$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 0c5AtomZPtMFCFBoKxfZZ43XZdMijjg17rK0Mt/t1Fo= Subject key identifier: 21:B7:9A:C5:75:CA:AC:81:AB:71:92:97:7E:FB:85:57:C6:5B:4E:7B Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 226A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2213 Signing time: Sat 28 Mar 2026 15:51:10 +0000 Manifest this update: Sat 28 Mar 2026 15:51:10 +0000 Manifest next update: Sat 04 Apr 2026 15:51:10 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: LdaPrrD2LmX0Gok61PADlwEvoVCZFsi4yVYoZxOd4PU=) 2: 1C628A90671411EEA0040661C4F9AE02.roa (hash: M0M27e7jpHMqjXXvltEuadHWRQl0UpCUB3Q3dSoBa+I=) 3: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: KYaSzwf1L2QkO+jOOMTkJ2kvbpBzCO+jKOwM50VbrBw=) 4: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: V2GgiDiVdp7icGNp8uei2QdYQy4qfASwmRrufFn1mxg=) 5: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: v4lm1t03b9gy+zkyAg0MsXuQLEziIg1Uau5peZt74RY=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: YxBTBicabikn08Aqg/dvf+PsgRQVrImZt4AAt8rvHnc=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: Bbmi/J5Lpn7aHAntaVp/ckgJSOlUGXUjQqXrthSWKgU=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 3IlwneiT3OIjV7tuhT2g5I0grdOyE91JkHSLmUB2BEY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 Apr 2026 15:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8810 (0x226a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Mar 28 15:51:10 2026 GMT Not After : Apr 4 15:51:10 2026 GMT Subject: CN=69c7f8ee-32ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:81:02:c8:ee:ed:e7:85:de:09:cd:10:cf:a6: 4c:65:25:c6:8f:8a:4c:f1:df:6e:1d:12:4a:1d:10: f0:63:b2:1d:62:ed:a8:27:18:5b:9d:d7:42:80:01: 69:64:66:48:49:e6:c3:3c:db:10:e6:e1:c2:52:0d: 39:41:72:be:46:fc:67:db:73:d3:26:dd:66:2c:1b: a8:f2:b8:7d:c1:1e:df:1b:3f:f6:1d:4c:c5:83:79: 12:b1:bc:b7:fe:f3:87:0d:5d:3c:63:50:c1:58:69: 74:fb:0a:4d:25:e5:74:0b:34:e6:3e:e7:6f:d6:06: ac:53:15:16:6d:a7:00:56:a7:ed:5a:c0:4c:c5:f6: f6:44:7c:36:16:3b:87:93:8f:b6:ea:90:77:47:14: 2e:31:15:1d:67:3b:3e:fd:27:3c:c7:a9:d1:d6:ae: 10:f7:2d:78:da:a3:f8:9d:1d:cd:07:a3:6f:87:43: 50:40:54:45:f0:ec:b8:73:28:49:07:95:1c:fa:17: b9:08:7d:1b:f1:df:2e:45:5e:d8:78:05:35:d1:8e: 43:69:df:62:fa:70:29:a0:84:da:9c:91:a3:21:90: f8:88:c8:00:22:bb:3a:4f:05:99:cf:1d:99:d1:22: 91:59:53:26:9e:01:d3:01:d9:5f:17:eb:64:bc:ad: a4:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B7:9A:C5:75:CA:AC:81:AB:71:92:97:7E:FB:85:57:C6:5B:4E:7B X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:df:de:63:0a:38:95:08:6e:ff:2a:7b:60:b7:2d:21:56:ae: 8e:35:b2:f2:9c:d1:fa:7b:90:26:ba:ee:5e:ba:f5:71:31:f6: 94:9d:f3:64:d3:8e:a5:9b:ee:f0:e0:82:4a:d6:79:c8:d1:d1: d7:17:d3:60:9f:36:92:90:b8:50:27:d5:9a:a8:a4:2d:8c:08: 1d:8f:4c:90:f1:86:8c:29:14:61:80:ad:a4:a0:6e:cc:51:43: c4:7e:81:b5:f3:4d:b9:d5:5c:84:6b:c4:89:3d:89:db:47:de: 3c:ea:a4:51:1a:29:3f:4f:41:a4:8e:d5:73:53:04:2b:04:60: f1:f3:12:9e:62:14:48:51:cb:ce:3e:91:84:0d:8e:f5:a9:4c: 86:5b:76:bd:d7:bb:55:2c:c0:fe:6f:b3:b2:02:1a:cd:a1:8a: fa:2e:d4:4f:2f:24:c4:04:56:11:0a:b3:6c:fb:56:0a:29:2d: c6:78:df:df:5f:4c:9b:09:34:c5:b8:04:e1:99:39:3f:31:03: 61:35:b7:62:d3:e0:0e:13:c0:f3:20:5e:9e:11:bf:b2:d3:d4: dc:85:18:2c:99:aa:d0:f0:e6:bb:a2:68:86:6a:b9:58:f7:3c: 10:7e:09:ee:f1:c7:b2:bb:a8:ee:66:f5:54:68:6a:dd:41:ec: 1b:ad:6f:3b -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICImowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjYwMzI4MTU1MTEwWhcNMjYwNDA0MTU1MTEwWjAYMRYwFAYD VQQDEw02OWM3ZjhlZS0zMmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp4ECyO7t54XeCc0Qz6ZMZSXGj4pM8d9uHRJKHRDwY7IdYu2oJxhbnddCgAFp ZGZISebDPNsQ5uHCUg05QXK+Rvxn23PTJt1mLBuo8rh9wR7fGz/2HUzFg3kSsby3 /vOHDV08Y1DBWGl0+wpNJeV0CzTmPudv1gasUxUWbacAVqftWsBMxfb2RHw2FjuH k4+26pB3RxQuMRUdZzs+/Sc8x6nR1q4Q9y142qP4nR3NB6Nvh0NQQFRF8Oy4cyhJ B5Uc+he5CH0b8d8uRV7YeAU10Y5Dad9i+nApoITanJGjIZD4iMgAIrs6TwWZzx2Z 0SKRWVMmngHTAdlfF+tkvK2kQQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFCG3msV1 yqyBq3GSl377hVfGW057MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAId/eYwo4lQhu/yp7YLctIVaujjWy8pzR+nuQJrruXrr1cTH2lJ3zZNOOpZvu 8OCCStZ5yNHR1xfTYJ82kpC4UCfVmqikLYwIHY9MkPGGjCkUYYCtpKBuzFFDxH6B tfNNudVchGvEiT2J20fePOqkURopP09BpI7Vc1MEKwRg8fMSnmIUSFHLzj6RhA2O 9alMhlt2vde7VSzA/m+zsgIazaGK+i7UTy8kxARWEQqzbPtWCiktxnjf319Mmwk0 xbgE4Zk5PzEDYTW3YtPgDhPA8yBenhG/stPU3IUYLJmq0PDmu6Johmq5WPc8EH4J 7vHHsruo7mb1VGhq3UHsG61vOw== -----END CERTIFICATE-----Generated at Sun Mar 29 23:47:45 2026 by rpki-client