$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft File: cnQCOx-0p0kyj11N-DsN0_B_6UI.mft (raw, json) Hash identifier: skcAl+qbba/U08Q7UqZTaX9twEQcIBKiiHH8qcZylbM= Subject key identifier: F8:8F:7E:B7:04:0C:7A:74:E5:08:38:E4:F3:8A:CF:5F:A3:04:A3:9D Authority key identifier: 72:74:02:3B:1F:B4:A7:49:32:8F:5D:4D:F8:3B:0D:D3:F0:7F:E9:42 Certificate issuer: /CN=A91FFDF3/serialNumber=7274023B1FB4A749328F5D4DF83B0DD3F07FE942 Certificate serial: 068B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft Manifest number: 068B Signing time: Tue 12 Aug 2025 22:37:44 +0000 Manifest this update: Tue 12 Aug 2025 22:37:44 +0000 Manifest next update: Tue 19 Aug 2025 22:37:44 +0000 Files and hashes: 1: cnQCOx-0p0kyj11N-DsN0_B_6UI.crl (hash: ffgmh6yglujG8rB5kyHIFkim1I50OE6hvah1LVmSjYo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.crl rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 22:37:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1675 (0x68b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFDF3, serialNumber=7274023B1FB4A749328F5D4DF83B0DD3F07FE942 Validity Not Before: Aug 12 22:37:44 2025 GMT Not After : Aug 19 22:37:44 2025 GMT Subject: CN=689bc238-83ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:07:ca:8c:52:bf:97:bf:a3:f5:40:05:2a:6b: 41:51:82:b4:ef:bc:7c:17:75:e5:e5:95:14:3b:57: cf:02:24:e2:98:fd:e2:3f:fb:af:b3:5e:08:75:66: ca:66:1d:a1:75:16:89:9d:d0:cd:34:0d:14:de:05: d0:83:ab:5e:51:73:ba:47:a6:b4:96:96:6b:dd:55: db:4d:f7:e5:2f:97:06:db:12:8a:a0:3d:aa:05:22: fc:b1:30:ce:53:c6:22:41:2c:34:07:95:2f:01:ea: 79:c8:37:6d:07:37:4e:48:06:39:4c:7c:4f:b4:59: 48:5b:be:5a:fc:e0:72:64:59:a2:a8:65:60:c4:47: 53:f1:d9:93:ac:1e:7a:a5:c0:28:a1:dd:72:60:08: 64:64:9c:08:f1:b4:ff:ba:1c:3a:c7:96:fc:7e:b3: 8c:c2:8a:14:76:8d:81:c4:2b:fc:06:f3:59:e0:86: 6b:99:0e:8e:cb:a6:99:b4:ed:e9:aa:cd:1f:5a:39: 9c:02:9f:47:8e:1c:b9:a3:ca:1c:75:97:9b:4d:da: 0b:72:fb:be:12:f0:83:81:d1:85:dc:b1:48:6d:10: 8a:2f:17:60:7a:07:94:05:89:47:a6:52:fa:5d:48: b5:44:fe:30:9c:b7:0e:ab:34:c1:d4:80:b3:57:f7: 41:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:8F:7E:B7:04:0C:7A:74:E5:08:38:E4:F3:8A:CF:5F:A3:04:A3:9D X509v3 Authority Key Identifier: keyid:72:74:02:3B:1F:B4:A7:49:32:8F:5D:4D:F8:3B:0D:D3:F0:7F:E9:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:b8:cf:22:bf:61:8e:7a:52:f9:78:68:28:09:3f:f8:f7:3d: 