$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft File: QSPpAOai7I_ptdcDt5KA7yFAfIE.mft (raw, json) Hash identifier: 4mDniAWk/44bUGkpqbFoCSMjv4fti+08D6VQdOPcVnI= Subject key identifier: 60:5B:FF:3D:7F:40:FD:F0:70:5B:32:17:8F:F4:2D:86:2C:4D:0E:E2 Authority key identifier: 41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81 Certificate issuer: /CN=A91F3B2E/serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81 Certificate serial: 01EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft Manifest number: 01D6 Signing time: Thu 21 Aug 2025 03:08:17 +0000 Manifest this update: Thu 21 Aug 2025 03:08:16 +0000 Manifest next update: Thu 28 Aug 2025 03:08:16 +0000 Files and hashes: 1: QSPpAOai7I_ptdcDt5KA7yFAfIE.crl (hash: zViuf3m9yW8IsPCiXJ2f9avgKukeOCnVqRVLUeAFtfU=) 2: A91AF6A8CE7811EF89FA3944C4F9AE02.roa (hash: xYipp+ZcmQFz/ogxlth1vHSd96eYxW/drt1nbOwk66E=) 3: 2B8EF9AA083911F0A051CE72C4F9AE02.roa (hash: NUJLc0QRL6TCVIjI3d7tAKvp2NahPW0NGI52wQUI1t4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.crl rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 03:08:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 490 (0x1ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3B2E, serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81 Validity Not Before: Aug 21 03:08:16 2025 GMT Not After : Aug 28 03:08:16 2025 GMT Subject: CN=68a68da0-bdbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:18:9f:fc:62:4d:d2:5d:87:f1:f3:72:bd:e5: 8c:79:4c:0f:f4:a8:da:86:e4:83:ff:c7:e2:4b:8b: 98:a9:87:89:b0:1a:3c:e0:08:48:74:b1:7d:b9:18: 17:fe:67:61:e8:d6:da:1a:f1:a8:4b:e2:3a:56:57: 8e:38:66:cd:86:92:58:90:ab:a2:c9:8d:1a:0e:dc: 5f:64:4c:08:16:8d:85:f7:e9:c8:30:3a:0b:ef:fc: c8:67:fc:34:9f:f5:d6:98:eb:c6:8c:31:a0:ea:97: 63:fb:13:62:7d:e8:dd:67:10:a4:a6:8b:1f:58:55: cd:03:62:50:51:fd:cf:dd:c2:b1:0a:ae:94:33:6e: 00:ef:b4:07:79:20:f9:7a:ff:4d:fb:10:19:05:20: 4c:f3:d2:e1:26:66:92:45:fb:eb:90:6e:ac:7d:a5: 5a:7e:61:81:0b:68:4d:f8:4b:fc:06:42:09:9f:66: 13:7b:63:86:f0:07:1d:4a:de:5e:4a:e7:01:0f:6f: b7:d7:c3:9a:52:8d:cf:74:9a:82:6e:50:6c:ef:77: fa:5d:62:02:e8:98:e2:17:b9:f6:99:5a:a0:bb:9c: f5:01:3e:d0:e8:9e:2f:bb:47:9e:54:4b:05:05:36: a2:89:ac:69:2f:6c:d4:9c:ef:ea:59:3b:61:5f:5a: dc:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5B:FF:3D:7F:40:FD:F0:70:5B:32:17:8F:F4:2D:86:2C:4D:0E:E2 X509v3 Authority Key Identifier: