$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: D6VnlbZiPD+h/+S4VnW9J65Mb4jDATRhxyNlbDNM5N0= Subject key identifier: 28:89:2F:B3:4D:86:64:0E:41:0C:EA:48:AC:A5:AD:BD:63:98:56:11 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2189 Signing time: Fri 18 Jul 2025 16:02:06 +0000 Manifest this update: Fri 18 Jul 2025 16:02:05 +0000 Manifest next update: Fri 25 Jul 2025 16:02:05 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: zbsFKDLvx9V8PSoqZvVYvHlp25tiGgXb1UWLyYQPJFk=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8644 (0x21c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Jul 18 16:02:05 2025 GMT Not After : Jul 25 16:02:05 2025 GMT Subject: CN=687a6ffd-ff87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:35:ab:7c:1b:01:a7:a2:25:e0:76:4d:69:75: 20:4c:59:c8:0e:23:34:17:e2:90:6d:53:f1:f2:18: e7:d9:8f:5c:7b:09:55:86:e0:5d:74:dd:8b:1f:d2: 6b:4b:0a:d9:a8:78:aa:fe:68:92:8a:cb:2f:11:62: 67:c0:6c:3e:eb:a5:49:2a:1f:92:dd:25:a7:9d:bd: e3:22:ea:8b:ed:9f:dd:25:22:53:b9:2b:81:06:d3: 53:95:15:46:ec:3d:04:71:63:2f:f7:22:8d:2e:3b: 28:94:6a:63:78:11:c5:3b:f3:34:39:d4:07:7d:3b: b4:fc:e3:de:01:9b:5f:af:7d:1f:e0:2e:70:d3:70: 9e:d7:b6:df:59:a1:5d:20:fc:8c:4b:5e:f4:cd:44: 13:5d:27:23:af:30:3b:03:87:47:98:03:39:92:46: 48:1b:e5:30:35:91:e1:6b:3a:98:cf:ea:00:f9:19: 0d:8a:39:aa:45:7b:e7:c1:01:ce:84:19:27:0c:36: c2:fa:7f:a6:6e:17:e6:3a:bd:c0:e5:ae:c3:52:8b: c6:96:0a:70:cd:70:ed:2f:16:22:d5:63:48:2f:da: 25:31:d0:3a:47:96:58:2e:bb:bf:49:68:29:13:8e: d6:f2:5f:9e:83:47:18:26:86:b1:f1:8a:c5:fb:f0: 05:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:89:2F:B3:4D:86:64:0E:41:0C:EA:48:AC:A5:AD:BD:63:98:56:11 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:6d:7b:ac:63:79:8f:40:82:89:b2:87:48:91:c6:ab:c7:34: fe:d9:c9:cc:5f:57:e1:c4:e0:4d:69:29:4d:6b:8b:d4:d1:4e: ec:cc:bd:e7:0e:7f:d5:7c:49:51:43:75:61:c1:66:38:e0:aa: 4a:b3:a2:69:1c:a4:bb:a3:b6:97:6d:a5:4b:ad:8d:05:a9:91: 8a:6e:9b:80:58:8b:a3:0f:96:bb:0f:83:94:df:e3:c2:91:4b: 4d:af:1e:6f:0d:1d:a6:5c:53:22:a9:e4:e6:2d:d1:75:e6:ec: 5d:2a:91:65:f9:69:41:0f:e4:d2:6e:bf:c4:da:9f:95:15:a4: 8f:fc:13:28:4a:d1:ba:6f:8f:ca:e4:e4:a9:ba:a7:6a:5a:81: fb:82:a8:c2:47:49:ea:0a:3a:c5:92:26:65:d0:7b:00:40:5c: 6e:f9:a6:0c:1d:61:56:fa:9e:5b:7d:31:10:ed:c0:06:02:1e: dd:7e:50:20:f4:aa:a5:f8:27:19:0a:ce:68:91:cd:11:35:cf: 27:38:ac:18:43:73:7f:d8:81:71:9b:a8:68:56:b8:b4:97:cb: 8c:21:8b:9a:1f:aa:b0:f7:9e:e5:cd:7e:36:98:dc:c5:3e:5f: 0f:89:ae:3b:07:78:33:61:77:8d:9c:c1:8a:94:54:96:24:64: 2a:7d:16:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNzE4MTYwMjA1WhcNMjUwNzI1MTYwMjA1WjAYMRYwFAYD VQQDEw02ODdhNmZmZC1mZjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvDWrfBsBp6Il4HZNaXUgTFnIDiM0F+KQbVPx8hjn2Y9cewlVhuBddN2LH9Jr SwrZqHiq/miSissvEWJnwGw+66VJKh+S3SWnnb3jIuqL7Z/dJSJTuSuBBtNTlRVG 7D0EcWMv9yKNLjsolGpjeBHFO/M0OdQHfTu0/OPeAZtfr30f4C5w03Ce17bfWaFd IPyMS170zUQTXScjrzA7A4dHmAM5kkZIG+UwNZHhazqYz+oA+RkNijmqRXvnwQHO hBknDDbC+n+mbhfmOr3A5a7DUovGlgpwzXDtLxYi1WNIL9olMdA6R5ZYLru/SWgp E47W8l+eg0cYJoax8YrF+/AFXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCiJL7NN hmQOQQzqSKylrb1jmFYRMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBubXusY3mPQIKJsodIkcarxzT+2cnMX1fhxOBNaSlNa4vU0U7szL3n Dn/VfElRQ3VhwWY44KpKs6JpHKS7o7aXbaVLrY0FqZGKbpuAWIujD5a7D4OU3+PC kUtNrx5vDR2mXFMiqeTmLdF15uxdKpFl+WlBD+TSbr/E2p+VFaSP/BMoStG6b4/K 5OSpuqdqWoH7gqjCR0nqCjrFkiZl0HsAQFxu+aYMHWFW+p5bfTEQ7cAGAh7dflAg 9Kql+CcZCs5okc0RNc8nOKwYQ3N/2IFxm6hoVri0l8uMIYuaH6qw957lzX42mNzF Pl8Pia47B3gzYXeNnMGKlFSWJGQqfRan -----END CERTIFICATE-----Generated at Sun Jul 20 16:28:18 2025 by rpki-client