$ rpki-client -vvf rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft File: NYOZxzbvBV1dWSyrGQFv44FvZgg.mft (raw, json) Hash identifier: 5iQ1LhuUEKfE0BmdHr38I6HC9iEHokVmt47xbIOLors= Subject key identifier: 9B:FD:30:E9:5F:4E:9D:68:0B:1E:46:95:39:10:11:70:1C:08:DA:5F Authority key identifier: 35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08 Certificate issuer: /CN=A919819A/serialNumber=358399C736EF055D5D592CAB19016FE3816F6608 Certificate serial: 34C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft Manifest number: 34B6 Signing time: Tue 22 Jul 2025 15:02:14 +0000 Manifest this update: Tue 22 Jul 2025 15:02:14 +0000 Manifest next update: Tue 29 Jul 2025 15:02:14 +0000 Files and hashes: 1: NYOZxzbvBV1dWSyrGQFv44FvZgg.crl (hash: i2iY6+be9tPbvPT702PsnkMGjL5eLcZl/Keigd3JVkA=) 2: 73462B74643C11EB9E7DF918C4F9AE02.roa (hash: OVp7PpV4WrIA8CZ/VZbdyu0UkcIERq8sMNiqxbn0hvE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 15:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13508 (0x34c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919819A, serialNumber=358399C736EF055D5D592CAB19016FE3816F6608 Validity Not Before: Jul 22 15:02:14 2025 GMT Not After : Jul 29 15:02:14 2025 GMT Subject: CN=687fa7f6-0d66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:19:22:0d:a1:2c:d2:b5:57:db:78:5b:42:ed: 50:03:32:48:27:91:c2:b8:d9:23:42:8b:09:84:43: 90:f2:50:87:b5:b9:98:88:c2:5b:0d:38:3c:48:3c: 3f:56:58:a2:53:4d:7e:a7:89:21:82:30:71:69:a9: 69:b2:cb:c3:f2:ae:2a:84:dc:f0:5f:c5:b3:ad:11: 14:c9:68:2b:50:b1:bc:f6:cc:61:44:f0:cf:e0:78: 9d:26:d2:9d:48:0e:22:ff:27:96:69:e8:8f:4a:1c: 0c:e2:3a:66:22:20:22:09:1a:7b:0b:b3:74:c3:52: ed:76:31:01:ac:75:9f:b5:64:30:4c:cd:7f:52:0c: 9d:7c:cf:59:0a:1e:d8:d1:48:60:28:8b:20:7d:35: ec:03:af:e7:33:06:7f:2c:bc:dc:ba:57:a2:12:b5: 74:29:f7:d6:ef:5d:e5:65:64:a8:b1:0d:7d:46:69: 04:0b:b3:92:4a:1f:5e:d4:c4:10:46:9c:95:e7:9c: 4e:9a:bf:c1:92:41:8b:5b:8e:a7:4f:e5:a3:4e:b4: 20:4f:41:04:5e:86:42:1f:4e:dd:56:82:c7:77:14: bf:ea:3e:57:73:a2:a9:13:23:c7:47:fa:19:09:47: 78:28:66:ac:80:ae:27:f1:a5:fe:90:9e:0a:ab:5e: 76:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:FD:30:E9:5F:4E:9D:68:0B:1E:46:95:39:10:11:70:1C:08:DA:5F X509v3 Authority Key Identifier: keyid:35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:5b:62:45:0a:a5:3b:e3:db:9c:bc:d2:5c:f3:07:e4:b5:c5: