$ rpki-client -vvf rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.mft File: NIvmaU7XBBqvKNDsjGxlZVkfLdo.mft (raw, json) Hash identifier: pCDEpqlWazuqazybjRBgznX2CRcm0GGGL4pWuFIJo7M= Subject key identifier: 8B:CD:B6:64:6B:06:46:52:09:39:15:C8:51:5B:2F:36:68:64:34:09 Authority key identifier: 34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA Certificate issuer: /CN=A91C99B4/serialNumber=348BE6694ED7041AAF28D0EC8C6C6565591F2DDA Certificate serial: 06EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.mft Manifest number: 06CB Signing time: Wed 02 Apr 2025 22:09:12 +0000 Manifest this update: Wed 02 Apr 2025 22:09:11 +0000 Manifest next update: Wed 09 Apr 2025 22:09:11 +0000 Files and hashes: 1: NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl (hash: 1JPV8Qmxn06Ez7n0b66wuMc3LPltlgUtx0SQ8pzVSz0=) 2: 96FC6944591111EEBFB2384AC4F9AE02.roa (hash: ax+xM3Q8UL+b4tURGtbo2gp+tcgS0j+5JXjNoSNoJus=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 22:09:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1775 (0x6ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C99B4 Validity Not Before: Apr 2 22:09:11 2025 GMT Not After : Apr 9 22:09:11 2025 GMT Subject: CN=67edb587-13e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c4:62:8b:43:c2:40:7f:58:4e:ea:ad:b6:b0: d2:d7:58:b3:43:9b:90:bf:55:04:4b:b7:fe:f5:96: 33:79:b6:84:3b:aa:ae:08:12:77:b5:5f:2b:f1:35: 6a:15:21:b4:ae:62:3f:44:ab:33:94:ac:f6:46:2f: 6b:a8:9f:e5:fd:af:d1:20:58:16:3a:97:17:d7:a5: 2f:ef:18:98:1c:7b:1b:e5:5b:1e:34:77:f8:58:e5: 06:3a:f7:09:e7:27:99:b5:09:25:d4:1d:a4:21:fc: af:03:69:ac:fc:3d:e2:43:0f:6d:98:4c:f6:77:1b: 43:03:27:72:7c:47:0f:5c:ab:c3:49:6d:93:c7:7a: 47:2c:31:88:b8:00:74:d1:87:4e:74:ec:66:0f:67: 73:b2:fb:dd:5a:30:89:56:a2:5d:99:1b:3e:80:68: a9:14:b9:94:ae:0d:3a:66:dd:a7:7f:32:73:56:07: be:25:29:8d:ae:55:9b:cf:b5:a4:5a:ae:37:e1:72: ae:58:da:3a:bd:8b:7b:a5:ac:10:f3:6a:0c:74:29: 81:a5:fb:53:26:1d:88:40:8a:a4:73:1a:fc:35:86: 21:49:a1:1b:9c:41:8f:30:67:c9:40:5e:1b:85:8e: ca:03:bf:90:b7:40:67:83:e1:1b:38:a6:0b:95:43: 53:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CD:B6:64:6B:06:46:52:09:39:15:C8:51:5B:2F:36:68:64:34:09 X509v3 Authority Key Identifier: keyid:34:8B:E6:69:4E:D7:04:1A:AF:28:D0:EC:8C:6C:65:65:59:1F:2D:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NIvmaU7XBBqvKNDsjGxlZVkfLdo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C99B4/5DE59696594911EBA48C7871C4F9AE02/NIvmaU7XBBqvKNDsjGxlZVkfLdo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:9a:aa:4a:71:a3:71:e0:e3:e1:3b:a9:d6:9c:21:55:4c:19: 