$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft File: cgqmbzbBRgrUvDrGkvlltxdKWOA.mft (raw, json) Hash identifier: VnMdV19+ZAuKF94jlCeaIYQvIBE78i7BUMKP7hGByHg= Subject key identifier: 49:A7:FE:05:36:33:55:7C:45:83:87:C0:75:24:72:38:2F:35:66:CC Authority key identifier: 72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 Certificate issuer: /CN=A91B4053/serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Certificate serial: 1F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft Manifest number: 1D Signing time: Sat 09 Aug 2025 08:27:20 +0000 Manifest this update: Sat 09 Aug 2025 08:27:19 +0000 Manifest next update: Sat 16 Aug 2025 08:27:19 +0000 Files and hashes: 1: cgqmbzbBRgrUvDrGkvlltxdKWOA.crl (hash: VYvaodn1r0AnaOM6L/F3InoOCO3Ob+Ob/EYiPU96gpA=) 2: AC8BCC2E50E411F0B8E7D45DC4F9AE02.roa (hash: 6vL95HASIeMq5sE95QjJyODMvxYaOtsSaHmjFpdm+bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31 (0x1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=720AA66F36C1460AD4BC3AC692F965B7174A58E0 Validity Not Before: Aug 9 08:27:19 2025 GMT Not After : Aug 16 08:27:19 2025 GMT Subject: CN=68970668-3496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:67:ae:a2:bc:5d:9e:09:27:a1:77:64:44:7a: 29:4f:ae:8e:ad:da:63:8a:ad:f5:bc:57:ce:0f:21: ae:11:b2:d7:28:7b:f6:7f:ee:cb:4e:a0:25:ae:9a: fd:22:bc:55:e8:23:9a:df:f3:32:79:d6:1c:db:b4: e9:8f:4a:fa:03:55:93:a7:b7:40:6c:0b:bd:bd:2f: ce:d7:bb:61:3a:03:7d:63:9c:ff:3b:e2:7b:64:1d: f8:7e:6b:ee:7f:46:05:ab:26:e9:42:55:41:e1:06: db:b6:5a:c7:37:b4:79:19:d2:85:96:81:9f:f4:8f: 29:fd:17:5e:28:7a:79:fb:66:4b:f1:99:d4:ed:97: 67:17:44:9f:ab:e5:18:6a:72:8e:17:d2:1d:88:18: 36:b5:31:b4:f5:93:d7:88:4f:b0:56:65:50:84:bf: cd:5a:be:16:49:48:a8:0e:09:4c:0e:26:ba:2b:3c: a0:85:17:b7:83:f3:8d:72:fd:4b:08:be:0b:d6:d1: 9b:18:6e:08:d8:89:d3:41:3c:47:7e:ce:48:72:27: e8:23:81:2a:56:58:13:02:9d:80:b3:f4:38:50:5d: 28:89:9e:42:34:ce:51:12:48:74:e4:53:59:e7:23: 80:bf:fe:42:37:99:b1:8c:b9:25:c6:7b:9a:b8:51: 04:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:A7:FE:05:36:33:55:7C:45:83:87:C0:75:24:72:38:2F:35:66:CC X509v3 Authority Key Identifier: keyid:72:0A:A6:6F:36:C1:46:0A:D4:BC:3A:C6:92:F9:65:B7:17:4A:58:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cgqmbzbBRgrUvDrGkvlltxdKWOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3640CB9450E111F091C4BB74C4F9AE02/cgqmbzbBRgrUvDrGkvlltxdKWOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:12:e6:f4:25:0e:bc:eb:6e:61:f0:71:55:bf:a7:88:38:18: