$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft File: NyCB99vi7xGkQRvU5q-G8yaYyvo.mft (raw, json) Hash identifier: UtjPsT/MkzwT5WgCkJfQ7I0Oy0HEtEZ6qEaUhCI3IZI= Subject key identifier: 83:62:AE:68:D0:1F:1E:72:98:DD:FB:A6:D6:A8:EE:7F:07:D1:8F:28 Authority key identifier: 37:20:81:F7:DB:E2:EF:11:A4:41:1B:D4:E6:AF:86:F3:26:98:CA:FA Certificate issuer: /CN=A9191E19/serialNumber=372081F7DBE2EF11A4411BD4E6AF86F32698CAFA Certificate serial: E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NyCB99vi7xGkQRvU5q-G8yaYyvo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft Manifest number: DF Signing time: Mon 21 Jul 2025 05:38:49 +0000 Manifest this update: Mon 21 Jul 2025 05:38:48 +0000 Manifest next update: Mon 28 Jul 2025 05:38:48 +0000 Files and hashes: 1: NyCB99vi7xGkQRvU5q-G8yaYyvo.crl (hash: bJJ0pzZP9IjN2ioI0NWmbDcyiMQNGVn5f98CykfwjAA=) 2: 680CA022140F11EF99D47F17C4F9AE02.roa (hash: D5rGbzNBp0qpzKteB7pJY43rBzORSmVBVYcN6zCKrOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.crl rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NyCB99vi7xGkQRvU5q-G8yaYyvo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 05:38:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 225 (0xe1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9191E19, serialNumber=372081F7DBE2EF11A4411BD4E6AF86F32698CAFA Validity Not Before: Jul 21 05:38:48 2025 GMT Not After : Jul 28 05:38:48 2025 GMT Subject: CN=687dd269-8a82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:12:3e:04:1a:de:31:e0:0f:4c:6b:4e:aa:e2: f2:6c:41:eb:fb:62:a1:0b:50:6f:6d:6d:08:8a:43: 78:c2:da:c0:69:b0:bc:79:6f:06:40:67:3c:39:9a: 71:97:97:37:30:22:a1:d7:58:53:d8:e3:df:a8:b5: 8c:61:e8:3b:b6:5d:14:4c:1c:db:e2:f6:7a:0c:54: 29:54:17:e8:df:cb:e8:60:b9:d0:87:cc:d4:60:d0: 0d:a1:15:7a:3a:5e:78:b6:35:2b:32:b6:d3:40:43: 9c:9a:4d:1e:3c:50:f6:78:6c:bf:d5:60:75:2d:39: 87:4e:90:91:bf:91:b7:d2:5c:fc:63:91:4b:92:0a: 12:a8:fa:98:7e:5c:4f:be:c1:4f:71:4c:f2:eb:98: cf:b8:9c:47:5b:59:01:b8:9f:30:dd:86:9c:51:ea: 4b:eb:c5:d2:d5:cd:1a:e7:dd:aa:12:ab:e8:3e:8d: a4:35:cc:e6:d3:6f:e7:42:27:f9:ee:b8:a1:67:ca: 68:92:9f:af:aa:b8:e3:8a:16:4f:2b:25:af:d5:25: 08:ee:b9:81:bf:43:bc:c1:f1:00:76:fd:0f:81:ed: 1b:ce:1b:ed:8e:c6:b4:11:0b:34:bf:cf:9f:e0:08: 85:3c:a9:d6:a2:5f:b8:25:5f:29:3a:18:e5:96:61: c1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:62:AE:68:D0:1F:1E:72:98:DD:FB:A6:D6:A8:EE:7F:07:D1:8F:28 X509v3 Authority Key Identifier: