$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: aQ+Kshgjoq9d3qepgQrYLejteYYrLtzBGDsgrWJ5qrw= Subject key identifier: 12:BC:19:BD:D3:13:59:9D:00:B7:99:34:F9:F2:6C:B5:94:64:86:51 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 21A6 Signing time: Sat 06 Sep 2025 15:57:56 +0000 Manifest this update: Sat 06 Sep 2025 15:57:56 +0000 Manifest next update: Sat 13 Sep 2025 15:57:56 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: qf48a5PQYX9vBmp4x1S702Yq69uTYgnV/o3iaNqYNUg=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 5: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 7: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 15:57:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8673 (0x21e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Sep 6 15:57:56 2025 GMT Not After : Sep 13 15:57:56 2025 GMT Subject: CN=68bc5a04-7c18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5a:ce:a3:cc:f2:c0:c9:0e:05:72:b5:57:4e: ba:d3:cb:91:ef:2c:48:4c:60:fa:5f:5b:9b:ff:cb: f9:22:e6:1e:f2:79:10:4f:91:f6:9a:38:ef:6d:10: 98:c1:da:4f:8a:52:68:75:e4:c6:9e:0c:c0:4f:1e: 8b:8a:32:79:39:81:e8:03:14:f3:b8:ee:f7:65:77: e0:5e:21:87:e3:26:bf:b1:39:34:be:bd:37:63:c1: 50:23:c1:46:a3:b5:4c:87:89:86:3a:88:84:2c:66: 30:10:08:56:ab:e6:ee:55:45:4c:45:de:89:e5:97: b9:e8:68:6b:88:6f:89:29:77:28:d2:b2:8c:cd:0c: d7:c1:b4:b4:b1:92:62:23:33:6b:5b:5a:31:7f:d1: e1:c9:8b:12:d0:ac:2c:aa:0c:22:4f:c5:27:97:60: 18:1f:ae:f1:aa:17:5b:32:65:7d:31:5f:96:f0:b8: fd:59:17:32:63:51:1c:55:fc:bc:09:44:89:73:4d: ff:d9:be:00:ff:98:5c:92:22:7c:61:13:63:d8:55: 0a:e3:61:80:f6:d4:88:d0:30:9d:1f:35:ca:b1:a0: 83:ca:80:40:e2:ff:1a:be:c4:c2:8a:ea:61:4c:2d: 2d:b0:70:ce:d0:79:05:8d:16:d2:7c:fa:f1:f6:32: bf:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:BC:19:BD:D3:13:59:9D:00:B7:99:34:F9:F2:6C:B5:94:64:86:51 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:1b:e5:62:a2:01:32:76:86:79:af:c5:a6:5f:8c:2b:04:9d: ba:25:da:3b:e5:10:21:5b:94:48:eb:ed:51:2e:16:e7:3f:74: 85:a4:1a:ee:59:06:f9:60:ea:9a:46:c7:fb:b1:07:69:45:9b: 08:65:86:4d:54:2c:3b:d9:29:28:ee:24:24:f5:cf:37:e0:1f: 41:e1:da:31:de:7c:2f:2a:62:3b:fd:5a:a5:49:c0:3f:1e:01: 65:8e:5b:44:64:40:7f:19:78:33:2a:59:84:74:0d:ae:dd:22: db:b6:b3:92:a6:cd:0e:5f:7f:67:db:24:0c:ec:a9:9a:27:f1: 52:70:28:9f:e6:e4:5e:0b:d9:c9:fc:75:f2:4d:5d:10:ed:51: 5f:aa:72:10:ae:70:6f:cf:99:97:d4:32:43:66:2f:b5:8a:69: d2:a0:be:62:38:71:98:4d:96:7e:89:56:26:ad:dc:f9:e1:15: e8:dc:e3:f4:03:65:3b:6a:62:72:5d:32:91:f9:64:e1:3e:6e: 6f:21:18:b0:91:47:c2:93:db:1a:67:e9:a4:ef:ed:77:b6:c9: a2:cf:d6:68:4f:8e:4a:61:d7:39:12:a8:17:6b:ae:c3:34:d2: c4:54:47:94:09:72:bc:94:fa:8f:6b:7b:42:bb:df:c0:cf:48: c5:4d:f6:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIeEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwOTA2MTU1NzU2WhcNMjUwOTEzMTU1NzU2WjAYMRYwFAYD VQQDEw02OGJjNWEwNC03YzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVrOo8zywMkOBXK1V06608uR7yxITGD6X1ub/8v5IuYe8nkQT5H2mjjvbRCY wdpPilJodeTGngzATx6LijJ5OYHoAxTzuO73ZXfgXiGH4ya/sTk0vr03Y8FQI8FG o7VMh4mGOoiELGYwEAhWq+buVUVMRd6J5Ze56GhriG+JKXco0rKMzQzXwbS0sZJi IzNrW1oxf9HhyYsS0KwsqgwiT8Unl2AYH67xqhdbMmV9MV+W8Lj9WRcyY1EcVfy8 CUSJc03/2b4A/5hckiJ8YRNj2FUK42GA9tSI0DCdHzXKsaCDyoBA4v8avsTCiuph TC0tsHDO0HkFjRbSfPrx9jK/GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBK8Gb3T E1mdALeZNPnybLWUZIZRMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQG+ViogEydoZ5r8WmX4wrBJ26Jdo75RAhW5RI6+1RLhbnP3SFpBru WQb5YOqaRsf7sQdpRZsIZYZNVCw72Sko7iQk9c834B9B4dox3nwvKmI7/VqlScA/ HgFljltEZEB/GXgzKlmEdA2u3SLbtrOSps0OX39n2yQM7KmaJ/FScCif5uReC9nJ /HXyTV0Q7VFfqnIQrnBvz5mX1DJDZi+1imnSoL5iOHGYTZZ+iVYmrdz54RXo3OP0 A2U7amJyXTKR+WThPm5vIRiwkUfCk9saZ+mk7+13tsmiz9ZoT45KYdc5EqgXa67D NNLEVEeUCXK8lPqPa3tCu9/Az0jFTfap -----END CERTIFICATE-----Generated at Mon Sep 8 14:10:35 2025 by rpki-client