e8:13:ca:d1:01:b2:52:95:61:c1:0f:55:6d:5c:43:04:64:df: ed:99:fd:06:03:fb:5d:71:a9:cb:d7:52:c4:4e:52:14:03:98: 1d:1b:31:18:2c:6e:11:aa:7e:15:0b:77:4a:df:48:90:f0:f1: dc:17:c5:6b:f6:aa:9c:42:9f:16:52:66:d7:ce:83:04:91:49: 37:ea:e0:68:13:89:4b:3a:cc:13:c8:b6:17:24:5e:31:c2:ca: a2:3d:bb:2e:b8:31:b9:f7:4b:69:a4:5b:f0:61:12:64:8d:25: c4:7f:24:a9:fe:0a:af:7d:8f:8a:6b:15:42:04:83:a6:61:06: 74:20:93:02:4d:09:9d:ec:04:04:5a:f0:4c:b0:b3:8a:07:e0: 72:80:79:33:e7:09:bc:49:e4:76:85:f0:33:03:6e:a0:cb:d1: 20:e5:b9:3d:0a:b8:23:37:32:08:68:73:95:2b:7e:3a:c0:98: 09:52:41:3a:a8:dd:e3:b9:47:bd:bf:a7:3f:e1:ae:ba:94:41: 5f:f0:a0:e4:36:6d:6b:7b:c9:4d:59:2a:18:2b:8b:14:0e:04: 2f:eb:1e:83:c7:fc:0e:68:71:fe:d4:bf:0e:e8:af:07:a3:de: e5:26:dd:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTgxOUExMTAvBgNVBAUTKDM1ODM5OUM3MzZFRjA1NUQ1RDU5MkNBQjE5MDE2RkUz ODE2RjY2MDgwHhcNMjUwNzIyMTUwMjE0WhcNMjUwNzI5MTUwMjE0WjAYMRYwFAYD VQQDEw02ODdmYTdmNi0wZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4xkiDaEs0rVX23hbQu1QAzJIJ5HCuNkjQosJhEOQ8lCHtbmYiMJbDTg8SDw/ VliiU01+p4khgjBxaalpssvD8q4qhNzwX8WzrREUyWgrULG89sxhRPDP4HidJtKd SA4i/yeWaeiPShwM4jpmIiAiCRp7C7N0w1LtdjEBrHWftWQwTM1/UgydfM9ZCh7Y 0UhgKIsgfTXsA6/nMwZ/LLzculeiErV0KffW713lZWSosQ19RmkEC7OSSh9e1MQQ RpyV55xOmr/BkkGLW46nT+WjTrQgT0EEXoZCH07dVoLHdxS/6j5Xc6KpEyPHR/oZ CUd4KGasgK4n8aX+kJ4Kq152JQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJv9MOlf Tp1oCx5GlTkQEXAcCNpfMB8GA1UdIwQYMBaAFDWDmcc27wVdXVksqxkBb+OBb2YI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODE5QS82M0VBMjA5MjFE OUUxMUUyQURCNzNGOEUwOEIwMkNEMi9OWU9aeHpidkJWMWRXU3lyR1FGdjQ0RnZa Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05ZT1p4emJ2QlYxZFdTeXJHUUZ2NDRGdlpnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 ODE5QS82M0VBMjA5MjFEOUUxMUUyQURCNzNGOEUwOEIwMkNEMi9OWU9aeHpidkJW MWRXU3lyR1FGdjQ0RnZaZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVW2JFCqU749ucvNJc8wfktcXoE8rRAbJSlWHBD1VtXEMEZN/tmf0G A/tdcanL11LETlIUA5gdGzEYLG4Rqn4VC3dK30iQ8PHcF8Vr9qqcQp8WUmbXzoME kUk36uBoE4lLOswTyLYXJF4xwsqiPbsuuDG590tppFvwYRJkjSXEfySp/gqvfY+K axVCBIOmYQZ0IJMCTQmd7AQEWvBMsLOKB+BygHkz5wm8SeR2hfAzA26gy9Eg5bk9 CrgjNzIIaHOVK346wJgJUkE6qN3juUe9v6c/4a66lEFf8KDkNm1re8lNWSoYK4sU DgQv6x6Dx/wOaHH+1L8O6K8Ho97lJt3U -----END CERTIFICATE-----Generated at Wed Jul 23 12:55:19 2025 by rpki-client