f1:01:a5:b7:cb:af:66:e0:81:12:ef:e6:33:5f:3b:dd:77:09: 9e:33:da:51:64:ec:76:69:57:1e:0c:d3:45:29:c0:a0:2a:b4: a8:7e:04:4a:f0:70:51:91:e1:16:72:86:0b:f5:4e:33:c1:b9: 39:d1:62:20:fe:31:17:b3:75:c2:9e:24:b4:10:2a:66:45:99: 4c:09:b1:9f:59:36:52:df:76:69:6e:65:6d:08:69:47:20:c9: 00:67:33:9e:00:b4:5c:62:bb:05:4c:4d:4c:02:fc:2a:88:d4: 67:71:fb:54:e3:1f:2a:ce:38:4a:39:a4:aa:c2:6d:e6:b8:60: da:48:0c:f6:f5:ef:9f:f8:b3:34:9e:a8:0c:28:cb:a6:ba:ea: 5e:30:74:2a:9e:06:3a:e5:7b:78:9c:15:13:8a:c0:51:38:ee: 5f:2b:b2:1e:3a:d8:b0:ab:6d:ac:76:ea:30:e4:fc:de:40:2c: 02:3c:62:6d:57:93:1c:ba:34:f8:77:bd:70:35:30:32:59:8c: c6:a6:ad:49:9c:ef:c3:c7:f4:ba:6b:f4:b3:6a:6f:87:a7:04: 22:53:81:cb:05:e9:5d:98:4b:b6:3d:cc:73:b3:4d:da:12:0d: a8:39:f7:13 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoNzIwQUE2NkYzNkMxNDYwQUQ0QkMzQUM2OTJGOTY1Qjcx NzRBNThFMDAeFw0yNTA4MDkwODI3MTlaFw0yNTA4MTYwODI3MTlaMBgxFjAUBgNV BAMTDTY4OTcwNjY4LTM0OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVZ66ivF2eCSehd2REeilPro6t2mOKrfW8V84PIa4Rstcoe/Z/7stOoCWumv0i vFXoI5rf8zJ51hzbtOmPSvoDVZOnt0BsC729L87Xu2E6A31jnP874ntkHfh+a+5/ RgWrJulCVUHhBtu2Wsc3tHkZ0oWWgZ/0jyn9F14oenn7ZkvxmdTtl2cXRJ+r5Rhq co4X0h2IGDa1MbT1k9eIT7BWZVCEv81avhZJSKgOCUwOJrorPKCFF7eD841y/UsI vgvW0ZsYbgjYidNBPEd+zkhyJ+gjgSpWWBMCnYCz9DhQXSiJnkI0zlESSHTkU1nn I4C//kI3mbGMuSXGe5q4UQQbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSaf+BTYz VXxFg4fAdSRyOC81ZswwHwYDVR0jBBgwFoAUcgqmbzbBRgrUvDrGkvlltxdKWOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzM2NDBDQjk0NTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdyVXZEckdrdmxsdHhkS1dP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY2dxbWJ6YkJSZ3JVdkRyR2t2bGx0eGRLV09BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0 MDUzLzM2NDBDQjk0NTBFMTExRjA5MUM0QkI3NEM0RjlBRTAyL2NncW1iemJCUmdy VXZEckdrdmxsdHhkS1dPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACUS5vQlDrzrbmHwcVW/p4g4GPEBpbfLr2bggRLv5jNfO913CZ4z2lFk 7HZpVx4M00UpwKAqtKh+BErwcFGR4RZyhgv1TjPBuTnRYiD+MRezdcKeJLQQKmZF mUwJsZ9ZNlLfdmluZW0IaUcgyQBnM54AtFxiuwVMTUwC/CqI1Gdx+1TjHyrOOEo5 pKrCbea4YNpIDPb175/4szSeqAwoy6a66l4wdCqeBjrle3icFROKwFE47l8rsh46 2LCrbax26jDk/N5ALAI8Ym1Xkxy6NPh3vXA1MDJZjMamrUmc78PH9Lpr9LNqb4en BCJTgcsF6V2YS7Y9zHOzTdoSDag59xM= -----END CERTIFICATE-----Generated at Sun Aug 10 21:15:42 2025 by rpki-client