$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft File: sqo-Olsp4PQc3Vphf3-2o3obkBE.mft (raw, json) Hash identifier: WCfU59Wja5lfZ/nssgRkEfISqr6W2OtxVM/ar7Svf0o= Subject key identifier: 5A:8F:DB:86:B6:E0:5F:CF:3F:2C:07:91:03:D5:AD:2D:C3:D1:DC:E5 Authority key identifier: B2:AA:3E:3A:5B:29:E0:F4:1C:DD:5A:61:7F:7F:B6:A3:7A:1B:90:11 Certificate issuer: /CN=A91FB924/serialNumber=B2AA3E3A5B29E0F41CDD5A617F7FB6A37A1B9011 Certificate serial: 34C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft Manifest number: 34B9 Signing time: Sun 24 Aug 2025 14:35:26 +0000 Manifest this update: Sun 24 Aug 2025 14:35:26 +0000 Manifest next update: Sun 31 Aug 2025 14:35:26 +0000 Files and hashes: 1: sqo-Olsp4PQc3Vphf3-2o3obkBE.crl (hash: 7JhvlTC+wWhK/qnaOQCcPdbTVbhnGswkAeqd/NVCdOM=) 2: DF502EECD44511E984021644C4F9AE02.roa (hash: lhTwffgGoDZ+11LSS1CyopFlM7JUjXizmn+X+Kky/Wk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.crl rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 14:35:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13504 (0x34c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB924, serialNumber=B2AA3E3A5B29E0F41CDD5A617F7FB6A37A1B9011 Validity Not Before: Aug 24 14:35:26 2025 GMT Not After : Aug 31 14:35:26 2025 GMT Subject: CN=68ab232e-129d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0a:e5:60:5c:92:d7:bd:31:be:81:ea:56:2f: 51:c9:19:c1:19:4a:42:79:63:c4:16:6c:53:7f:d6: 4e:a0:41:80:d7:db:63:46:b3:81:ee:12:62:df:51: 38:7d:80:15:f3:80:da:53:58:bb:cc:ca:d2:65:dd: 17:4c:82:9c:96:74:f7:f4:e0:e9:2e:73:e9:ca:c0: 63:5b:68:3b:a3:31:eb:2a:81:cf:b7:0d:b4:88:f4: 50:6f:d8:8f:8f:de:e5:a5:6b:b9:4f:64:45:61:15: 85:b8:69:08:77:8f:1e:64:2c:d6:4d:6b:60:a4:1d: d1:19:cf:5e:9f:9a:c0:45:a9:4e:38:7c:94:b8:43: c5:1e:6c:d6:1b:c3:87:2a:dd:1f:dc:f3:61:60:99: 0e:34:13:33:f2:74:48:6b:af:33:5e:93:d5:24:9c: 14:50:23:2d:8e:c8:b9:69:f1:45:52:7a:00:d6:9a: a3:b9:b5:a0:8f:9f:7b:14:6f:79:65:42:d7:60:ab: 0d:89:03:d1:3c:8d:60:c6:15:e9:a8:cf:d2:f8:63: f5:08:01:44:ff:d0:be:dd:01:4f:d1:87:27:17:6c: 18:cd:f4:ad:fe:fe:96:f5:2f:af:96:76:f3:c0:46: a5:dd:4d:05:73:f4:50:e1:61:c5:ce:00:1c:20:b3: de:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:8F:DB:86:B6:E0:5F:CF:3F:2C:07:91:03:D5:AD:2D:C3:D1:DC:E5 X509v3 Authority Key Identifier: keyid:B2:AA:3E:3A:5B:29:E0:F4:1C:DD:5A:61:7F:7F:B6:A3:7A:1B:90:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqo-Olsp4PQc3Vphf3-2o3obkBE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB924/FED23D821D8B11E286A2E5E608B02CD2/sqo-Olsp4PQc3Vphf3-2o3obkBE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption db:04:5f:b9:ad:91:df:c2:ac:53:bf:ff:b3:83:f4:3c:bb:1d: 50:bb:53:0b:81:fe:6c:7a:8f:48:1f:16:4f:0e:8d:73:3f:5b: cb:bc:62:4b:14:73:75:0f:e1:76:be:d7:81:10:30:98:22:91: b0:de:58:ea:91:8e:c4:85:2a:1f:49:25:63:5c:4c:2b:73:b4: 9f:24:e9:d4:71:84:a4:56:89:b8:57:ec:47:06:82:30:59:f5: f1:af:ac:ae:4f:ae:d9:3f:72:5e:9a:30:e2:5c:76:bd:de:b0: 87:a5:96:a0:f3:58:92:a1:4f:46:1f:c7:a4:11:a9:23:92:4d: f2:a4:67:17:1f:c6:5f:31:29:94:7c:7b:6e:63:77:47:94:5d: db:37:62:7b:31:36:ee:6c:11:81:0e:2f:6d:f7:f8:31:28:c3: 2a:f6:0b:42:70:c4:e9:9f:ec:1e:38:41:b9:3c:ca:e5:c5:a4: b0:69:d9:47:e3:26:f8:59:f0:04:31:27:c3:cc:4e:60:79:3e: 17:75:74:84:73:6b:02:73:23:3d:da:21:92:cf:c4:94:53:35: 24:f9:31:be:02:ec:ac:b4:c4:bd:52:bb:47:3d:38:11:dd:df: 99:20:8a:35:db:6a:60:78:e1:4c:12:80:8a:12:6f:60:ea:a3: c4:61:ef:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkI5MjQxMTAvBgNVBAUTKEIyQUEzRTNBNUIyOUUwRjQxQ0RENUE2MTdGN0ZCNkEz N0ExQjkwMTEwHhcNMjUwODI0MTQzNTI2WhcNMjUwODMxMTQzNTI2WjAYMRYwFAYD VQQDEw02OGFiMjMyZS0xMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQrlYFyS170xvoHqVi9RyRnBGUpCeWPEFmxTf9ZOoEGA19tjRrOB7hJi31E4 fYAV84DaU1i7zMrSZd0XTIKclnT39ODpLnPpysBjW2g7ozHrKoHPtw20iPRQb9iP j97lpWu5T2RFYRWFuGkId48eZCzWTWtgpB3RGc9en5rARalOOHyUuEPFHmzWG8OH Kt0f3PNhYJkONBMz8nRIa68zXpPVJJwUUCMtjsi5afFFUnoA1pqjubWgj597FG95 ZULXYKsNiQPRPI1gxhXpqM/S+GP1CAFE/9C+3QFP0YcnF2wYzfSt/v6W9S+vlnbz wEal3U0Fc/RQ4WHFzgAcILPe+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFqP24a2 4F/PPywHkQPVrS3D0dzlMB8GA1UdIwQYMBaAFLKqPjpbKeD0HN1aYX9/tqN6G5AR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQjkyNC9GRUQyM0Q4MjFE OEIxMUUyODZBMkU1RTYwOEIwMkNEMi9zcW8tT2xzcDRQUWMzVnBoZjMtMm8zb2Jr QkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Nxby1PbHNwNFBRYzNWcGhmMy0ybzNvYmtCRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QjkyNC9GRUQyM0Q4MjFEOEIxMUUyODZBMkU1RTYwOEIwMkNEMi9zcW8tT2xzcDRQ UWMzVnBoZjMtMm8zb2JrQkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDbBF+5rZHfwqxTv/+zg/Q8ux1Qu1MLgf5seo9IHxZPDo1zP1vLvGJL FHN1D+F2vteBEDCYIpGw3ljqkY7EhSofSSVjXEwrc7SfJOnUcYSkVom4V+xHBoIw WfXxr6yuT67ZP3JemjDiXHa93rCHpZag81iSoU9GH8ekEakjkk3ypGcXH8ZfMSmU fHtuY3dHlF3bN2J7MTbubBGBDi9t9/gxKMMq9gtCcMTpn+weOEG5PMrlxaSwadlH 4yb4WfAEMSfDzE5geT4XdXSEc2sCcyM92iGSz8SUUzUk+TG+AuystMS9UrtHPTgR 3d+ZIIo122pgeOFMEoCKEm9g6qPEYe9x -----END CERTIFICATE-----Generated at Sun Aug 24 21:29:12 2025 by rpki-client