$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: teaITYhS1/VIX9fWl9a2HnVk+d1XDG/ISKLCoGLzee4= Subject key identifier: 4C:62:30:5F:70:78:32:BD:C5:EC:2E:CB:0D:A9:48:24:32:63:42:76 Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 23 Signing time: Thu 21 Aug 2025 08:05:01 +0000 Manifest this update: Thu 21 Aug 2025 08:05:00 +0000 Manifest next update: Thu 28 Aug 2025 08:05:00 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: aV7riBnr5P7fe0PJ2MFpHm3EitBv6Rmm5hoefho4RPk=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 6vL95HASIeMq5sE95QjJyODMvxYaOtsSaHmjFpdm+bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 08:05:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Aug 21 08:05:00 2025 GMT Not After : Aug 28 08:05:00 2025 GMT Subject: CN=68a6d32d-155d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:11:ae:34:98:11:9d:89:32:8d:3a:8f:11:31: c3:c2:d2:1d:8e:9d:f9:15:d3:a6:08:95:b6:62:42: 39:28:40:0d:56:83:66:59:e5:9b:cf:c0:cb:90:ea: ea:a8:2a:be:aa:39:ad:79:4c:18:c9:80:56:dc:89: dd:6a:0c:8a:74:8a:2e:68:67:07:f6:eb:2e:75:99: 72:9f:3a:6b:08:fc:23:c3:b5:11:0e:b0:cf:95:70: 1c:0b:d8:9a:07:72:bf:95:1f:d3:c2:c0:ee:3d:5d: 53:ee:46:65:13:fb:6c:5b:d2:63:d8:2b:43:58:0e: 3b:7c:50:c0:ff:f3:a6:b7:93:e7:0a:1f:10:c4:c0: 88:d4:e5:4e:f6:7d:59:bf:bc:d5:46:35:42:25:14: c0:00:34:c6:bd:86:68:31:e9:6d:07:38:3b:74:19: 6a:53:83:be:d4:25:d7:e3:38:42:f6:16:b1:71:ee: a6:de:16:d6:e0:c9:e3:a1:f7:ee:e4:03:79:72:2a: c9:13:55:a5:3c:1e:d2:83:47:de:29:c6:90:81:5c: 0c:72:85:52:bb:46:38:10:e9:d7:9b:60:bf:12:e2: b2:84:cd:08:e5:f0:59:7f:6b:0b:85:84:dc:82:80: 53:b0:74:3f:55:a6:c4:e3:7a:7e:8d:51:72:bf:b5: 9a:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:62:30:5F:70:78:32:BD:C5:EC:2E:CB:0D:A9:48:24:32:63:42:76 X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:40:8d:fb:f8:bb:26:03:db:12:30:04:2e:0e:c1:34:f1:d8: 89:40:0c:5b:77:fb:e1:94:f7:ac:4b:95:d0:58:5e:8b:3b:9c: bc:2e:99:87:77:cb:07:9f:2b:ee:46:be:4d:3a:c6:ef:31:ec: 44:b8:dc:16:54:7a:23:a0:d3:2c:3a:b0:02:3d:03:2e:05:6b: bf:39:0c:ba:44:77:44:05:25:cc:7c:81:7a:9f:5b:62:78:99: af:41:55:57:19:f4:f0:3c:09:fe:3a:1f:c7:bc:a6:4b:a7:20: c2:08:c5:cb:e3:f1:86:e7:eb:ab:d6:98:b9:f8:6d:83:89:ee: 32:1f:89:31:03:fe:a2:96:21:57:8d:b6:e2:fb:3f:ef:88:a7: 25:fd:19:35:19:dd:6f:2d:ca:70:82:c5:ff:3d:af:c8:5b:b7: 5e:ce:fa:fc:3d:6c:32:ac:0f:c7:11:2d:d6:93:3b:68:60:c0: 87:65:0d:aa:0c:2e:9e:f8:b5:a8:f0:72:a2:fe:de:71:6a:9c: e6:26:84:dd:00:30:02:0a:10:d3:b5:e4:00:b6:7f:d5:f1:da: 32:b3:a4:3e:c5:22:cc:75:5d:76:e4:2b:50:c6:e8:0e:63:a3: 31:c6:6d:86:10:93:af:67:3c:a2:58:41:7e:d1:a9:3d:d3:f2: 95:8e:e2:1a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTA4MjEwODA1MDBaFw0yNTA4MjgwODA1MDBaMBgxFjAUBgNV BAMTDTY4YTZkMzJkLTE1NWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3Ea40mBGdiTKNOo8RMcPC0h2OnfkV06YIlbZiQjkoQA1Wg2ZZ5ZvPwMuQ6uqo Kr6qOa15TBjJgFbcid1qDIp0ii5oZwf26y51mXKfOmsI/CPDtREOsM+VcBwL2JoH cr+VH9PCwO49XVPuRmUT+2xb0mPYK0NYDjt8UMD/86a3k+cKHxDEwIjU5U72fVm/ vNVGNUIlFMAANMa9hmgx6W0HODt0GWpTg77UJdfjOEL2FrFx7qbeFtbgyeOh9+7k A3lyKskTVaU8HtKDR94pxpCBXAxyhVK7RjgQ6debYL8S4rKEzQjl8Fl/awuFhNyC gFOwdD9VpsTjen6NUXK/tZrdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTGIwX3B4 Mr3F7C7LDalIJDJjQnYwHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAM1Ajfv4uyYD2xIwBC4OwTTx2IlADFt3++GU96xLldBYXos7nLwumYd3 ywefK+5Gvk06xu8x7ES43BZUeiOg0yw6sAI9Ay4Fa785DLpEd0QFJcx8gXqfW2J4 ma9BVVcZ9PA8Cf46H8e8pkunIMIIxcvj8Ybn66vWmLn4bYOJ7jIfiTED/qKWIVeN tuL7P++IpyX9GTUZ3W8tynCCxf89r8hbt17O+vw9bDKsD8cRLdaTO2hgwIdlDaoM Lp74tajwcqL+3nFqnOYmhN0AMAIKENO15AC2f9Xx2jKzpD7FIsx1XXbkK1DG6A5j ozHGbYYQk69nPKJYQX7RqT3T8pWO4ho= -----END CERTIFICATE-----Generated at Sat Aug 23 03:27:34 2025 by rpki-client