$ rpki-client -vvf rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft File: nb0ycj1x0bhWzIRJBDf78NpVJWo.mft (raw, json) Hash identifier: LQBS77XMEZMU8TKCP3wLwHsy53MpU8XcdTFOfv0js/s= Subject key identifier: 25:8D:22:A6:1E:C7:EC:1B:91:6C:73:E8:68:84:4C:FC:AB:DC:6A:68 Authority key identifier: 9D:BD:32:72:3D:71:D1:B8:56:CC:84:49:04:37:FB:F0:DA:55:25:6A Certificate issuer: /CN=A9165B41/serialNumber=9DBD32723D71D1B856CC84490437FBF0DA55256A Certificate serial: 0F2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft Manifest number: 0F23 Signing time: Fri 18 Apr 2025 17:43:54 +0000 Manifest this update: Fri 18 Apr 2025 17:43:53 +0000 Manifest next update: Fri 25 Apr 2025 17:43:53 +0000 Files and hashes: 1: nb0ycj1x0bhWzIRJBDf78NpVJWo.crl (hash: 5xKw5cMdo0MUpO5aaE9d/8+vydA/QblBAOhrc9YiAW0=) 2: B0DA9FC46FDD11E9BC194664C4F9AE02.roa (hash: Hb9hkw/JGVDNL3WRZDBLo8Md0h4gCqoVhQUhIQUyimQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.crl rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 17:43:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3882 (0xf2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165B41, serialNumber=9DBD32723D71D1B856CC84490437FBF0DA55256A Validity Not Before: Apr 18 17:43:53 2025 GMT Not After : Apr 25 17:43:53 2025 GMT Subject: CN=68028f5a-0253 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f6:e4:6a:55:82:f3:77:2c:c9:13:a8:8e:59: e0:ac:9f:ee:c9:36:6e:05:4e:ee:7d:ea:7d:30:72: 34:e0:6e:77:e0:1e:2f:63:28:b3:37:e4:dc:28:ef: 4a:06:ec:fc:ef:da:26:e1:e6:cb:e0:a7:d7:4b:d7: 9b:df:40:3c:b8:ba:8c:a6:5b:da:c9:43:40:68:1a: 35:8f:dd:15:07:ba:5f:3f:b3:e6:ea:34:ef:29:de: d6:10:1b:8b:b6:8a:4f:76:5d:18:5d:5e:32:d7:15: 02:4d:02:41:55:6f:ce:cd:17:72:9d:9f:ad:fc:d1: 0d:d7:0b:c6:fe:06:13:1e:fa:52:4d:51:cb:0f:b2: e8:b4:f1:9e:c2:09:64:77:35:eb:d8:8b:71:11:82: 28:37:bc:48:f5:9e:cd:b7:a4:e3:9a:06:a9:1c:d2: 6b:28:06:4c:26:df:09:2c:57:54:ec:51:19:86:b9: e1:b6:99:c4:22:8b:21:b0:dc:59:8b:d5:16:29:ce: 2c:03:ae:a5:39:6f:b9:45:83:79:80:9a:a0:95:87: 1d:e7:df:d3:3f:a0:3b:36:2f:e6:59:8b:59:fa:f5: 18:ac:56:02:a0:cf:8f:f6:ca:34:f8:96:02:fb:a4: 4b:09:f5:b0:b4:9b:a0:99:0f:9f:14:2f:c1:13:0b: 27:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:8D:22:A6:1E:C7:EC:1B:91:6C:73:E8:68:84:4C:FC:AB:DC:6A:68 X509v3 Authority Key Identifier: keyid:9D:BD:32:72:3D:71:D1:B8:56:CC:84:49:04:37:FB:F0:DA:55:25:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:2f:6d:fe:06:f5:17:8a:b3:1e:8f:9e:4b:b5:45:f3:8d:de: e4:b3:73:36:df:db:76:69:f3:48:d5:49:8b:65:75:2c:b2:51: fe:59:15:2f:3a:16:85:ad:ee:65:91:cb:72:ef:b8:9a:7c:da: 39:51:90:88:ed:28:f7:7e:0d:49:53:d3:44:85:58:95:eb:f7: 1f:d0:fb:28:fc:f0:b5:7a:eb:fe:13:a9:62:ec:53:33:e7:7f: 82:b7:b9:a7:02:9c:7e:dc:2d:65:62:d4:fb:67:cd:04:9c:59: 7e:1d:c6:e6:fb:d3:30:33:b4:36:cd:08:39:02:82:dc:62:44: e3:42:94:20:c0:bd:44:43:40:88:e8:3a:8f:7e:f0:63:1a:43: 43:0a:29:d4:86:7f:df:7e:ab:b7:28:24:64:f5:47:3a:c8:71: da:5c:5f:ef:75:0e:13:93:eb:ce:22:41:2d:ec:84:93:76:42: a6:9f:68:f8:89:71:47:27:24:09:1d:c1:0b:a9:31:ed:ff:ba: bb:31:0e:e7:4e:0f:0f:5e:ac:8c:27:14:38:33:38:73:3e:6e: dc:4f:96:f4:56:33:9d:8e:a1:e8:8f:e3:0d:90:87:3c:08:81: 8f:3b:29:8f:41:fb:63:66:c4:57:e3:35:88:e6:60:67:79:33: 41:ad:6e:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVCNDExMTAvBgNVBAUTKDlEQkQzMjcyM0Q3MUQxQjg1NkNDODQ0OTA0MzdGQkYw REE1NTI1NkEwHhcNMjUwNDE4MTc0MzUzWhcNMjUwNDI1MTc0MzUzWjAYMRYwFAYD VQQDEw02ODAyOGY1YS0wMjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1fbkalWC83csyROojlngrJ/uyTZuBU7ufep9MHI04G534B4vYyizN+TcKO9K Buz879om4ebL4KfXS9eb30A8uLqMplvayUNAaBo1j90VB7pfP7Pm6jTvKd7WEBuL topPdl0YXV4y1xUCTQJBVW/OzRdynZ+t/NEN1wvG/gYTHvpSTVHLD7LotPGewglk dzXr2ItxEYIoN7xI9Z7Nt6TjmgapHNJrKAZMJt8JLFdU7FEZhrnhtpnEIoshsNxZ i9UWKc4sA66lOW+5RYN5gJqglYcd59/TP6A7Ni/mWYtZ+vUYrFYCoM+P9so0+JYC +6RLCfWwtJugmQ+fFC/BEwsnzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCWNIqYe x+wbkWxz6GiETPyr3GpoMB8GA1UdIwQYMBaAFJ29MnI9cdG4VsyESQQ3+/DaVSVq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUI0MS8zM0QyNTMxNjZG REIxMUU5QTZFNkJENURDNEY5QUUwMi9uYjB5Y2oxeDBiaFd6SVJKQkRmNzhOcFZK V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25iMHljajF4MGJoV3pJUkpCRGY3OE5wVkpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NUI0MS8zM0QyNTMxNjZGREIxMUU5QTZFNkJENURDNEY5QUUwMi9uYjB5Y2oxeDBi aFd6SVJKQkRmNzhOcFZKV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABL23+BvUXirMej55LtUXzjd7ks3M239t2afNI1UmLZXUsslH+WRUv OhaFre5lkcty77iafNo5UZCI7Sj3fg1JU9NEhViV6/cf0Pso/PC1euv+E6li7FMz 53+Ct7mnApx+3C1lYtT7Z80EnFl+Hcbm+9MwM7Q2zQg5AoLcYkTjQpQgwL1EQ0CI 6DqPfvBjGkNDCinUhn/ffqu3KCRk9Uc6yHHaXF/vdQ4Tk+vOIkEt7ISTdkKmn2j4 iXFHJyQJHcELqTHt/7q7MQ7nTg8PXqyMJxQ4MzhzPm7cT5b0VjOdjqHoj+MNkIc8 CIGPOymPQftjZsRX4zWI5mBneTNBrW64 -----END CERTIFICATE-----Generated at Sat Apr 19 02:09:00 2025 by rpki-client