91:f9:c5:d7:6a:80:dc:de:4c:1a:b6:6c:4d:97:8c:87:d2:fe: 72:5f:76:dd:2f:8f:3d:d6:ec:b2:3e:7c:f4:78:a9:44:88:65: bb:a3:76:3c:4a:ae:87:e6:40:34:ee:19:df:fb:65:e3:87:a3: 47:66:8f:40:50:72:7a:91:6b:79:0a:30:a7:40:75:40:e5:4f: 8c:81:ec:7e:96:26:34:3e:1c:9b:c3:99:67:6c:f2:f7:83:36: 0d:45:71:bc:b3:aa:67:4d:14:c2:40:12:94:6c:fb:84:bc:17: c6:e9:9b:78:75:27:01:11:0d:7c:96:fb:34:fc:08:56:58:de: 9e:32:ed:1e:04:76:a1:fd:b9:5b:cb:56:40:60:c1:b0:bd:32: 6a:29:b3:dc:47:07:8f:0a:9c:41:c3:ac:11:1d:45:34:a8:a0: 0c:77:e9:bf:45:8b:34:cb:cb:6f:b9:15:62:32:3c:db:67:c6: 01:01:59:dd:a8:80:2b:eb:d7:fd:0c:f1:d5:c2:cc:08:4b:d1: 91:8d:d7:8c:fe:1f:c6:88:9a:1a:f3:31:5c:cf:e9:b2:6d:22: 8a:12:95:07:fb:ae:ec:88:88:25:cb:c9:8c:cb:7a:1d:0e:6d: 99:ee:b4:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk5QjQxMTAvBgNVBAUTKDM0OEJFNjY5NEVENzA0MUFBRjI4RDBFQzhDNkM2NTY1 NTkxRjJEREEwHhcNMjUwNDAyMjIwOTExWhcNMjUwNDA5MjIwOTExWjAYMRYwFAYD VQQDEw02N2VkYjU4Ny0xM2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtcRii0PCQH9YTuqttrDS11izQ5uQv1UES7f+9ZYzebaEO6quCBJ3tV8r8TVq FSG0rmI/RKszlKz2Ri9rqJ/l/a/RIFgWOpcX16Uv7xiYHHsb5VseNHf4WOUGOvcJ 5yeZtQkl1B2kIfyvA2ms/D3iQw9tmEz2dxtDAydyfEcPXKvDSW2Tx3pHLDGIuAB0 0YdOdOxmD2dzsvvdWjCJVqJdmRs+gGipFLmUrg06Zt2nfzJzVge+JSmNrlWbz7Wk Wq434XKuWNo6vYt7pawQ82oMdCmBpftTJh2IQIqkcxr8NYYhSaEbnEGPMGfJQF4b hY7KA7+Qt0Bng+EbOKYLlUNTNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIvNtmRr BkZSCTkVyFFbLzZoZDQJMB8GA1UdIwQYMBaAFDSL5mlO1wQaryjQ7IxsZWVZHy3a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTlCNC81REU1OTY5NjU5 NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJCcXZLTkRzakd4bFpWa2ZM ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Jdm1hVTdYQkJxdktORHNqR3hsWlZrZkxkby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OTlCNC81REU1OTY5NjU5NDkxMUVCQTQ4Qzc4NzFDNEY5QUUwMi9OSXZtYVU3WEJC cXZLTkRzakd4bFpWa2ZMZG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJmqpKcaNx4OPhO6nWnCFVTBmR+cXXaoDc3kwatmxNl4yH0v5yX3bd L4891uyyPnz0eKlEiGW7o3Y8Sq6H5kA07hnf+2Xjh6NHZo9AUHJ6kWt5CjCnQHVA 5U+Mgex+liY0Phybw5lnbPL3gzYNRXG8s6pnTRTCQBKUbPuEvBfG6Zt4dScBEQ18 lvs0/AhWWN6eMu0eBHah/blby1ZAYMGwvTJqKbPcRwePCpxBw6wRHUU0qKAMd+m/ RYs0y8tvuRViMjzbZ8YBAVndqIAr69f9DPHVwswIS9GRjdeM/h/GiJoa8zFcz+my bSKKEpUH+67siIgly8mMy3odDm2Z7rT1 -----END CERTIFICATE-----Generated at Fri Apr 4 22:09:28 2025 by rpki-client