keyid:37:20:81:F7:DB:E2:EF:11:A4:41:1B:D4:E6:AF:86:F3:26:98:CA:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NyCB99vi7xGkQRvU5q-G8yaYyvo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:04:f4:70:9e:6a:d4:5e:dd:0d:a3:61:98:2c:a3:f8:c8:fc: ea:5a:eb:46:3b:68:5d:d4:9c:6e:98:36:d3:4c:42:88:91:bf: 5a:26:64:27:a0:38:dc:15:b1:86:7f:ec:62:c7:95:84:ae:48: cc:06:ca:c8:c2:e4:7e:08:10:fc:20:fe:29:f6:73:cb:d0:a2: 72:a1:02:d5:3f:2b:45:a2:53:ad:0f:24:b9:86:68:ff:c0:92: c6:95:18:63:5d:a3:82:ee:bf:c9:79:1e:1c:b8:5a:ea:7a:95: a9:46:c8:d6:10:4e:19:34:03:4a:5f:a8:28:b3:51:4d:e0:17: af:8d:5c:d2:ff:b1:25:d8:ac:0e:b7:be:3d:1e:99:74:a7:85: 56:c7:72:36:16:83:1c:a4:f3:34:73:15:16:6b:47:32:80:a1: bf:33:d1:41:5d:cf:57:56:c5:87:1d:f2:e0:49:f9:81:f5:d6: 6e:ab:ab:fb:4b:6d:5d:b4:dd:fa:28:73:82:d6:b2:97:b6:31: 8d:85:0f:bf:b7:d8:00:c9:3e:6e:72:90:d7:23:ec:10:1a:56: 02:ba:d6:63:5e:3a:2d:e5:4a:6f:47:87:9e:43:e9:4f:05:79: 5c:fe:fc:04:0c:06:24:8b:9f:23:74:da:29:3a:8d:a7:be:cb: cc:7b:ab:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTFFMTkxMTAvBgNVBAUTKDM3MjA4MUY3REJFMkVGMTFBNDQxMUJENEU2QUY4NkYz MjY5OENBRkEwHhcNMjUwNzIxMDUzODQ4WhcNMjUwNzI4MDUzODQ4WjAYMRYwFAYD VQQDEw02ODdkZDI2OS04YTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthI+BBreMeAPTGtOquLybEHr+2KhC1BvbW0IikN4wtrAabC8eW8GQGc8OZpx l5c3MCKh11hT2OPfqLWMYeg7tl0UTBzb4vZ6DFQpVBfo38voYLnQh8zUYNANoRV6 Ol54tjUrMrbTQEOcmk0ePFD2eGy/1WB1LTmHTpCRv5G30lz8Y5FLkgoSqPqYflxP vsFPcUzy65jPuJxHW1kBuJ8w3YacUepL68XS1c0a592qEqvoPo2kNczm02/nQif5 7rihZ8pokp+vqrjjihZPKyWv1SUI7rmBv0O8wfEAdv0Pge0bzhvtjsa0EQs0v8+f 4AiFPKnWol+4JV8pOhjllmHB3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFINirmjQ Hx5ymN37ptao7n8H0Y8oMB8GA1UdIwQYMBaAFDcggffb4u8RpEEb1OavhvMmmMr6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUUxOS8xMEM3RjBBQTE0 MEYxMUVGOEE0QTcwMTZDNEY5QUUwMi9OeUNCOTl2aTd4R2tRUnZVNXEtRzh5YVl5 dm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL055Q0I5OXZpN3hHa1FSdlU1cS1HOHlhWXl2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MUUxOS8xMEM3RjBBQTE0MEYxMUVGOEE0QTcwMTZDNEY5QUUwMi9OeUNCOTl2aTd4 R2tRUnZVNXEtRzh5YVl5dm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANBPRwnmrUXt0No2GYLKP4yPzqWutGO2hd1JxumDbTTEKIkb9aJmQn oDjcFbGGf+xix5WErkjMBsrIwuR+CBD8IP4p9nPL0KJyoQLVPytFolOtDyS5hmj/ wJLGlRhjXaOC7r/JeR4cuFrqepWpRsjWEE4ZNANKX6gos1FN4BevjVzS/7El2KwO t749Hpl0p4VWx3I2FoMcpPM0cxUWa0cygKG/M9FBXc9XVsWHHfLgSfmB9dZuq6v7 S21dtN36KHOC1rKXtjGNhQ+/t9gAyT5ucpDXI+wQGlYCutZjXjot5UpvR4eeQ+lP BXlc/vwEDAYki58jdNopOo2nvsvMe6vq -----END CERTIFICATE-----Generated at Wed Jul 23 02:29:33 2025 by rpki-client