$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: tHcC8d3o9l0r6RlCJ6BprS61zRM9ht/sbPSt+PiORU8= Subject key identifier: 6E:CD:36:AF:4F:59:27:2A:FE:EC:5A:64:53:59:EC:7E:53:82:1A:5A Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 0B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 0A Signing time: Mon 07 Jul 2025 08:32:16 +0000 Manifest this update: Mon 07 Jul 2025 08:32:16 +0000 Manifest next update: Mon 14 Jul 2025 08:32:16 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: 96t8kUcgAOf+bGxfZOuERiEKDdlt0cYGfPADIdWRGnE=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 2H3e7+PBc7N5RCXfIcsa8NeIvhDAcL+EHvFknu1mSJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Jul 2025 08:32:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Jul 7 08:32:16 2025 GMT Not After : Jul 14 08:32:16 2025 GMT Subject: CN=686b8610-287b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a1:47:49:17:f8:c6:6d:bc:86:e4:21:59:f8: 2f:51:d1:a3:55:b6:6d:ff:ef:76:21:cf:ea:04:ac: e6:ae:ac:d4:83:95:b7:a0:f2:f9:a1:7b:ad:25:8b: 9d:22:af:b2:60:7b:d4:31:95:5e:d6:cc:e7:f7:9f: 9a:24:e4:e0:45:5c:e9:8d:11:c9:c2:4b:4e:cb:16: 01:1e:e1:ab:d0:87:55:87:68:e3:4d:e9:18:99:da: 81:4c:08:9a:b7:54:40:01:fb:f7:ab:19:f6:cb:5b: 02:9a:f0:7c:47:07:92:60:d0:26:aa:26:b3:a4:b9: 38:99:f6:af:c0:b2:9c:10:98:54:bd:52:1e:6f:94: 39:99:88:8c:2b:d9:be:06:84:db:b9:d4:7b:a2:90: d5:18:55:fd:0e:c0:f4:97:fe:f6:74:40:b6:82:c9: a2:7b:3a:ae:4d:9e:fe:a9:cd:f0:e0:56:b0:61:df: bb:b6:22:ba:e9:fa:dc:0b:45:05:c8:6e:bb:33:0b: 41:28:a5:12:e3:19:c0:19:b9:cc:8b:8b:ae:8f:ad: f8:07:bf:26:c7:ca:f9:f7:5a:5c:49:ee:4a:0d:48: 03:21:ce:b4:15:4a:0a:4c:e8:11:ff:67:28:37:f2: f8:7b:0a:53:f5:a9:1e:aa:9c:5a:64:fe:b6:49:bf: 39:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:CD:36:AF:4F:59:27:2A:FE:EC:5A:64:53:59:EC:7E:53:82:1A:5A X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d2:94:07:51:7e:96:fc:1f:11:19:a6:37:31:22:a5:b7:f1:a7: 84:e2:eb:1a:69:c7:e7:3c:be:f3:38:57:9a:2d:9a:c4:83:e8: 6b:40:47:7d:13:f4:1a:d3:21:69:48:57:cd:e6:d5:73:17:cf: fe:48:57:96:b7:ee:25:84:32:35:d2:17:a7:24:6e:92:96:84: 93:45:d6:0e:0e:93:23:4f:3d:5c:c2:c3:68:d9:9b:bd:dd:1b: 65:7a:1d:59:c6:84:5a:a3:93:b1:f2:73:70:15:98:ef:12:e0: 53:32:ff:1a:ce:8c:48:b7:fc:4b:28:20:71:83:df:4f:23:93: 5f:25:01:d1:fd:44:2a:31:13:50:f5:4b:e0:2d:6c:e5:f7:fc: e7:ed:42:c8:70:28:b7:e7:47:7a:11:8c:bd:ef:3c:54:8f:33: 16:85:f7:bf:0f:53:fd:e1:ad:6a:1d:eb:55:b2:86:3e:15:06: 25:0b:c0:36:72:7f:32:28:29:e6:9c:bd:dd:3f:7b:f6:d3:c7: 7a:90:f1:7f:33:29:b9:51:b9:71:02:91:cc:d0:2d:7b:dc:dd: 32:e2:fb:9c:73:eb:7d:c5:78:75:2e:00:f4:dc:85:b1:fd:5c: 13:e7:60:4e:84:63:be:a4:1f:df:c7:03:d2:60:2f:fa:12:b0: 9a:78:7f:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTA3MDcwODMyMTZaFw0yNTA3MTQwODMyMTZaMBgxFjAUBgNV BAMTDTY4NmI4NjEwLTI4N2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+oUdJF/jGbbyG5CFZ+C9R0aNVtm3/73Yhz+oErOaurNSDlbeg8vmhe60li50i r7Jge9QxlV7WzOf3n5ok5OBFXOmNEcnCS07LFgEe4avQh1WHaONN6RiZ2oFMCJq3 VEAB+/erGfbLWwKa8HxHB5Jg0CaqJrOkuTiZ9q/AspwQmFS9Uh5vlDmZiIwr2b4G hNu51HuikNUYVf0OwPSX/vZ0QLaCyaJ7Oq5Nnv6pzfDgVrBh37u2Irrp+twLRQXI brszC0EopRLjGcAZucyLi66PrfgHvybHyvn3WlxJ7koNSAMhzrQVSgpM6BH/Zyg3 8vh7ClP1qR6qnFpk/rZJvznZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUbs02r09Z Jyr+7FpkU1nsflOCGlowHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANKUB1F+lvwfERmmNzEipbfxp4Ti6xppx+c8vvM4V5otmsSD6GtAR30T 9BrTIWlIV83m1XMXz/5IV5a37iWEMjXSF6ckbpKWhJNF1g4OkyNPPVzCw2jZm73d G2V6HVnGhFqjk7Hyc3AVmO8S4FMy/xrOjEi3/EsoIHGD308jk18lAdH9RCoxE1D1 S+AtbOX3/OftQshwKLfnR3oRjL3vPFSPMxaF978PU/3hrWod61Wyhj4VBiULwDZy fzIoKeacvd0/e/bTx3qQ8X8zKblRuXECkczQLXvc3TLi+5xz633FeHUuAPTchbH9 XBPnYE6EY76kH9/HA9JgL/oSsJp4f8c= -----END CERTIFICATE-----Generated at Mon Jul 7 23:51:06 2025 by rpki-client