$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: 3uri5t6DnzTDQKoRh+QCDJO7wcemsf9Kdwz/P/agGRk= Subject key identifier: 1E:C6:21:D7:79:65:3D:5C:B7:7B:B9:27:8C:36:97:E5:3B:68:A9:DC Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2197 Signing time: Fri 08 Aug 2025 16:00:40 +0000 Manifest this update: Fri 08 Aug 2025 16:00:39 +0000 Manifest next update: Fri 15 Aug 2025 16:00:39 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: SL4h1d/xZpD4DsV9Z1kDEn0i4UFJ6yFadoUQeGsRb90=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 5: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 7: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8658 (0x21d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Aug 8 16:00:39 2025 GMT Not After : Aug 15 16:00:39 2025 GMT Subject: CN=68961f27-a769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:37:e2:bd:50:eb:d2:9b:3d:f0:f4:60:b5:04: 5f:b3:ea:d0:f1:08:20:47:7a:a9:6f:24:29:cd:e4: e2:e3:6f:be:7d:da:3a:93:9d:08:de:5f:39:c8:b7: b5:99:64:93:a2:4e:a3:c4:00:42:a2:3c:cc:c3:c7: 75:1e:d2:91:a2:52:1e:20:ae:32:bc:08:2e:5f:48: 7b:b1:66:00:0f:f4:88:d6:43:88:c1:1c:8c:f6:a2: 46:41:21:62:3e:5c:c5:d2:23:c2:1b:6c:5f:87:26: 6b:9c:19:17:a0:3b:d9:21:cf:eb:05:03:bf:ff:80: bd:49:f1:a4:28:4b:e2:19:52:c5:45:0f:1f:2f:b2: a0:22:79:ec:b1:8b:44:38:34:36:2d:e1:4e:fc:eb: 6c:2c:31:10:d2:5b:83:ac:08:a5:20:b6:34:7d:d4: cc:54:22:ad:90:58:4d:fa:14:4a:3d:93:82:a4:4b: ee:01:ae:52:79:13:ae:be:f7:11:5f:6b:54:98:4f: aa:36:6a:f1:ed:86:99:0d:a2:4f:9c:97:59:32:e0: 32:46:e8:f9:59:16:d4:be:a4:c6:93:d2:1e:a8:01: 7b:4c:a9:97:f3:8f:14:39:73:a9:4d:51:e4:71:54: 34:f5:2e:05:57:29:bf:4b:05:08:5f:65:b2:2f:92: 7c:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C6:21:D7:79:65:3D:5C:B7:7B:B9:27:8C:36:97:E5:3B:68:A9:DC X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:5a:97:bb:38:3a:08:5f:97:9d:2c:c8:83:4b:4a:71:47:a3: 8c:ca:74:ff:7d:8a:49:15:34:86:86:c7:c5:f0:53:86:0d:5e: 4b:f8:ff:53:f2:61:1f:d5:7a:b2:c5:ca:4b:26:6e:80:1f:1f: 61:72:2e:02:51:3d:c7:27:2c:4a:72:a3:d5:bc:e4:84:61:23: 4c:37:c6:25:85:a7:59:69:0a:f5:3f:ba:ae:9c:d3:d3:ea:84: 29:1c:b7:d1:87:1d:cc:c9:0c:56:99:e9:31:eb:a1:01:b3:3f: 79:b3:87:51:8a:aa:7f:93:95:df:f7:17:8e:c7:0a:6f:a9:04: b0:82:73:ff:85:56:e8:93:96:93:c8:78:f6:a9:72:40:0c:ef: 7e:c6:e5:be:13:7c:8d:bb:18:ba:4a:10:d1:17:49:e7:da:08: aa:b1:e6:de:e1:8b:2f:66:2d:87:db:13:8b:91:31:8f:cb:54: 1d:30:70:b1:8c:45:4b:32:58:0d:2b:5f:47:89:f2:39:17:e8: 7e:7a:78:1b:2b:81:ab:2d:37:70:80:0e:58:65:e3:3c:88:f7: 51:08:fd:78:20:42:d9:41:1c:b5:18:a1:9f:3b:0a:94:51:ba: ef:ab:71:cd:f0:16:bf:04:71:54:4d:d1:f9:a3:a0:c2:6d:4b: 9c:b9:24:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwODA4MTYwMDM5WhcNMjUwODE1MTYwMDM5WjAYMRYwFAYD VQQDEw02ODk2MWYyNy1hNzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2zfivVDr0ps98PRgtQRfs+rQ8QggR3qpbyQpzeTi42++fdo6k50I3l85yLe1 mWSTok6jxABCojzMw8d1HtKRolIeIK4yvAguX0h7sWYAD/SI1kOIwRyM9qJGQSFi PlzF0iPCG2xfhyZrnBkXoDvZIc/rBQO//4C9SfGkKEviGVLFRQ8fL7KgInnssYtE ODQ2LeFO/OtsLDEQ0luDrAilILY0fdTMVCKtkFhN+hRKPZOCpEvuAa5SeROuvvcR X2tUmE+qNmrx7YaZDaJPnJdZMuAyRuj5WRbUvqTGk9IeqAF7TKmX848UOXOpTVHk cVQ09S4FVym/SwUIX2WyL5J8QQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB7GIdd5 ZT1ct3u5J4w2l+U7aKncMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArWpe7ODoIX5edLMiDS0pxR6OMynT/fYpJFTSGhsfF8FOGDV5L+P9T 8mEf1XqyxcpLJm6AHx9hci4CUT3HJyxKcqPVvOSEYSNMN8YlhadZaQr1P7qunNPT 6oQpHLfRhx3MyQxWmekx66EBsz95s4dRiqp/k5Xf9xeOxwpvqQSwgnP/hVbok5aT yHj2qXJADO9+xuW+E3yNuxi6ShDRF0nn2giqsebe4YsvZi2H2xOLkTGPy1QdMHCx jEVLMlgNK19HifI5F+h+engbK4GrLTdwgA5YZeM8iPdRCP14IELZQRy1GKGfOwqU Ubrvq3HN8Ba/BHFUTdH5o6DCbUucuSRS -----END CERTIFICATE-----Generated at Sat Aug 9 10:37:26 2025 by rpki-client