$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 2ySQ7OroI5raNWeSsyUZAvcYZuLztZc2wXPSZuc65ww= Subject key identifier: 7D:F1:ED:0A:C1:ED:F6:FE:CF:30:CE:BA:E1:D1:7E:3B:B0:31:B5:2B Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2285 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 222E Signing time: Wed 20 May 2026 15:53:37 +0000 Manifest this update: Wed 20 May 2026 15:53:36 +0000 Manifest next update: Wed 27 May 2026 15:53:36 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: rtwubRm3Ajezo7PjssabFBVENJiK0AZ8RJiStK78XLg=) 2: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: YxBTBicabikn08Aqg/dvf+PsgRQVrImZt4AAt8rvHnc=) 3: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 3IlwneiT3OIjV7tuhT2g5I0grdOyE91JkHSLmUB2BEY=) 4: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: V2GgiDiVdp7icGNp8uei2QdYQy4qfASwmRrufFn1mxg=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: KYaSzwf1L2QkO+jOOMTkJ2kvbpBzCO+jKOwM50VbrBw=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: M0M27e7jpHMqjXXvltEuadHWRQl0UpCUB3Q3dSoBa+I=) 7: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: v4lm1t03b9gy+zkyAg0MsXuQLEziIg1Uau5peZt74RY=) 8: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: Bbmi/J5Lpn7aHAntaVp/ckgJSOlUGXUjQqXrthSWKgU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 15:53:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8837 (0x2285) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: May 20 15:53:36 2026 GMT Not After : May 27 15:53:36 2026 GMT Subject: CN=6a0dd901-6a38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:be:70:22:ee:4d:c2:a7:3b:8e:f2:9e:8f:4c: 30:89:d6:16:9a:4a:92:aa:92:49:80:dc:20:69:b3: 26:35:af:c4:e4:12:3f:85:20:4e:45:01:09:d9:2a: 93:30:92:43:2d:c0:80:39:eb:e9:e3:39:53:eb:ac: 63:90:12:d6:50:c5:20:81:c8:22:90:89:7c:9e:99: de:c4:e9:e3:32:96:ff:a1:16:61:f6:22:f1:52:af: f2:c6:b2:81:9c:5c:1a:83:45:c7:6f:1f:8a:de:14: d1:61:1f:42:c1:5c:43:aa:60:60:41:fc:4f:84:11: 79:cb:b8:46:43:8c:ce:c7:0d:a1:74:f0:b1:0e:90: fb:75:ee:f4:26:31:85:c4:b6:f7:58:75:0d:87:94: f1:5c:f0:e1:e4:88:df:54:89:b1:c7:bd:9c:92:09: 33:be:26:50:2a:1e:3d:7e:c5:4c:26:5a:1d:13:13: ae:6d:9c:ec:f5:ee:87:cf:88:62:09:72:34:d4:d9: dd:44:2b:a4:57:24:ad:25:65:36:cf:71:f5:29:71: 8a:f2:2c:0d:ef:c5:c6:6c:3c:f0:a4:61:54:1b:99: 59:d1:c8:03:a3:13:43:79:6f:15:49:ec:6e:28:d1: 3f:14:33:e1:0c:96:12:13:54:38:74:53:ef:11:7c: 45:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F1:ED:0A:C1:ED:F6:FE:CF:30:CE:BA:E1:D1:7E:3B:B0:31:B5:2B X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:57:76:2b:29:c3:46:5a:ad:f2:6c:53:86:b3:7e:c7:cb:71: 60:d5:c1:f6:4a:07:6d:a9:fc:85:56:b9:c9:d6:01:88:11:13: e1:c3:9b:ff:1a:7e:63:a1:a6:b7:e9:4b:7a:37:0d:f5:66:d5: 01:64:17:f7:82:11:76:a0:26:eb:c8:6e:c3:07:b6:f7:8f:96: 4b:1d:60:86:46:a2:86:c1:63:fc:dd:dc:1b:35:20:a5:7b:54: a5:9a:96:7f:d1:86:1c:37:f7:3d:82:bc:bb:eb:9d:52:80:df: 52:3d:70:2b:91:84:1d:c8:9f:f6:a6:2f:9b:e7:c1:d3:33:5d: 91:ca:9c:62:fb:ce:84:31:1f:b4:c2:22:4f:57:80:19:47:6a: 6c:fc:37:0a:69:e6:f3:c5:0b:5d:a1:e1:95:7e:6d:03:3b:87: 70:cd:36:81:a1:80:01:f2:a2:48:7e:8f:0f:91:6f:a4:ab:b2: 35:dc:d0:1b:c9:ad:02:0c:3c:6e:8f:85:a0:23:7a:02:ab:9a: d2:4a:85:ff:86:29:3f:b1:79:de:b6:dc:b0:d1:87:d6:f9:98: 62:f6:de:89:19:08:1f:87:bd:0e:fa:62:7f:8c:72:9e:96:b7: 0b:24:9c:0b:9d:94:4d:9d:7c:8d:79:df:b1:32:5a:8a:53:8f: 40:4d:2e:d8 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICIoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjYwNTIwMTU1MzM2WhcNMjYwNTI3MTU1MzM2WjAYMRYwFAYD VQQDEw02YTBkZDkwMS02YTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn75wIu5Nwqc7jvKej0wwidYWmkqSqpJJgNwgabMmNa/E5BI/hSBORQEJ2SqT MJJDLcCAOevp4zlT66xjkBLWUMUggcgikIl8npnexOnjMpb/oRZh9iLxUq/yxrKB nFwag0XHbx+K3hTRYR9CwVxDqmBgQfxPhBF5y7hGQ4zOxw2hdPCxDpD7de70JjGF xLb3WHUNh5TxXPDh5IjfVImxx72ckgkzviZQKh49fsVMJlodExOubZzs9e6Hz4hi CXI01NndRCukVyStJWU2z3H1KXGK8iwN78XGbDzwpGFUG5lZ0cgDoxNDeW8VSexu KNE/FDPhDJYSE1Q4dFPvEXxFrwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFH3x7QrB 7fb+zzDOuuHRfjuwMbUrMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAQFd2KynDRlqt8mxThrN+x8txYNXB9koHban8hVa5ydYBiBET4cOb/xp+Y6Gm t+lLejcN9WbVAWQX94IRdqAm68huwwe294+WSx1ghkaihsFj/N3cGzUgpXtUpZqW f9GGHDf3PYK8u+udUoDfUj1wK5GEHcif9qYvm+fB0zNdkcqcYvvOhDEftMIiT1eA GUdqbPw3Cmnm88ULXaHhlX5tAzuHcM02gaGAAfKiSH6PD5FvpKuyNdzQG8mtAgw8 bo+FoCN6Aqua0kqF/4YpP7F53rbcsNGH1vmYYvbeiRkIH4e9Dvpif4xynpa3CySc C52UTZ18jXnfsTJailOPQE0u2A== -----END CERTIFICATE-----Generated at Thu May 21 12:18:06 2026 by rpki-client