$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 7BuI24HV6Lb1j2+jrBGCdXl4jz8OcrOuKq3IqK78/Vk= Subject key identifier: 78:A9:F1:E9:C0:27:E3:C5:3B:D4:C7:FD:FD:5D:A7:CC:AE:CE:AB:37 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 219E Signing time: Fri 22 Aug 2025 15:58:20 +0000 Manifest this update: Fri 22 Aug 2025 15:58:20 +0000 Manifest next update: Fri 29 Aug 2025 15:58:20 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: DBOoK8iMonR1TzvsavprtMzvTX4sRJzc6gH55D6AqF4=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 5: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 7: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:58:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8665 (0x21d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Aug 22 15:58:20 2025 GMT Not After : Aug 29 15:58:20 2025 GMT Subject: CN=68a8939c-b1d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:dc:4d:27:53:76:8b:3e:c5:39:a8:a8:ad:63: 0f:8d:1b:fd:db:1e:8a:32:7a:24:dd:55:25:04:5b: 33:ae:ee:e8:dd:3e:fa:ba:55:d3:62:ab:4e:6b:52: a9:5f:2a:bb:83:f3:0c:49:c8:aa:9a:72:10:bf:16: 5a:fa:53:87:b3:df:63:9b:30:19:81:8a:6c:4b:51: f6:b6:dc:0f:80:62:67:3d:f3:68:53:8e:44:a2:99: ea:6d:95:61:39:0b:cc:83:ad:9d:58:ce:f3:a9:cb: bf:a9:05:20:3f:5e:54:a6:64:7e:54:ab:55:fb:14: 82:5c:fa:f0:cf:13:69:2b:c3:4f:01:96:12:65:ed: 25:4d:f0:af:fd:74:4e:85:56:9b:51:0b:37:19:7f: 0c:7f:5e:89:ec:f3:21:b0:c5:93:e8:9d:1f:77:92: c8:80:19:54:ac:ba:75:d6:7c:73:1c:a2:d3:e2:e4: 9e:61:7f:b0:be:d0:3a:ad:8e:a3:3a:46:bf:30:9a: e3:e6:d2:9a:62:91:0c:7d:11:93:51:6a:5e:48:fd: 3b:73:85:d0:28:60:31:01:a7:a0:a2:cf:e7:9e:71: 6b:9e:2c:ba:dd:5d:0d:9f:e8:c6:8e:39:71:15:d5: 94:8a:3b:72:07:9a:2f:f5:37:d7:f3:49:1f:b7:a7: e4:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:A9:F1:E9:C0:27:E3:C5:3B:D4:C7:FD:FD:5D:A7:CC:AE:CE:AB:37 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:98:d1:58:41:f4:3f:76:4f:05:b4:4f:05:8f:35:b7:4b:a1: ef:e8:a5:ac:54:38:79:71:2d:b2:12:1e:85:63:88:45:2c:90: d3:b2:62:82:2b:39:1e:b2:e1:42:5c:96:4f:0f:b1:38:58:d4: eb:74:cc:11:36:0f:16:4a:0f:d8:33:24:ce:c7:68:20:96:29: 8e:97:a3:ea:95:3d:da:4e:42:51:01:60:ee:79:91:af:ec:63: 89:c6:b9:f9:0c:d5:dd:c7:a7:de:88:be:9e:cb:f5:85:c5:c0: 69:bf:94:c8:0b:eb:91:1e:e9:6b:59:f4:1e:c0:bf:b7:d6:7d: 25:df:b0:1f:91:81:42:6d:44:6e:ab:5c:54:96:4a:89:b2:7f: c0:7d:df:0f:76:9b:a8:12:c3:5e:68:84:19:69:63:eb:4f:e1: ab:86:fd:1e:a3:ea:0e:d7:fb:4f:dc:37:19:10:c3:2f:33:35: 3a:5a:f6:e4:19:15:36:f7:fb:d6:35:1d:4e:df:eb:a0:6f:1b: 40:b0:c5:4e:2d:1f:74:76:ad:e3:36:f3:9f:42:b6:0b:81:b2: 4f:2d:bd:09:eb:d2:79:f3:b5:bd:c8:ee:53:e9:43:8c:91:c7: 8a:3e:6c:19:d5:c8:c3:c7:9d:0f:3f:95:be:62:a8:66:be:c1: 50:27:04:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwODIyMTU1ODIwWhcNMjUwODI5MTU1ODIwWjAYMRYwFAYD VQQDEw02OGE4OTM5Yy1iMWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwNxNJ1N2iz7FOaiorWMPjRv92x6KMnok3VUlBFszru7o3T76ulXTYqtOa1Kp Xyq7g/MMSciqmnIQvxZa+lOHs99jmzAZgYpsS1H2ttwPgGJnPfNoU45EopnqbZVh OQvMg62dWM7zqcu/qQUgP15UpmR+VKtV+xSCXPrwzxNpK8NPAZYSZe0lTfCv/XRO hVabUQs3GX8Mf16J7PMhsMWT6J0fd5LIgBlUrLp11nxzHKLT4uSeYX+wvtA6rY6j Oka/MJrj5tKaYpEMfRGTUWpeSP07c4XQKGAxAaegos/nnnFrniy63V0Nn+jGjjlx FdWUijtyB5ov9TfX80kft6fkAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHip8enA J+PFO9TH/f1dp8yuzqs3MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmmNFYQfQ/dk8FtE8FjzW3S6Hv6KWsVDh5cS2yEh6FY4hFLJDTsmKC KzkesuFCXJZPD7E4WNTrdMwRNg8WSg/YMyTOx2gglimOl6PqlT3aTkJRAWDueZGv 7GOJxrn5DNXdx6feiL6ey/WFxcBpv5TIC+uRHulrWfQewL+31n0l37AfkYFCbURu q1xUlkqJsn/Afd8PdpuoEsNeaIQZaWPrT+Grhv0eo+oO1/tP3DcZEMMvMzU6Wvbk GRU29/vWNR1O3+ugbxtAsMVOLR90dq3jNvOfQrYLgbJPLb0J69J587W9yO5T6UOM kceKPmwZ1cjDx50PP5W+YqhmvsFQJwTP -----END CERTIFICATE-----Generated at Sat Aug 23 21:23:53 2025 by rpki-client