$ rpki-client -vvf rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.mft File: Qb--vmNSH7BO2BI8aOXAza9dBc0.mft (raw, json) Hash identifier: t+Sx1ZF7QEGr/Fp70McdJHvzHafoi3lFA5ZOLYBG5xY= Subject key identifier: D3:BC:86:50:5A:74:27:65:7E:3A:9D:73:C1:6F:09:74:BC:FE:5F:C9 Authority key identifier: 41:BF:BE:BE:63:52:1F:B0:4E:D8:12:3C:68:E5:C0:CD:AF:5D:05:CD Certificate issuer: /CN=A9170982/serialNumber=41BFBEBE63521FB04ED8123C68E5C0CDAF5D05CD Certificate serial: 03B7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qb--vmNSH7BO2BI8aOXAza9dBc0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.mft Manifest number: 03AB Signing time: Wed 03 Sep 2025 01:07:41 +0000 Manifest this update: Wed 03 Sep 2025 01:07:40 +0000 Manifest next update: Wed 10 Sep 2025 01:07:40 +0000 Files and hashes: 1: Qb--vmNSH7BO2BI8aOXAza9dBc0.crl (hash: ek2E/vArMql4KmPRww7O+3LrnMKGiPxqFsiSWf4gYdY=) 2: EE8EAEDC377F11EE92674430C4F9AE02.roa (hash: XUINDcHIDNHHzShIR5UbuMY4rtr/62wcaswBNnwgnig=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.crl rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qb--vmNSH7BO2BI8aOXAza9dBc0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 01:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 951 (0x3b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170982, serialNumber=41BFBEBE63521FB04ED8123C68E5C0CDAF5D05CD Validity Not Before: Sep 3 01:07:40 2025 GMT Not After : Sep 10 01:07:40 2025 GMT Subject: CN=68b794dc-9d38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:2e:6c:89:69:81:84:a4:fd:84:31:1c:29:f9: 12:2e:63:b7:d1:4e:40:26:5f:cd:1c:55:21:26:48: 49:7f:28:e4:a6:5d:a8:b9:7c:d3:14:f2:36:23:2f: ea:a3:4d:ab:3b:27:d4:93:29:ef:65:19:08:64:fe: ca:52:e9:ec:ee:3b:41:e2:ab:42:92:32:0b:2a:a8: 24:98:d3:e1:d2:bd:bf:21:be:f7:0b:4a:6c:06:bb: c7:43:42:da:6e:40:c0:97:97:92:3e:23:84:ea:7b: 30:38:14:4f:b0:d3:a9:3f:0e:84:19:9f:b3:7c:4f: 86:82:cc:f4:88:cb:20:3b:a3:d1:ee:90:61:68:c9: 4a:1d:b7:5e:ed:b7:40:ee:56:ec:40:89:c8:1f:6d: 11:ee:58:4b:40:1b:dc:c8:dd:bc:f9:53:b1:e6:c2: 4c:39:e2:b6:7e:5c:11:bd:f8:4c:b9:5c:16:9c:09: 76:28:b2:59:45:cb:04:83:22:37:21:a2:ea:b9:38: 34:fe:77:83:85:03:c3:f5:ab:1d:1a:90:e1:58:bf: e7:10:91:00:27:fa:a2:07:c7:13:49:8e:f2:e5:fc: 3e:ed:f8:de:f8:6b:75:41:a8:cc:dc:ca:15:45:e3: 44:e8:b7:01:c2:94:d1:8a:f5:a9:aa:04:16:e2:79: 77:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:BC:86:50:5A:74:27:65:7E:3A:9D:73:C1:6F:09:74:BC:FE:5F:C9 X509v3 Authority Key Identifier: