$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: dqiFKuCSrRT8ETtH87wHr+0VEh1evDkyJ9MO/qZqb4M= Subject key identifier: 36:C5:9C:1C:64:DD:9E:41:B0:F4:78:14:36:0C:D2:B7:F4:67:AE:86 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2166 Signing time: Sat 10 May 2025 15:52:16 +0000 Manifest this update: Sat 10 May 2025 15:52:16 +0000 Manifest next update: Sat 17 May 2025 15:52:16 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: CCeJkMvJqyvVM8YOuZSJkK747eyt4+DossmM9W6U1ig=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:52:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8609 (0x21a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: May 10 15:52:16 2025 GMT Not After : May 17 15:52:16 2025 GMT Subject: CN=681f7630-533f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9f:1d:84:85:c6:9b:40:3c:35:09:db:b0:7d: ce:90:af:3f:50:b3:48:d1:85:d0:dd:a4:c3:61:f2: 27:44:d7:84:6d:4d:34:c3:05:1f:a1:57:73:ef:91: ad:d3:d0:6f:25:6b:c1:23:fc:d7:85:60:ba:2b:29: ae:89:e6:36:2f:bb:47:3c:a5:ba:35:06:24:cc:54: b7:a4:63:a8:dd:8d:4c:47:21:9e:60:45:b0:b0:82: 93:d0:b4:ab:e8:02:af:a2:30:87:b0:36:54:2b:db: f7:03:87:48:c6:1e:de:f5:5a:f7:d8:d0:c1:80:ca: 1d:78:c9:15:20:16:ef:64:f2:9d:c6:c2:5b:f5:86: f4:c9:f4:5e:1e:a5:7e:8e:d9:81:55:5a:f2:7a:87: 8e:27:c0:3c:0f:e2:51:aa:8b:a1:c7:d2:96:f4:63: 4e:f5:a2:7d:49:c7:b9:7f:7a:d7:32:c1:70:77:57: 17:b4:0e:85:ed:e1:a3:6d:ed:c6:01:c4:93:5f:e4: 75:6b:95:71:d1:79:fc:97:6a:b9:b5:f2:1b:35:aa: ae:78:59:e6:ab:1d:e6:d4:c5:5a:1a:84:85:9f:2c: 4a:65:8f:70:23:2c:0a:eb:a2:d3:3f:51:7c:10:5d: da:3e:1a:e7:ce:d9:f2:24:56:f1:54:e8:96:9f:c2: 66:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:C5:9C:1C:64:DD:9E:41:B0:F4:78:14:36:0C:D2:B7:F4:67:AE:86 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:7e:70:55:06:bd:5b:b9:64:c8:c8:f3:55:e5:93:bd:56:d4: a7:0e:8f:91:79:68:2d:1d:39:a9:ec:66:40:5a:94:21:98:c9: 48:18:64:80:f6:91:db:17:98:19:ce:ce:d5:0f:90:d9:82:ad: 15:94:c4:c6:d2:d4:70:e9:e5:75:f9:18:e3:4d:ab:3a:53:ff: 41:4d:62:ad:56:6d:2d:c7:d6:b6:d8:1c:43:92:f5:24:48:a5: aa:03:a2:4f:c3:72:89:ef:a4:8c:b0:1d:18:eb:7f:14:f8:a0: 61:c0:2a:85:2d:59:51:10:3d:89:d6:24:8d:2b:e0:8b:4e:f5: e3:7d:b9:49:91:23:ad:1d:ad:fa:53:d8:e7:98:be:d6:9a:8c: 38:2a:03:50:b6:01:d6:c3:15:87:fa:21:22:b3:55:3a:99:db: 18:cd:1e:6a:30:71:ab:71:6c:72:64:3d:92:1b:3f:6c:14:aa: fc:8e:ad:b2:64:e9:c4:cd:9f:d6:3c:cf:67:7f:4c:88:26:8e: c6:c6:b5:1a:f9:68:66:74:2e:3d:5a:73:42:5a:2a:f8:2f:6a: 78:b8:35:c6:5b:43:3c:81:a7:d6:23:99:5c:55:07:0f:ae:c9: 3f:cd:65:61:d2:53:3d:bb:58:0f:fe:9c:39:c4:78:39:43:dd: 6f:46:fd:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNTEwMTU1MjE2WhcNMjUwNTE3MTU1MjE2WjAYMRYwFAYD VQQDEw02ODFmNzYzMC01MzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuJ8dhIXGm0A8NQnbsH3OkK8/ULNI0YXQ3aTDYfInRNeEbU00wwUfoVdz75Gt 09BvJWvBI/zXhWC6KymuieY2L7tHPKW6NQYkzFS3pGOo3Y1MRyGeYEWwsIKT0LSr 6AKvojCHsDZUK9v3A4dIxh7e9Vr32NDBgModeMkVIBbvZPKdxsJb9Yb0yfReHqV+ jtmBVVryeoeOJ8A8D+JRqouhx9KW9GNO9aJ9Sce5f3rXMsFwd1cXtA6F7eGjbe3G AcSTX+R1a5Vx0Xn8l2q5tfIbNaqueFnmqx3m1MVaGoSFnyxKZY9wIywK66LTP1F8 EF3aPhrnztnyJFbxVOiWn8JmGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDbFnBxk 3Z5BsPR4FDYM0rf0Z66GMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCefnBVBr1buWTIyPNV5ZO9VtSnDo+ReWgtHTmp7GZAWpQhmMlIGGSA 9pHbF5gZzs7VD5DZgq0VlMTG0tRw6eV1+RjjTas6U/9BTWKtVm0tx9a22BxDkvUk SKWqA6JPw3KJ76SMsB0Y638U+KBhwCqFLVlRED2J1iSNK+CLTvXjfblJkSOtHa36 U9jnmL7Wmow4KgNQtgHWwxWH+iEis1U6mdsYzR5qMHGrcWxyZD2SGz9sFKr8jq2y ZOnEzZ/WPM9nf0yIJo7GxrUa+WhmdC49WnNCWir4L2p4uDXGW0M8gafWI5lcVQcP rsk/zWVh0lM9u1gP/pw5xHg5Q91vRv1S -----END CERTIFICATE-----Generated at Mon May 12 07:33:53 2025 by rpki-client