keyid:41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:b2:9b:ee:5c:0f:d5:f0:b1:ea:68:c7:0d:cb:0d:77:e6:4d: d0:b9:3a:ea:e8:50:b9:8f:2c:dc:f1:12:10:98:ff:5b:61:80: 47:cd:1c:44:27:87:a5:59:d1:3c:37:78:99:6f:e5:58:4e:c1: a5:55:0a:45:ef:f1:c7:59:2c:a7:f1:29:b5:a1:50:4d:95:ae: 98:91:ed:00:d1:5c:4e:8b:87:52:ee:d4:fc:36:32:b5:88:85: 2f:1f:46:1b:8a:00:8f:c2:bf:bc:80:0e:dc:c5:2b:4f:38:4a: c8:56:95:70:9d:b7:5e:ac:71:ee:c8:ea:99:93:a1:02:43:1f: 8d:7b:22:82:73:2e:42:77:a6:d9:43:ea:77:a5:9a:e1:9a:21: 24:4d:a9:63:13:07:f3:b0:46:0f:9a:ea:2c:f0:ff:45:d1:85: d5:10:82:0c:16:3f:57:5e:6d:84:f1:6f:0f:f5:bb:05:51:de: 6a:0c:5e:06:91:0a:25:1d:0e:34:99:17:4f:e8:39:07:e0:d4: 70:55:14:86:2d:91:54:f2:46:c0:d2:59:e4:81:48:f8:16:92: 8b:7e:d5:37:75:7e:a2:43:25:f2:3a:2b:fa:aa:89:ad:db:2e: 77:61:c2:58:32:86:8d:f7:dd:ae:c3:7a:51:dc:e0:18:e3:a4: 37:a9:d2:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNCMkUxMTAvBgNVBAUTKDQxMjNFOTAwRTZBMkVDOEZFOUI1RDcwM0I3OTI4MEVG MjE0MDdDODEwHhcNMjUwODIxMDMwODE2WhcNMjUwODI4MDMwODE2WjAYMRYwFAYD VQQDEw02OGE2OGRhMC1iZGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0hif/GJN0l2H8fNyveWMeUwP9KjahuSD/8fiS4uYqYeJsBo84AhIdLF9uRgX /mdh6NbaGvGoS+I6VleOOGbNhpJYkKuiyY0aDtxfZEwIFo2F9+nIMDoL7/zIZ/w0 n/XWmOvGjDGg6pdj+xNifejdZxCkposfWFXNA2JQUf3P3cKxCq6UM24A77QHeSD5 ev9N+xAZBSBM89LhJmaSRfvrkG6sfaVafmGBC2hN+Ev8BkIJn2YTe2OG8AcdSt5e SucBD2+318OaUo3PdJqCblBs73f6XWIC6JjiF7n2mVqgu5z1AT7Q6J4vu0eeVEsF BTaiiaxpL2zUnO/qWTthX1rcSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGBb/z1/ QP3wcFsyF4/0LYYsTQ7iMB8GA1UdIwQYMBaAFEEj6QDmouyP6bXXA7eSgO8hQHyB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0IyRS8wRjU1QzY5NkQ2 N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJX3B0ZGNEdDVLQTd5RkFm SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FTUHBBT2FpN0lfcHRkY0R0NUtBN3lGQWZJRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0IyRS8wRjU1QzY5NkQ2N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJ X3B0ZGNEdDVLQTd5RkFmSUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxspvuXA/V8LHqaMcNyw135k3QuTrq6FC5jyzc8RIQmP9bYYBHzRxE J4elWdE8N3iZb+VYTsGlVQpF7/HHWSyn8Sm1oVBNla6Yke0A0VxOi4dS7tT8NjK1 iIUvH0YbigCPwr+8gA7cxStPOErIVpVwnbderHHuyOqZk6ECQx+NeyKCcy5Cd6bZ Q+p3pZrhmiEkTaljEwfzsEYPmuos8P9F0YXVEIIMFj9XXm2E8W8P9bsFUd5qDF4G kQolHQ40mRdP6DkH4NRwVRSGLZFU8kbA0lnkgUj4FpKLftU3dX6iQyXyOiv6qomt 2y53YcJYMoaN992uw3pR3OAY46Q3qdKA -----END CERTIFICATE-----Generated at Fri Aug 22 16:28:48 2025 by rpki-client