$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft File: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft (raw, json) Hash identifier: fqfWHXfAw+uzo44aekYHN+4siTfZMIINwU8RUk2rfp4= Subject key identifier: 95:75:ED:F0:7B:CB:0F:D9:B1:24:F8:0B:11:12:80:CF:3D:8F:7F:07 Authority key identifier: 41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD Certificate issuer: /CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Certificate serial: 034A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft Manifest number: 0344 Signing time: Thu 23 Oct 2025 02:22:43 +0000 Manifest this update: Thu 23 Oct 2025 02:22:42 +0000 Manifest next update: Thu 30 Oct 2025 02:22:42 +0000 Files and hashes: 1: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl (hash: hx1N8v5Q18OfggNNW14KkekxY2ycQrqTOEbCrodD9WU=) 2: 7BCC4B32E85C11EE9593933FC4F9AE02.roa (hash: C9cBIgp62dlijuyH/TsefWQ1spYTduwHvoUlA7V/520=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 02:22:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 842 (0x34a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E91BC, serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Validity Not Before: Oct 23 02:22:42 2025 GMT Not After : Oct 30 02:22:42 2025 GMT Subject: CN=68f99172-9a40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:1d:83:99:4c:21:9b:14:89:56:1e:f7:c9:fa: a2:c8:fd:23:d9:8d:18:b4:c6:ea:ef:b9:b0:cd:13: fa:13:34:3d:2b:50:0d:79:e8:c4:c3:0f:af:c7:e2: 9d:36:f0:80:bf:7f:3d:17:28:bd:ac:14:bc:4b:2a: 1a:da:16:88:ae:43:12:2f:fc:e3:d0:ec:aa:22:42: 24:cb:8f:bb:00:f5:fe:03:41:67:88:04:94:af:9e: 14:13:a0:7f:02:04:f1:a6:a3:7f:86:5c:15:b9:05: 67:f9:e8:b6:b5:e3:9a:bf:ec:94:81:60:7a:7b:fb: fb:6a:3f:99:ed:98:cf:d0:88:d2:7c:f2:da:6b:7d: f2:80:e1:64:cd:25:84:4a:c9:b2:7b:66:11:5f:8a: 08:ce:5c:0b:b2:2e:a2:ba:f6:ae:ee:e5:84:5f:59: 36:78:4c:86:0c:58:9a:23:0d:d4:67:ff:1e:cc:4c: 8d:c9:4b:50:34:0b:a0:31:eb:49:da:10:1e:f8:12: 79:32:8a:ad:c5:1b:1d:f9:6f:33:e9:e7:b9:bc:8e: 19:ae:2f:d8:4d:eb:5c:82:b8:19:1a:ae:bf:5c:33: ad:17:0b:a4:af:43:b1:b4:ba:11:21:f5:82:70:da: d5:b5:9a:d9:fe:9d:ac:56:30:a4:7b:92:9f:65:45: 94:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:75:ED:F0:7B:CB:0F:D9:B1:24:F8:0B:11:12:80:CF:3D:8F:7F:07 X509v3 Authority Key Identifier: keyid:41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:7f:d5:cf:7b:87:c6:72:74:ea:e2:30:51:11:9e:f3:b3:e3: 39:2b:5c:8d:ae:ee:82:6f:e5:59:df:d9:5d:e3:e4:cb:ac:21: b9:83:f1:6b:3f:1a:04:86:00:0c:ac:14:9b:80:92:83:66:8d: 57:ab:8b:df:c3:21:32:52:bf:38:e8:cf:2e:eb:0c:37:75:6e: 91:97:8f:ea:81:73:4a:cb:18:8e:32:a3:a1:ab:48:0c:7a:fd: e4:9b:e7:58:45:a1:64:c1:8b:dd:e4:8e:ed:da:6f:31:b9:40: 0c:3b:6f:f3:c0:68:4a:ba:20:fd:ce:a4:80:6d:72:4c:cc:e4: e6:90:c5:15:08:f0:2d:08:4a:51:e5:7f:2d:46:d3:27:a3:ce: e5:3b:b1:27:ae:86:25:a4:3f:d3:4a:4d:3b:1e:37:dc:ef:35: 6e:8a:e8:c9:00:1c:b8:80:ee:32:16:3f:7a:a5:67:9e:d6:27: 72:e9:44:e6:2f:9c:9b:c9:53:59:65:6d:cb:9a:dc:55:48:c6: d6:3f:bd:cf:a2:b9:ac:39:47:fe:52:fd:03:ad:1f:dc:d9:72: bb:ff:0a:fd:74:39:99:a3:7c:ea:8c:9d:2a:75:f2:36:3e:2f: 80:ca:e6:08:d6:8c:5c:3e:fa:8a:90:72:ca:b2:8d:c4:8a:16: 4f:d2:c7:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTkxQkMxMTAvBgNVBAUTKDQxNEZCNjE3ODg2OTEzMEY4MjZFOUUzMEMwQjc5NDA4 NEQ5NzYwREQwHhcNMjUxMDIzMDIyMjQyWhcNMjUxMDMwMDIyMjQyWjAYMRYwFAYD VQQDEw02OGY5OTE3Mi05YTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApR2DmUwhmxSJVh73yfqiyP0j2Y0YtMbq77mwzRP6EzQ9K1ANeejEww+vx+Kd NvCAv389Fyi9rBS8Syoa2haIrkMSL/zj0OyqIkIky4+7APX+A0FniASUr54UE6B/ AgTxpqN/hlwVuQVn+ei2teOav+yUgWB6e/v7aj+Z7ZjP0IjSfPLaa33ygOFkzSWE Ssmye2YRX4oIzlwLsi6iuvau7uWEX1k2eEyGDFiaIw3UZ/8ezEyNyUtQNAugMetJ 2hAe+BJ5MoqtxRsd+W8z6ee5vI4Zri/YTetcgrgZGq6/XDOtFwukr0OxtLoRIfWC cNrVtZrZ/p2sVjCke5KfZUWUlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJV17fB7 yw/ZsST4CxESgM89j38HMB8GA1UdIwQYMBaAFEFPtheIaRMPgm6eMMC3lAhNl2Dd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BNEU2NzNDQURC RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3LUNicDR3d0xlVUNFMlhZ TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FVLTJGNGhwRXctQ2JwNHd3TGVVQ0UyWFlOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTFCQy9BNEU2NzNDQURCRTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3 LUNicDR3d0xlVUNFMlhZTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmf9XPe4fGcnTq4jBREZ7zs+M5K1yNru6Cb+VZ39ld4+TLrCG5g/Fr PxoEhgAMrBSbgJKDZo1Xq4vfwyEyUr846M8u6ww3dW6Rl4/qgXNKyxiOMqOhq0gM ev3km+dYRaFkwYvd5I7t2m8xuUAMO2/zwGhKuiD9zqSAbXJMzOTmkMUVCPAtCEpR 5X8tRtMno87lO7EnroYlpD/TSk07Hjfc7zVuiujJABy4gO4yFj96pWee1idy6UTm L5ybyVNZZW3LmtxVSMbWP73PormsOUf+Uv0DrR/c2XK7/wr9dDmZo3zqjJ0qdfI2 Pi+AyuYI1oxcPvqKkHLKso3EihZP0sef -----END CERTIFICATE-----Generated at Thu Oct 23 06:40:38 2025 by rpki-client