$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft File: NNz0cp9FgmKIjvB6K9RnX24xE4A.mft (raw, json) Hash identifier: 5OJ7gu+LrAei2tF8E467kcXzMSOsUfRWp0LssBzECEQ= Subject key identifier: 05:AB:FC:DB:33:83:2C:50:BE:A5:C4:37:55:12:BC:61:11:D0:D4:1A Authority key identifier: 34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 Certificate issuer: /CN=A9157B7F/serialNumber=34DCF4729F458262888EF07A2BD4675F6E311380 Certificate serial: 0677 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft Manifest number: 0670 Signing time: Wed 02 Apr 2025 22:20:02 +0000 Manifest this update: Wed 02 Apr 2025 22:20:02 +0000 Manifest next update: Wed 09 Apr 2025 22:20:02 +0000 Files and hashes: 1: NNz0cp9FgmKIjvB6K9RnX24xE4A.crl (hash: k7vL1r4JgctkY/1LncSV+YA697upiqQkmIdhl0KDVJo=) 2: AE27A8A671B311EBB90BB364C4F9AE02.roa (hash: zKqUOk2enQVo+KwTKKBvY1Ib1LdBjKOEZObmTpDLQzs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 22:20:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1655 (0x677) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B7F Validity Not Before: Apr 2 22:20:02 2025 GMT Not After : Apr 9 22:20:02 2025 GMT Subject: CN=67edb812-57e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bf:a3:39:cd:ab:98:c0:21:7a:9f:fc:5d:95: f6:1e:c7:b0:26:84:91:d1:6e:92:95:75:5c:ca:5e: c9:5d:17:ef:6e:af:ef:2d:54:8d:04:50:e7:d8:3c: 28:9e:ea:44:1f:c7:9a:6a:0e:bf:c5:c5:70:91:08: a6:52:f6:7b:29:b5:9b:7e:69:82:08:c5:70:88:ce: e9:ae:02:bf:f7:50:d0:70:9d:17:98:e0:94:db:3c: 8e:d5:03:c1:a4:cb:a9:a6:c0:cb:bf:91:10:59:66: 11:ad:28:90:b9:49:f8:9d:23:51:1b:06:62:83:d9: 2f:fb:9f:f8:38:8c:87:85:8e:b5:72:ac:9e:31:3f: 45:e0:0f:f0:59:d5:20:59:c1:a1:0c:5a:a1:fe:c3: 2c:67:fe:5a:ab:f0:a5:fb:75:17:a2:7a:b1:0d:2a: 6b:bf:5c:f5:ed:ae:0f:a2:e6:71:10:b9:89:d0:78: 52:21:31:f5:48:c6:1e:9c:c1:2d:ed:27:01:7f:15: 02:15:46:1f:0e:db:67:17:37:b7:ae:40:c3:e6:19: 8f:f8:f9:ca:39:ce:8c:32:89:28:62:62:d6:f0:1b: 76:6b:d5:21:3f:c3:06:ad:75:91:83:de:f2:3b:d2: 17:c7:b8:04:38:35:79:3e:66:da:f6:08:7a:ab:17: 7c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:AB:FC:DB:33:83:2C:50:BE:A5:C4:37:55:12:BC:61:11:D0:D4:1A X509v3 Authority Key Identifier: keyid:34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:aa:20:12:4f:7f:a4:30:fb:98:33:4c:14:9b:fc:e7:4d:0e: f7:f1:67:e0:80:53:a0:29:0f:04:18:0a:2d:90:88:14:01:4c: 61:8d:d3:79:f3:d1:3c:0e:35:fd:6a:c1:ed:a4:3c:e1:42:2a: 9b:60:10:fc:ea:83:c7:b5:e3:74:8d:28:ae:dc:59:d6:83:77: 48:62:16:e3:9f:ac:d0:74:a7:11:24:43:f8:ca:d4:73:ad:6a: 56:6f:7c:4a:58:b2:bc:46:5a:30:ad:18:c1:75:31:c1:3a:c3: 5e:89:48:fe:4c:6a:d8:85:85:c4:83:ba:7c:0e:9d:23:b7:6a: db:a8:3e:2c:86:8e:ad:d0:a8:ad:60:f0:c9:9e:fa:9d:03:d0: 13:97:e7:7a:ac:e0:d2:ad:a8:21:9d:fc:b0:0e:6e:02:a1:b4: 78:7f:b6:12:5a:53:78:e1:80:7b:28:83:f6:c3:95:77:db:c3: b4:0c:6f:8b:ea:b2:d2:e0:a4:ef:79:c0:ab:25:47:96:b5:79: 01:1b:e1:93:7c:bb:07:ec:d1:44:2b:91:a5:4d:35:3c:24:a8: f9:e1:08:75:3b:03:c7:85:34:83:94:03:8c:89:72:0f:e9:75: 2f:3d:29:cc:09:39:ab:c7:2f:16:e2:f2:fc:d3:89:bc:63:a1: 4c:83:2e:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCN0YxMTAvBgNVBAUTKDM0RENGNDcyOUY0NTgyNjI4ODhFRjA3QTJCRDQ2NzVG NkUzMTEzODAwHhcNMjUwNDAyMjIyMDAyWhcNMjUwNDA5MjIyMDAyWjAYMRYwFAYD VQQDEw02N2VkYjgxMi01N2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyL+jOc2rmMAhep/8XZX2HsewJoSR0W6SlXVcyl7JXRfvbq/vLVSNBFDn2Dwo nupEH8eaag6/xcVwkQimUvZ7KbWbfmmCCMVwiM7prgK/91DQcJ0XmOCU2zyO1QPB pMuppsDLv5EQWWYRrSiQuUn4nSNRGwZig9kv+5/4OIyHhY61cqyeMT9F4A/wWdUg WcGhDFqh/sMsZ/5aq/Cl+3UXonqxDSprv1z17a4PouZxELmJ0HhSITH1SMYenMEt 7ScBfxUCFUYfDttnFze3rkDD5hmP+PnKOc6MMokoYmLW8Bt2a9UhP8MGrXWRg97y O9IXx7gEODV5Pmba9gh6qxd8DQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAWr/Nsz gyxQvqXEN1USvGER0NQaMB8GA1UdIwQYMBaAFDTc9HKfRYJiiI7weivUZ19uMROA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0I3Ri8zN0I4MkM1MDcx QjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5RmdtS0lqdkI2SzlSblgyNHhF NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OejBjcDlGZ21LSWp2QjZLOVJuWDI0eEU0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0I3Ri8zN0I4MkM1MDcxQjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5Rmdt S0lqdkI2SzlSblgyNHhFNEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1qiAST3+kMPuYM0wUm/znTQ738WfggFOgKQ8EGAotkIgUAUxhjdN5 89E8DjX9asHtpDzhQiqbYBD86oPHteN0jSiu3FnWg3dIYhbjn6zQdKcRJEP4ytRz rWpWb3xKWLK8RlowrRjBdTHBOsNeiUj+TGrYhYXEg7p8Dp0jt2rbqD4sho6t0Kit YPDJnvqdA9ATl+d6rODSraghnfywDm4CobR4f7YSWlN44YB7KIP2w5V328O0DG+L 6rLS4KTvecCrJUeWtXkBG+GTfLsH7NFEK5GlTTU8JKj54Qh1OwPHhTSDlAOMiXIP 6XUvPSnMCTmrxy8W4vL804m8Y6FMgy7D -----END CERTIFICATE-----Generated at Fri Apr 4 21:58:30 2025 by rpki-client