$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 2n+VJznapFySdS8hTHhwgnElFBM1JQcF7NfLdoMt8d4= Subject key identifier: CA:29:59:F4:F5:D5:36:83:6E:AA:50:08:31:D0:D9:C9:C8:0D:CA:1B Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2181 Signing time: Wed 02 Jul 2025 16:02:29 +0000 Manifest this update: Wed 02 Jul 2025 16:02:28 +0000 Manifest next update: Wed 09 Jul 2025 16:02:28 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: u7Dcmup4OOGtPPJ295xrTa+bRtL76m2td0RgvwEsF2k=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:02:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8636 (0x21bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Jul 2 16:02:28 2025 GMT Not After : Jul 9 16:02:28 2025 GMT Subject: CN=68655814-c0c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:9d:a2:07:a2:f5:00:ad:ad:05:cd:b8:4b:f9: c4:bb:7a:bc:15:ae:87:f3:4f:af:24:2e:90:a9:e8: 81:9f:38:89:44:49:6d:a2:49:44:6f:86:01:84:43: e8:9a:2c:e6:aa:27:27:b0:f1:2b:7f:b9:14:9e:d1: aa:f4:94:67:d0:8d:f6:bd:a6:8c:19:63:cb:ad:37: b9:5b:6e:28:6a:fe:92:97:cb:12:8a:15:3f:7d:b1: 4b:d9:d4:cd:9e:5a:8b:75:86:2d:29:ea:1e:c2:96: d3:f6:f9:de:6c:90:2b:b1:72:1f:4a:8c:fe:07:d5: 49:02:1f:63:c0:8d:ab:99:4a:aa:c8:32:17:2a:db: b9:c8:6e:79:12:0d:82:4f:48:e4:18:bd:8d:2b:cf: 33:9a:68:5f:84:35:de:17:da:63:5d:97:4a:f6:84: ae:d1:e0:25:b8:03:ab:68:12:cb:1e:29:74:b4:8c: 64:12:33:4f:61:88:7e:75:d6:0f:1c:4e:7c:79:51: ff:75:99:3e:92:7f:5e:0e:70:cb:ee:1a:ed:d6:14: 55:be:bc:e2:d1:71:e0:f1:7b:56:52:bb:f5:45:ad: d8:04:79:18:dd:6c:5c:9c:d0:b2:a2:80:94:b5:69: ff:15:5b:3c:6d:d1:38:f9:66:53:4a:3c:4a:9a:a2: 8e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:29:59:F4:F5:D5:36:83:6E:AA:50:08:31:D0:D9:C9:C8:0D:CA:1B X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:93:31:8b:31:4b:17:0d:18:c3:57:a1:63:85:23:11:26:0a: 80:f2:e5:be:15:d6:50:f6:38:6d:81:a9:6f:39:dc:8f:91:12: af:71:eb:59:d1:4a:80:89:de:2a:26:fe:79:e3:22:6d:94:0a: c6:ae:dd:d1:fa:32:2c:c1:da:53:99:05:bd:a2:9a:dd:26:5d: 66:39:2a:b8:9d:d6:b5:2d:5f:3d:f6:05:d9:ed:70:e8:37:17: b1:f4:e2:4b:b4:99:9f:ce:8b:68:01:7a:eb:0a:c6:ad:83:cb: c0:70:cf:aa:f8:01:12:90:45:38:98:e5:84:b2:79:c0:77:eb: 24:8b:c5:71:de:71:7a:63:87:c9:2d:57:59:3e:60:e4:5a:f6: 2e:d2:00:b7:fd:75:ca:5a:52:3e:42:0c:95:75:46:8c:18:e2: 9a:78:71:20:2b:aa:d5:f7:e9:89:a6:80:12:44:5c:fc:31:25: 92:9d:4b:d4:ec:59:01:39:eb:c8:91:31:99:b0:7d:e8:b6:df: 5a:17:59:6d:1d:34:16:07:31:5d:6d:84:ca:aa:52:00:be:27: 19:53:c9:86:8e:1c:cc:55:8c:93:00:2f:5f:89:a2:c8:0b:f1: 8b:32:b1:33:43:08:d7:bd:f8:69:08:07:22:4a:cb:b8:43:01: 8d:9e:e8:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNzAyMTYwMjI4WhcNMjUwNzA5MTYwMjI4WjAYMRYwFAYD VQQDEw02ODY1NTgxNC1jMGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7J2iB6L1AK2tBc24S/nEu3q8Fa6H80+vJC6QqeiBnziJREltoklEb4YBhEPo mizmqicnsPErf7kUntGq9JRn0I32vaaMGWPLrTe5W24oav6Sl8sSihU/fbFL2dTN nlqLdYYtKeoewpbT9vnebJArsXIfSoz+B9VJAh9jwI2rmUqqyDIXKtu5yG55Eg2C T0jkGL2NK88zmmhfhDXeF9pjXZdK9oSu0eAluAOraBLLHil0tIxkEjNPYYh+ddYP HE58eVH/dZk+kn9eDnDL7hrt1hRVvrzi0XHg8XtWUrv1Ra3YBHkY3WxcnNCyooCU tWn/FVs8bdE4+WZTSjxKmqKOyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMopWfT1 1TaDbqpQCDHQ2cnIDcobMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfkzGLMUsXDRjDV6FjhSMRJgqA8uW+FdZQ9jhtgalvOdyPkRKvcetZ 0UqAid4qJv554yJtlArGrt3R+jIswdpTmQW9oprdJl1mOSq4nda1LV899gXZ7XDo Nxex9OJLtJmfzotoAXrrCsatg8vAcM+q+AESkEU4mOWEsnnAd+ski8Vx3nF6Y4fJ LVdZPmDkWvYu0gC3/XXKWlI+QgyVdUaMGOKaeHEgK6rV9+mJpoASRFz8MSWSnUvU 7FkBOevIkTGZsH3ott9aF1ltHTQWBzFdbYTKqlIAvicZU8mGjhzMVYyTAC9fiaLI C/GLMrEzQwjXvfhpCAciSsu4QwGNnuic -----END CERTIFICATE-----Generated at Thu Jul 3 21:25:54 2025 by rpki-client