$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: Tp0L5DFEZwsiCeuAHEfNmJUtBF5tGXvuiN1tZjp8wSM= Subject key identifier: D9:FF:2F:43:85:A4:BD:0A:F5:52:72:90:E4:76:1A:AF:0D:8E:BB:BD Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2170 Signing time: Fri 30 May 2025 16:06:46 +0000 Manifest this update: Fri 30 May 2025 16:06:45 +0000 Manifest next update: Fri 06 Jun 2025 16:06:45 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: 15ArDsyt9ph+I+99cehza/50ELRX4zsxPMvop6Ni2yY=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 16:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8619 (0x21ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: May 30 16:06:45 2025 GMT Not After : Jun 6 16:06:45 2025 GMT Subject: CN=6839d796-b56b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:20:34:97:65:b3:dc:4b:62:e7:a3:63:20:ea: 4b:e6:51:02:1b:88:a1:5e:42:a8:db:1d:2c:15:ce: ec:34:5e:9b:ab:0b:a0:0b:49:52:8a:dc:11:59:e0: 39:e0:49:5f:19:e4:ec:dc:96:3a:3e:3c:f8:dd:68: e8:21:7f:50:f5:ff:1c:51:e1:24:af:0a:dd:11:a0: 9c:21:f5:76:d3:dc:39:dd:9b:75:e1:66:df:31:ab: 7f:dd:e0:2f:fb:8c:8f:9c:ae:ac:4d:9c:35:3a:de: ff:00:25:8c:28:96:93:75:ff:fe:04:db:8a:d9:3c: d2:9c:cf:66:e3:42:4f:02:d1:fa:96:81:14:70:a4: be:0f:fb:07:ea:92:66:50:0e:d1:36:a9:46:c2:ce: 1d:54:db:bf:2c:28:4c:72:e2:be:1f:b0:d0:53:38: 81:0d:6a:3e:22:12:c0:8e:37:82:4b:2e:a8:8a:80: 17:24:6d:54:1a:00:3a:3c:d2:f6:9c:d8:71:1b:d2: f0:39:5c:ee:3d:43:eb:c6:bd:1f:7d:ca:a9:cb:27: 14:15:f2:a1:4b:be:01:b9:c3:0c:df:a5:3c:a7:fa: fb:47:08:e3:9a:b2:c3:eb:b7:f4:35:04:7d:72:92: 20:b0:af:79:7d:70:59:29:23:70:fa:89:74:ad:13: 8e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:FF:2F:43:85:A4:BD:0A:F5:52:72:90:E4:76:1A:AF:0D:8E:BB:BD X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:4d:3d:7a:34:a5:3f:4c:9f:2c:68:2a:aa:fc:ae:5f:5d:d5: 5f:0d:92:7b:cc:7a:a4:f8:19:b3:20:b3:16:c9:db:b9:26:84: fd:4b:e8:c1:52:a3:47:22:f2:0a:02:53:5e:0a:9f:92:ba:19: ff:e3:cf:f1:59:1c:d0:31:2a:19:60:11:c7:74:57:95:0e:68: 05:e6:e1:86:31:0c:8d:4b:75:31:29:98:24:95:48:a7:87:0e: b0:06:2f:01:40:7c:4b:e2:c8:03:c8:e9:0a:fc:9a:f1:86:a7: ec:0d:79:b6:82:4b:92:5b:96:d3:ea:be:7e:38:f8:8e:bc:d9: e0:60:c6:d9:f3:c5:ad:de:a0:e5:1a:36:87:21:fb:8e:0c:70: bc:ba:f7:1f:e2:b8:db:b6:f1:1d:78:af:9c:4c:6e:7f:b4:40: 74:d1:9c:0b:ff:88:73:a6:00:73:c2:45:01:17:38:7c:8f:47: 77:45:c4:fb:01:2a:ca:17:ce:ad:9c:e7:f5:e3:99:b6:61:43: 00:3a:f6:89:b5:5a:b9:af:9c:92:66:e3:d2:04:33:21:cb:d5: 80:33:c9:26:bd:09:f1:e8:5f:a5:26:bf:c3:fb:59:cc:38:99: 05:c9:ea:d0:f2:61:10:6b:61:63:e5:15:15:2e:03:a5:8e:88: c5:6b:9d:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNTMwMTYwNjQ1WhcNMjUwNjA2MTYwNjQ1WjAYMRYwFAYD VQQDEw02ODM5ZDc5Ni1iNTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4iA0l2Wz3Eti56NjIOpL5lECG4ihXkKo2x0sFc7sNF6bqwugC0lSitwRWeA5 4ElfGeTs3JY6Pjz43WjoIX9Q9f8cUeEkrwrdEaCcIfV209w53Zt14WbfMat/3eAv +4yPnK6sTZw1Ot7/ACWMKJaTdf/+BNuK2TzSnM9m40JPAtH6loEUcKS+D/sH6pJm UA7RNqlGws4dVNu/LChMcuK+H7DQUziBDWo+IhLAjjeCSy6oioAXJG1UGgA6PNL2 nNhxG9LwOVzuPUPrxr0ffcqpyycUFfKhS74BucMM36U8p/r7RwjjmrLD67f0NQR9 cpIgsK95fXBZKSNw+ol0rROO8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNn/L0OF pL0K9VJykOR2Gq8Njru9MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8TT16NKU/TJ8saCqq/K5fXdVfDZJ7zHqk+BmzILMWydu5JoT9S+jB UqNHIvIKAlNeCp+Suhn/48/xWRzQMSoZYBHHdFeVDmgF5uGGMQyNS3UxKZgklUin hw6wBi8BQHxL4sgDyOkK/JrxhqfsDXm2gkuSW5bT6r5+OPiOvNngYMbZ88Wt3qDl GjaHIfuODHC8uvcf4rjbtvEdeK+cTG5/tEB00ZwL/4hzpgBzwkUBFzh8j0d3RcT7 ASrKF86tnOf145m2YUMAOvaJtVq5r5ySZuPSBDMhy9WAM8kmvQnx6F+lJr/D+1nM OJkFyerQ8mEQa2Fj5RUVLgOljojFa509 -----END CERTIFICATE-----Generated at Sat May 31 16:47:43 2025 by rpki-client