0c:91:6d:35:71:9b:2a:be:65:1c:24:3a:9c:47:9d:2c:de:3b: 5b:c4:27:0d:f5:12:9d:f5:54:68:34:bf:e3:7e:75:ac:77:73: 5b:25:5c:8a:6b:de:6e:66:aa:35:e3:90:f9:f2:bb:17:ca:a4: 1e:dc:65:a0:42:f1:3e:aa:04:b1:1c:0c:78:24:f3:a2:bc:e8: 81:ac:3b:82:16:be:a9:42:a5:3f:7e:5b:8d:ab:e1:c7:ba:47: e8:85:eb:7e:9c:f8:78:c2:a2:a6:69:94:e5:da:aa:d4:fc:b3: 92:ce:96:fc:26:c9:c2:ca:c4:86:e3:48:18:06:cf:16:17:21: 60:94:9d:af:ec:06:09:19:e6:4e:a2:9c:8b:b1:5a:1c:6b:75: 82:b4:1f:05:f4:7f:48:64:84:a0:74:56:28:71:08:27:1b:3c: 4a:df:ee:cd:01:7f:ce:f0:b2:79:91:86:72:c9:9c:e6:63:3b: 1b:f5:e5:b0:26:46:b6:44:d1:9d:80:49:31:ad:ec:ea:91:13: d6:18:a8:84:b9:6b:a5:58:8c:3c:ef:9d:46:ac:19:4a:51:0d: 47:a6:9c:71:91:32:08:65:28:59:8c:a9:26:df:c9:27:84:49: fb:98:df:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkZERjMxMTAvBgNVBAUTKDcyNzQwMjNCMUZCNEE3NDkzMjhGNUQ0REY4M0IwREQz RjA3RkU5NDIwHhcNMjUwODEyMjIzNzQ0WhcNMjUwODE5MjIzNzQ0WjAYMRYwFAYD VQQDEw02ODliYzIzOC04M2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApgfKjFK/l7+j9UAFKmtBUYK077x8F3Xl5ZUUO1fPAiTimP3iP/uvs14IdWbK Zh2hdRaJndDNNA0U3gXQg6teUXO6R6a0lpZr3VXbTfflL5cG2xKKoD2qBSL8sTDO U8YiQSw0B5UvAep5yDdtBzdOSAY5THxPtFlIW75a/OByZFmiqGVgxEdT8dmTrB56 pcAood1yYAhkZJwI8bT/uhw6x5b8frOMwooUdo2BxCv8BvNZ4IZrmQ6Oy6aZtO3p qs0fWjmcAp9Hjhy5o8ocdZebTdoLcvu+EvCDgdGF3LFIbRCKLxdgegeUBYlHplL6 XUi1RP4wnLcOqzTB1ICzV/dBzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPiPfrcE DHp05Qg45POKz1+jBKOdMB8GA1UdIwQYMBaAFHJ0AjsftKdJMo9dTfg7DdPwf+lC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkRGMy83NTdEQjc4ODdE NzExMUVCODJEM0Q2NjFDNEY5QUUwMi9jblFDT3gtMHAwa3lqMTFOLURzTjBfQl82 VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuUUNPeC0wcDBreWoxMU4tRHNOMF9CXzZVSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RkRGMy83NTdEQjc4ODdENzExMUVCODJEM0Q2NjFDNEY5QUUwMi9jblFDT3gtMHAw a3lqMTFOLURzTjBfQl82VUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRuM8iv2GOelL5eGgoCT/49z0MkW01cZsqvmUcJDqcR50s3jtbxCcN 9RKd9VRoNL/jfnWsd3NbJVyKa95uZqo145D58rsXyqQe3GWgQvE+qgSxHAx4JPOi vOiBrDuCFr6pQqU/fluNq+HHukfohet+nPh4wqKmaZTl2qrU/LOSzpb8JsnCysSG 40gYBs8WFyFglJ2v7AYJGeZOopyLsVoca3WCtB8F9H9IZISgdFYocQgnGzxK3+7N AX/O8LJ5kYZyyZzmYzsb9eWwJka2RNGdgEkxrezqkRPWGKiEuWulWIw8751GrBlK UQ1HppxxkTIIZShZjKkm38knhEn7mN83 -----END CERTIFICATE-----Generated at Wed Aug 13 04:29:05 2025 by rpki-client