$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft File: qX6qTW8VW40nxAro4yfZulLDS0I.mft (raw, json) Hash identifier: tWdVgpmz7iUDKdb3dk+TzTc/94VM2cb4F/RwR/vMLxM= Subject key identifier: CB:B1:EF:63:C1:3C:8D:7F:82:75:F6:D4:0A:13:DE:3E:E2:76:E9:97 Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 0353 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft Manifest number: 0340 Signing time: Tue 09 Sep 2025 01:12:52 +0000 Manifest this update: Tue 09 Sep 2025 01:12:51 +0000 Manifest next update: Tue 16 Sep 2025 01:12:51 +0000 Files and hashes: 1: qX6qTW8VW40nxAro4yfZulLDS0I.crl (hash: 3bPT1Xuv6B0c34yCvgNUdTsKy6htiXG32jOw/TkxEmw=) 2: 595774341B6211F0B9733473C4F9AE02.roa (hash: 7H1WNXq4e92nwvgGNVFt3drbCtCA0vHzGWt+JS3qJgY=) 3: DCE70C6EF9B911ED8314C10EC4F9AE02.roa (hash: yEYfp9zlxIj6oN/RjQwAEbZkACgBbwz/31Qhgmxz4PU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 01:12:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 851 (0x353) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Sep 9 01:12:51 2025 GMT Not After : Sep 16 01:12:51 2025 GMT Subject: CN=68bf7f13-7a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:dc:ba:eb:fb:f9:81:bd:9e:06:97:43:f0:65: 91:bb:dc:7c:fc:4b:36:1b:ab:1b:37:fb:0a:bf:41: 56:a2:01:f6:ba:5b:1c:21:4b:d6:53:f5:4e:77:3a: 01:18:64:70:6e:0e:72:92:f1:fd:93:27:60:22:e9: 29:bc:25:e0:3f:7e:d3:79:b6:c5:84:d0:df:b4:aa: 97:91:e5:87:87:fc:27:b8:3c:4d:7a:ef:f1:48:90: e7:06:27:90:9c:ed:20:0d:ee:44:f7:9f:fd:87:7f: 2c:3b:80:e3:86:07:40:ff:15:10:d4:c4:37:f7:52: b2:cb:bb:4b:5a:f3:4a:45:0e:96:7e:7e:80:0a:9a: aa:53:6e:66:3e:ee:be:bf:b0:9e:e7:bd:1e:25:f6: 8e:db:35:3f:8c:66:80:6b:70:96:43:2b:1c:f2:3b: 2c:33:41:3a:18:9c:c8:52:f8:1c:11:ca:15:7c:a8: 23:7c:45:fb:09:b2:cd:75:16:85:5c:3e:91:a3:42: 0d:9e:b5:15:73:40:8f:f0:27:7e:22:f2:1d:65:b7: 1b:22:ad:77:5d:23:97:1d:dd:ca:e9:e5:ba:70:2f: 2e:14:cf:16:74:22:7f:dc:0b:6d:a9:88:75:71:21: d6:e4:dc:c0:c3:b8:75:cb:48:72:5d:b8:87:7c:f3: 20:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:B1:EF:63:C1:3C:8D:7F:82:75:F6:D4:0A:13:DE:3E:E2:76:E9:97 X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:ef:ae:8e:b5:5d:24:6e:e4:3a:17:cf:f2:5b:7e:7b:50:df: 08:25:11:ba:56:74:55:1d:34:47:f9:91:d7:d2:40:ea:f8:74: 37:08:4c:03:92:9c:71:3e:c9:fe:f7:64:c2:a2:34:a1:72:e4: df:37:a4:84:f7:b6:da:8f:b2:1a:a4:6d:4c:1f:8f:05:e0:e4: b0:6b:38:17:57:ad:a4:f5:e0:3b:73:c4:c2:e1:2e:7b:fa:42: 7b:ff:a0:22:91:cf:fd:62:66:fc:bb:71:f4:0e:fd:af:35:08: b3:36:67:d2:84:3b:01:5b:2d:58:13:9d:74:86:e9:1e:11:91: 80:4b:e4:79:a3:d7:bb:fe:20:71:b9:d5:ab:4c:2e:df:db:d2: ff:92:15:45:92:20:85:54:6e:fa:7f:ce:b6:b3:2d:9f:85:da: 6f:e4:dd:36:72:a0:4f:80:dc:48:4c:3a:26:c5:c5:7b:e5:f5: f3:29:29:aa:07:de:b8:a2:93:35:a2:d0:7f:85:aa:76:83:85: 03:8b:69:6c:0f:84:80:a0:59:70:13:03:91:9f:7e:cb:7c:ee: 7d:e5:0c:72:6a:a8:c1:da:25:b1:47:c1:00:c8:52:e5:4b:22: c6:ab:a5:e8:f7:96:ae:c4:60:21:c6:f0:d4:2b:5b:2a:8d:4c: 54:87:33:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwOTA5MDExMjUxWhcNMjUwOTE2MDExMjUxWjAYMRYwFAYD VQQDEw02OGJmN2YxMy03YThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAydy66/v5gb2eBpdD8GWRu9x8/Es2G6sbN/sKv0FWogH2ulscIUvWU/VOdzoB GGRwbg5ykvH9kydgIukpvCXgP37TebbFhNDftKqXkeWHh/wnuDxNeu/xSJDnBieQ nO0gDe5E95/9h38sO4DjhgdA/xUQ1MQ391Kyy7tLWvNKRQ6Wfn6ACpqqU25mPu6+ v7Ce570eJfaO2zU/jGaAa3CWQysc8jssM0E6GJzIUvgcEcoVfKgjfEX7CbLNdRaF XD6Ro0INnrUVc0CP8Cd+IvIdZbcbIq13XSOXHd3K6eW6cC8uFM8WdCJ/3AttqYh1 cSHW5NzAw7h1y0hyXbiHfPMghQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMux72PB PI1/gnX21AoT3j7idumXMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjRBRi9DQzdCMjU1QURDQTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0 MG54QXJvNHlmWnVsTERTMEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCH766OtV0kbuQ6F8/yW357UN8IJRG6VnRVHTRH+ZHX0kDq+HQ3CEwD kpxxPsn+92TCojShcuTfN6SE97baj7IapG1MH48F4OSwazgXV62k9eA7c8TC4S57 +kJ7/6Aikc/9Ymb8u3H0Dv2vNQizNmfShDsBWy1YE510hukeEZGAS+R5o9e7/iBx udWrTC7f29L/khVFkiCFVG76f862sy2fhdpv5N02cqBPgNxITDomxcV75fXzKSmq B964opM1otB/hap2g4UDi2lsD4SAoFlwEwORn37LfO595QxyaqjB2iWxR8EAyFLl SyLGq6Xo95auxGAhxvDUK1sqjUxUhzMF -----END CERTIFICATE-----Generated at Wed Sep 10 16:04:40 2025 by rpki-client