keyid:41:BF:BE:BE:63:52:1F:B0:4E:D8:12:3C:68:E5:C0:CD:AF:5D:05:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Qb--vmNSH7BO2BI8aOXAza9dBc0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170982/CF205C60AC1311ECB776B209C4F9AE02/Qb--vmNSH7BO2BI8aOXAza9dBc0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:3d:95:ff:65:df:c2:e5:d3:61:d7:a5:99:30:df:30:17:07: 90:4c:ec:82:57:5c:40:86:1d:45:12:a3:7b:0b:a9:46:0a:e6: bd:01:b8:2a:40:22:42:53:d1:72:47:b0:8c:73:18:2b:af:ba: 14:0f:d7:77:0a:41:aa:1e:d9:11:72:28:46:72:85:0a:e1:5a: 64:69:e1:0f:59:14:e7:a1:38:4e:ce:6e:5a:dc:48:71:1a:1c: 7b:f8:1a:b6:ab:ff:16:2e:86:15:83:3f:fd:9b:4b:b9:a3:88: dd:cd:0a:25:61:52:de:04:18:69:1d:bb:bb:59:f1:3f:f8:1d: e5:49:6c:cf:da:3e:6d:92:bf:cc:e7:09:6a:bd:c7:d1:b7:86: cc:7c:dd:aa:b9:0a:b4:64:1b:26:16:71:49:bd:4a:a6:af:7b: 05:7a:b7:69:90:71:a5:aa:bc:d5:f0:0b:c5:a3:0e:fe:f7:de: f1:2b:38:c7:f1:0f:6d:69:36:1d:71:f0:02:7c:d1:b3:17:16: 0a:c1:7a:c6:b4:f1:a3:bf:89:64:36:ea:b8:34:59:c7:6b:4e: f5:d9:b8:18:63:6b:88:04:44:6a:33:6f:bb:4e:1e:bd:4e:21: 40:11:ca:d1:11:0d:b4:e0:50:e4:b8:34:45:db:e6:c2:a4:bc: a9:05:4f:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA5ODIxMTAvBgNVBAUTKDQxQkZCRUJFNjM1MjFGQjA0RUQ4MTIzQzY4RTVDMENE QUY1RDA1Q0QwHhcNMjUwOTAzMDEwNzQwWhcNMjUwOTEwMDEwNzQwWjAYMRYwFAYD VQQDEw02OGI3OTRkYy05ZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3C5siWmBhKT9hDEcKfkSLmO30U5AJl/NHFUhJkhJfyjkpl2ouXzTFPI2Iy/q o02rOyfUkynvZRkIZP7KUuns7jtB4qtCkjILKqgkmNPh0r2/Ib73C0psBrvHQ0La bkDAl5eSPiOE6nswOBRPsNOpPw6EGZ+zfE+Ggsz0iMsgO6PR7pBhaMlKHbde7bdA 7lbsQInIH20R7lhLQBvcyN28+VOx5sJMOeK2flwRvfhMuVwWnAl2KLJZRcsEgyI3 IaLquTg0/neDhQPD9asdGpDhWL/nEJEAJ/qiB8cTSY7y5fw+7fje+Gt1QajM3MoV ReNE6LcBwpTRivWpqgQW4nl32wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNO8hlBa dCdlfjqdc8FvCXS8/l/JMB8GA1UdIwQYMBaAFEG/vr5jUh+wTtgSPGjlwM2vXQXN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDk4Mi9DRjIwNUM2MEFD MTMxMUVDQjc3NkIyMDlDNEY5QUUwMi9RYi0tdm1OU0g3Qk8yQkk4YU9YQXphOWRC YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FiLS12bU5TSDdCTzJCSThhT1hBemE5ZEJjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDk4Mi9DRjIwNUM2MEFDMTMxMUVDQjc3NkIyMDlDNEY5QUUwMi9RYi0tdm1OU0g3 Qk8yQkk4YU9YQXphOWRCYzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmPZX/Zd/C5dNh16WZMN8wFweQTOyCV1xAhh1FEqN7C6lGCua9Abgq QCJCU9FyR7CMcxgrr7oUD9d3CkGqHtkRcihGcoUK4VpkaeEPWRTnoThOzm5a3Ehx Ghx7+Bq2q/8WLoYVgz/9m0u5o4jdzQolYVLeBBhpHbu7WfE/+B3lSWzP2j5tkr/M 5wlqvcfRt4bMfN2quQq0ZBsmFnFJvUqmr3sFerdpkHGlqrzV8AvFow7+997xKzjH 8Q9taTYdcfACfNGzFxYKwXrGtPGjv4lkNuq4NFnHa0712bgYY2uIBERqM2+7Th69 TiFAEcrREQ204FDkuDRF2+bCpLypBU9e -----END CERTIFICATE-----Generated at Thu Sep 4 14:01:10 2025 by rpki-client