$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: WG4GoFdl6NaDjGAYMJ2kNQlPvjzLGt5C5xVhLVH/gho= Subject key identifier: 56:3D:BF:E4:AE:C5:1E:20:51:F0:24:37:77:EB:15:66:30:D4:16:6B Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: CB Signing time: Fri 11 Apr 2025 04:58:56 +0000 Manifest this update: Fri 11 Apr 2025 04:58:55 +0000 Manifest next update: Fri 18 Apr 2025 04:58:55 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: XTE1t4IKgVDzSFTFBvpi0Q6Gp/VuQmEqm9IMRd+wUK4=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: /HAKekx3oGLhAH29x46oJ6hTdPMrFSJIAAVT8YfqHU0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 04:58:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Apr 11 04:58:55 2025 GMT Not After : Apr 18 04:58:55 2025 GMT Subject: CN=67f8a190-2409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a9:c6:c7:ab:4f:49:8e:b2:63:40:22:6b:b1: f4:69:9e:f9:b1:3b:bc:31:00:1c:58:f8:4c:47:9a: f8:31:c9:b5:7e:8a:33:32:62:a6:56:18:f3:53:31: 39:48:4c:8d:46:e8:04:f0:5d:70:e6:8b:ab:6e:7b: fa:3f:1b:a3:2c:bd:6d:e4:e6:07:ac:a6:53:39:af: 12:6e:48:c2:04:96:63:70:53:a2:a3:b7:a4:02:af: 91:de:08:77:bd:26:27:ac:f9:f2:29:69:2d:c3:c6: 0f:6e:89:a7:1e:f8:8e:22:39:e6:68:14:59:f0:a6: 59:e5:5f:2b:08:a8:ab:9d:b5:86:16:e8:9d:e9:7e: cb:ac:e6:dc:f7:a4:f7:a5:e9:07:fc:02:f7:4b:48: fd:01:24:6b:48:f8:5e:22:58:90:36:76:85:f0:93: d8:ff:e6:86:03:68:21:84:fc:ad:29:89:66:9e:c9: 74:64:6d:50:b8:c4:a9:c9:f5:df:74:72:0b:69:b6: bc:84:ae:5d:1e:ae:f1:49:2e:46:66:d4:19:04:80: 9f:51:91:25:d4:3a:2f:01:aa:c0:b4:c7:36:e6:ce: 0e:21:9d:f9:9e:2d:bb:a6:73:4f:af:22:34:f8:b8: c1:4b:05:97:1b:02:96:2c:57:19:29:b1:82:4c:df: 44:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:3D:BF:E4:AE:C5:1E:20:51:F0:24:37:77:EB:15:66:30:D4:16:6B X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:95:a0:d8:36:ae:34:78:29:68:57:92:0d:16:59:79:6a:c5: ae:57:9c:cc:9c:4d:66:70:e7:ad:f6:ed:a6:7d:28:cc:9c:c5: 00:7e:a5:ff:98:60:25:a3:25:5e:a5:e8:ba:fd:8b:5c:20:60: 7f:bd:37:d7:ed:af:8a:ba:ee:00:24:06:a3:79:e5:3d:93:21: 6c:d5:9a:2f:d9:4e:d9:ad:61:72:71:ad:b6:22:51:28:1d:15: 1a:d6:36:35:7f:b9:b1:10:7d:9d:2e:23:ff:5a:7d:97:49:a5: 6c:a5:12:19:18:79:53:cc:75:40:41:b7:27:fb:04:7f:0c:00: ad:a6:6b:f9:8a:d9:75:c3:2f:04:f0:93:3e:2b:c1:f1:97:db: 6b:ee:48:5d:9f:ac:b4:55:43:2e:e5:90:30:2d:cc:1d:57:a2: 17:64:25:7d:78:7e:2e:0a:b4:1b:64:96:8b:5e:60:52:02:d5: 2b:f0:d4:3d:4d:e3:bf:3c:7e:9c:72:34:ed:ca:20:71:f1:e5: 82:5a:0f:92:f8:1a:54:40:c5:b6:36:a5:41:ff:7d:c7:cd:e2: f4:a4:17:f0:59:18:ab:28:98:f4:b7:79:99:18:60:87:44:aa: 1f:a8:06:70:e2:14:84:be:3c:38:a6:ed:f9:dd:16:cc:19:77: 8a:9a:89:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwNDExMDQ1ODU1WhcNMjUwNDE4MDQ1ODU1WjAYMRYwFAYD VQQDEw02N2Y4YTE5MC0yNDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6nGx6tPSY6yY0Aia7H0aZ75sTu8MQAcWPhMR5r4Mcm1foozMmKmVhjzUzE5 SEyNRugE8F1w5ourbnv6PxujLL1t5OYHrKZTOa8SbkjCBJZjcFOio7ekAq+R3gh3 vSYnrPnyKWktw8YPbomnHviOIjnmaBRZ8KZZ5V8rCKirnbWGFuid6X7LrObc96T3 pekH/AL3S0j9ASRrSPheIliQNnaF8JPY/+aGA2ghhPytKYlmnsl0ZG1QuMSpyfXf dHILaba8hK5dHq7xSS5GZtQZBICfUZEl1DovAarAtMc25s4OIZ35ni27pnNPryI0 +LjBSwWXGwKWLFcZKbGCTN9E1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFY9v+Su xR4gUfAkN3frFWYw1BZrMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnlaDYNq40eCloV5INFll5asWuV5zMnE1mcOet9u2mfSjMnMUAfqX/ mGAloyVepei6/YtcIGB/vTfX7a+Kuu4AJAajeeU9kyFs1Zov2U7ZrWFyca22IlEo HRUa1jY1f7mxEH2dLiP/Wn2XSaVspRIZGHlTzHVAQbcn+wR/DACtpmv5itl1wy8E 8JM+K8Hxl9tr7khdn6y0VUMu5ZAwLcwdV6IXZCV9eH4uCrQbZJaLXmBSAtUr8NQ9 TeO/PH6ccjTtyiBx8eWCWg+S+BpUQMW2NqVB/33HzeL0pBfwWRirKJj0t3mZGGCH RKofqAZw4hSEvjw4pu353RbMGXeKmolV -----END CERTIFICATE-----Generated at Sat Apr 12 16:17:31 2025 by rpki-client