$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: rfq7ONODkzWoOj40Ei1e9yMmfGDAT7/uZF7ovF6Z53M= Subject key identifier: 4D:AE:1C:16:5E:F9:F5:C3:96:6C:79:DA:92:AE:5A:47:7A:8B:9A:71 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 21FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 21C3 Signing time: Sun 02 Nov 2025 15:55:45 +0000 Manifest this update: Sun 02 Nov 2025 15:55:44 +0000 Manifest next update: Sun 09 Nov 2025 15:55:44 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: 4yzLNbXfIa0Gr0JM70MCuTnxEZBMX0y6DZJu/HTRA1A=) 2: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: FmtBKEomkwEsg09oOugyzChandkcrHCKNwzoO1agNsg=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: PC1UpxkrsO/0WXvqCVPit0ma41SpwfY7b5bjQTzVpWQ=) 4: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: dz1GvojNAIHZyqW3h8Y6bP+YBH4Rk6bXASQ1x7rYr58=) 5: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: lgOGf6vXQs55zxCogd+pRQs87jNu5Yd5pLF5QPR8QMk=) 6: 1C628A90671411EEA0040661C4F9AE02.roa (hash: CTvIhXrCtBos/LVoBMmH2P68ViNfFaDxoAYBDmOA96g=) 7: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: cgIrr8o9jTXMbYMAZf1J8wAI/DfnpUQHzKHIr7ZgI6c=) 8: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:55:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8702 (0x21fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D, serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Nov 2 15:55:44 2025 GMT Not After : Nov 9 15:55:44 2025 GMT Subject: CN=69077f00-f0a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:96:e0:b3:01:86:82:3b:21:15:cb:8e:f2:9d: 92:b6:b9:6e:1c:69:00:74:0f:70:01:fb:53:5c:69: 9a:74:3c:fd:8a:02:22:3a:dd:46:5f:ea:e0:81:8b: 17:f5:45:fd:2f:77:21:8f:a4:3d:bf:aa:73:82:36: 46:d9:d3:c3:2f:a7:e3:33:71:19:bf:32:15:ff:4d: 75:cb:81:f1:e4:64:ce:94:84:80:45:01:2a:bb:08: f7:56:6d:21:cb:32:ec:88:82:de:d4:b2:4a:3c:2d: d3:cb:e9:4a:3b:13:c6:4d:16:0c:5d:d2:fe:42:15: ba:ff:c0:5c:bf:e3:df:a1:78:28:24:ce:3a:24:3e: a8:02:a0:81:87:1e:fd:14:64:01:61:da:cf:4d:6d: 95:3b:8a:89:7c:04:97:f6:94:70:97:b3:f5:45:cb: 42:e8:92:17:35:aa:b3:8f:14:46:05:9b:44:ad:86: dd:fe:31:03:20:e1:cc:a5:18:bb:28:fa:c3:60:e0: 9e:f6:ba:ae:a4:e0:47:85:e6:c2:f6:32:5a:50:89: d2:a7:b7:87:59:04:8b:ed:bc:48:94:44:7b:ae:ca: aa:1e:5d:13:d7:8f:17:af:db:22:49:fc:ff:36:01: 73:29:cc:27:79:cb:7f:39:e3:55:4a:78:77:8c:bf: c0:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:AE:1C:16:5E:F9:F5:C3:96:6C:79:DA:92:AE:5A:47:7A:8B:9A:71 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:76:37:30:29:a2:40:28:20:62:17:2f:6d:8b:07:04:a2:e7: c6:18:e1:ac:95:a4:23:94:4c:98:54:0c:1b:ef:aa:d2:11:4f: ef:a7:ce:ea:91:92:8a:14:cb:4b:a8:57:fb:f1:28:ac:92:1a: 45:f4:2e:06:ae:d3:c9:b1:c7:08:6d:46:7a:2b:e9:9d:59:25: b7:b0:08:d5:3a:68:f5:5a:f6:88:fc:5f:ff:46:17:2f:f6:55: 0e:f3:f4:df:a1:69:df:bd:5e:9f:e9:38:80:5b:93:c0:f1:05: 7a:24:76:94:32:14:29:e7:56:0d:bf:4a:54:70:97:0d:19:26: c8:d7:b0:1d:fb:e5:0a:b1:fb:9d:5e:45:c3:ae:89:f5:c9:32: e3:40:59:a0:c2:7d:99:22:aa:28:f3:1d:fc:8b:5f:5a:ad:eb: 31:9d:04:5b:23:e2:1b:3d:a9:a3:e2:ba:bd:50:6d:4b:78:ae: 9c:a2:f2:64:65:dd:ac:fd:48:dc:a6:8a:44:3d:56:12:ec:8e: ec:b4:e7:2b:cc:2d:ee:83:c1:68:ca:58:fe:24:aa:ee:52:74: 4a:76:6b:af:a8:51:43:56:e7:bb:ac:55:8b:4f:e4:46:11:d6: 6c:99:c8:dd:bf:56:08:0d:a7:6f:0a:5f:f9:12:8a:16:89:3e: 55:44:8f:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUxMTAyMTU1NTQ0WhcNMjUxMTA5MTU1NTQ0WjAYMRYwFAYD VQQDEw02OTA3N2YwMC1mMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwpbgswGGgjshFcuO8p2StrluHGkAdA9wAftTXGmadDz9igIiOt1GX+rggYsX 9UX9L3chj6Q9v6pzgjZG2dPDL6fjM3EZvzIV/011y4Hx5GTOlISARQEquwj3Vm0h yzLsiILe1LJKPC3Ty+lKOxPGTRYMXdL+QhW6/8Bcv+PfoXgoJM46JD6oAqCBhx79 FGQBYdrPTW2VO4qJfASX9pRwl7P1RctC6JIXNaqzjxRGBZtErYbd/jEDIOHMpRi7 KPrDYOCe9rqupOBHhebC9jJaUInSp7eHWQSL7bxIlER7rsqqHl0T148Xr9siSfz/ NgFzKcwnect/OeNVSnh3jL/AqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE2uHBZe +fXDlmx52pKuWkd6i5pxMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9djcwKaJAKCBiFy9tiwcEoufGGOGslaQjlEyYVAwb76rSEU/vp87q kZKKFMtLqFf78SiskhpF9C4GrtPJsccIbUZ6K+mdWSW3sAjVOmj1WvaI/F//Rhcv 9lUO8/TfoWnfvV6f6TiAW5PA8QV6JHaUMhQp51YNv0pUcJcNGSbI17Ad++UKsfud XkXDron1yTLjQFmgwn2ZIqoo8x38i19aresxnQRbI+IbPamj4rq9UG1LeK6covJk Zd2s/UjcpopEPVYS7I7stOcrzC3ug8Foylj+JKruUnRKdmuvqFFDVue7rFWLT+RG EdZsmcjdv1YIDadvCl/5EooWiT5VRI+l -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:23 2025 by rpki-client