrRPZoyit6xLZNRxN6kQ+h37puOez7Jy9yFhcCQhMy ydY1ONvWryFOYSjeiqno9GC9mQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFFUyrbND VEMOy+gm6okrUbvSmS/KMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAB5P48tGCh6xpZEs1XegR9DPaS0XmsqNIZdKLbkWwkaVS3UdzrBjdHRL3V9MU priNYwLsmT00X25Cw2pCx7BwKi1vvr2ok9JuMvRqts/nOQPkT4VBhD+/UNyS1cog 98/k2rymF7e4oPaK8aJQLujDL/PUqQWAprJyLG5H1CjJWM6meAJSsxGg2DN1RrHc zLBoaOnw5cn+W/vQf6aOeypEXosVajVaiHiOCsOGCGfaY8OIY+arNK/5gtRHZnfZ p87c8Qt4KB/YMeuZINnNEKEFSFfZ8E0DZp1WU5hVwjbgZc9NID39kOdhOWqIsn2G MDNKmedATYgfjWqBVbwn96Gudg== -----END CERTIFICATE-----Generated at Thu Mar 26 07:36:52 2026 by rpki-client