$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: tOY5Bhz11njYsv3a2S2sujONwcnAPkR2bbY6U54RT5k= Subject key identifier: A7:63:A7:60:2D:51:DE:8C:FB:19:6D:B9:21:83:B0:9E:B4:A5:F8:F4 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 2179 Signing time: Mon 16 Jun 2025 16:00:09 +0000 Manifest this update: Mon 16 Jun 2025 16:00:08 +0000 Manifest next update: Mon 23 Jun 2025 16:00:08 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: pvg2380fJ0IPoUU2V8ujc7fz+c31+sjKFFd3CRT9OTo=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: +5+CGiKVbxmsjW2Dgtnff5yTnGOW4oXDxyvtduyu/to=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 8: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 16:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8628 (0x21b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Jun 16 16:00:08 2025 GMT Not After : Jun 23 16:00:08 2025 GMT Subject: CN=68503f88-802f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6f:09:4c:ef:6c:f4:f0:89:77:3a:97:1f:64: 63:ba:3e:0c:d2:c1:91:9b:50:f8:a0:6b:08:c1:a0: f0:51:9e:c7:0a:5c:b4:36:88:6b:c3:e9:bc:08:9b: dc:22:78:34:e3:ea:37:97:fc:9f:ce:03:b3:c4:a9: f7:d0:3f:8a:ab:4a:ed:dd:3d:3b:17:b6:c7:d9:b4: 53:9f:67:e8:db:3e:a2:6e:50:da:e1:b0:55:c9:ae: 40:4c:c4:bb:ea:1c:43:c4:2a:69:3b:63:df:20:8b: 33:d6:58:9c:fe:73:11:43:5c:43:3d:5e:df:ee:c2: 0e:41:86:09:ac:86:89:d7:75:d3:6d:d5:80:e7:74: 5b:55:23:8a:8a:02:4b:06:f4:90:d2:02:41:44:f9: 59:c0:33:56:d4:db:40:ab:50:e1:79:23:52:10:39: f8:ae:d0:3f:93:5c:89:5a:90:9c:66:37:0b:04:e4: 74:03:4d:69:7f:48:3c:1b:4a:72:63:db:9e:a4:03: e8:8a:0e:e3:f5:08:26:a8:e3:bf:fc:47:36:7c:a0: 7e:80:67:3a:32:fe:65:f3:b1:c9:ac:f5:c4:46:f0: 88:9f:74:3f:95:2b:66:9a:5c:1a:9a:1d:78:7b:06: b4:64:40:8c:92:37:55:f6:5f:d9:7a:64:84:df:72: 11:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:63:A7:60:2D:51:DE:8C:FB:19:6D:B9:21:83:B0:9E:B4:A5:F8:F4 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:ca:a9:9c:c2:34:20:77:4c:da:73:39:72:5a:b4:f1:0f:a0: 92:93:2f:22:a3:b9:b2:e6:83:f0:2f:98:c8:f1:e9:29:33:72: 96:22:38:7d:7d:2d:31:b0:e0:08:c6:32:c8:e9:d4:16:65:5f: 34:41:4f:c0:e7:92:49:e0:80:f5:1d:ee:d0:fa:24:84:e3:c4: 4d:17:2a:a5:72:26:e6:9d:c6:35:55:10:83:9d:df:64:70:c0: 4c:0e:ca:73:cf:a6:9a:0e:8f:44:86:2b:b6:bb:98:34:f5:6e: 8b:2d:01:c0:5f:26:b2:c4:ea:75:5f:0a:9a:4b:43:8f:14:b7: 46:61:39:b6:1b:e6:b2:fe:6f:2c:a2:77:1f:2b:94:90:de:9a: ee:37:05:12:97:a6:f7:74:ba:18:38:6f:fb:3c:10:1c:35:ec: 58:96:5e:1a:a9:06:8c:c4:c0:d7:0b:89:4c:54:77:46:de:e4: 40:97:82:8f:05:de:69:15:2f:4a:e4:f9:d5:10:50:ad:fd:1d: f7:2c:67:6c:06:3a:40:10:b7:dd:b5:c7:65:e9:1c:06:9e:47: b4:7f:b1:0b:32:fb:03:97:74:6b:a1:de:85:3a:7d:16:b4:d2: e3:1b:f6:7e:f1:2d:8d:40:ed:03:36:a1:74:78:7f:c2:cf:54: 36:4d:32:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwNjE2MTYwMDA4WhcNMjUwNjIzMTYwMDA4WjAYMRYwFAYD VQQDEw02ODUwM2Y4OC04MDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx28JTO9s9PCJdzqXH2Rjuj4M0sGRm1D4oGsIwaDwUZ7HCly0Nohrw+m8CJvc Ing04+o3l/yfzgOzxKn30D+Kq0rt3T07F7bH2bRTn2fo2z6iblDa4bBVya5ATMS7 6hxDxCppO2PfIIsz1lic/nMRQ1xDPV7f7sIOQYYJrIaJ13XTbdWA53RbVSOKigJL BvSQ0gJBRPlZwDNW1NtAq1DheSNSEDn4rtA/k1yJWpCcZjcLBOR0A01pf0g8G0py Y9uepAPoig7j9QgmqOO//Ec2fKB+gGc6Mv5l87HJrPXERvCIn3Q/lStmmlwamh14 ewa0ZECMkjdV9l/ZemSE33IRFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKdjp2At Ud6M+xltuSGDsJ60pfj0MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSyqmcwjQgd0zaczlyWrTxD6CSky8io7my5oPwL5jI8ekpM3KWIjh9 fS0xsOAIxjLI6dQWZV80QU/A55JJ4ID1He7Q+iSE48RNFyqlcibmncY1VRCDnd9k cMBMDspzz6aaDo9Ehiu2u5g09W6LLQHAXyayxOp1XwqaS0OPFLdGYTm2G+ay/m8s oncfK5SQ3pruNwUSl6b3dLoYOG/7PBAcNexYll4aqQaMxMDXC4lMVHdG3uRAl4KP Bd5pFS9K5PnVEFCt/R33LGdsBjpAELfdtcdl6RwGnke0f7ELMvsDl3Rrod6FOn0W tNLjG/Z+8S2NQO0DNqF0eH/Cz1Q2TTLr -----END CERTIFICATE-----Generated at Wed Jun 18 03:00:08 2025 by rpki-client