$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft File: NM2mWwLxdr_CSHhNqprIp74WU9s.mft (raw, json) Hash identifier: akOTlxvwmcu/ZA9KsR1H2pGi2gPs2Wvj6xupKIuW7FE= Subject key identifier: 29:8C:A5:47:08:1B:94:40:6B:E5:1D:F4:94:41:D4:D0:91:67:A6:7C Authority key identifier: 34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB Certificate issuer: /CN=A91E3DDB/serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft Manifest number: 1A Signing time: Sat 19 Jul 2025 08:16:49 +0000 Manifest this update: Sat 19 Jul 2025 08:16:49 +0000 Manifest next update: Sat 26 Jul 2025 08:16:49 +0000 Files and hashes: 1: NM2mWwLxdr_CSHhNqprIp74WU9s.crl (hash: 0c0XldknAQhg0f1dTrGBuVq4RgpvRsjoW86kD4JlmcU=) 2: B24F568A4C7A11F09CF1A77BC4F9AE02.roa (hash: iZRDXQppbsQwPvsyTvXzZpqvjaraKsPpnctxXUoNoxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:16:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3DDB, serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Validity Not Before: Jul 19 08:16:49 2025 GMT Not After : Jul 26 08:16:49 2025 GMT Subject: CN=687b5471-ad3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6d:de:37:f2:ee:40:39:d9:aa:b9:01:16:10: 86:a3:ea:42:a6:ee:4d:cb:3d:e7:71:da:32:74:6c: 56:9d:46:dd:c6:a1:e1:bb:1c:39:c7:57:bb:72:18: 11:5f:0a:f6:81:8a:19:d6:e5:b0:31:30:06:d4:08: 55:b6:6e:2d:f5:41:39:b8:3f:99:75:92:68:d4:5a: 93:b2:93:4d:2f:33:2e:ec:4a:57:82:20:0f:6b:70: 80:19:a3:59:97:99:96:24:e0:1a:76:34:df:c8:b6: 76:31:89:90:56:ba:b3:8d:c4:b6:a4:29:e1:c3:ca: 6f:18:5a:b3:34:bf:85:0c:e0:05:f3:de:fa:1e:29: 0c:d4:0c:eb:c2:f6:aa:15:07:3e:26:07:8e:07:ea: cf:ef:04:b0:c7:e3:02:1c:f1:c1:85:da:1b:27:82: ba:03:27:26:15:98:91:49:fe:d9:37:86:36:7f:e6: f5:2d:04:af:f0:58:fa:9e:f4:18:4a:59:86:b1:57: 81:af:25:8f:5c:ef:1c:e2:3d:88:3d:fb:26:de:30: b4:4a:19:1d:57:69:dd:21:0d:87:77:ea:c8:eb:a9: c8:1d:be:7b:3a:c6:58:1f:59:6e:84:99:70:a0:b1: c9:11:25:e1:e2:96:84:2b:d9:d1:7b:c8:19:7d:ee: 45:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8C:A5:47:08:1B:94:40:6B:E5:1D:F4:94:41:D4:D0:91:67:A6:7C X509v3 Authority Key Identifier: keyid:34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:6e:bf:65:2b:5f:90:31:66:17:9c:80:33:5e:f8:3c:75:09: f7:74:4c:7a:df:c5:5a:dd:11:73:e9:0a:52:de:82:e1:08:2c: e1:0b:95:56:3c:f5:f6:a9:73:54:50:6c:66:ff:cb:3e:31:fe: 45:80:40:0d:1b:0c:7f:ee:2e:9e:1e:cd:c1:e5:af:19:1f:7a: 75:63:10:db:c2:b4:26:8e:75:af:21:9c:39:84:63:de:57:d2: 4f:64:76:fc:7f:59:b6:37:80:ce:2b:24:25:89:7d:fa:5f:84: 7a:4c:0c:54:e5:20:f0:75:ff:70:c9:17:e7:f0:73:8a:17:ff: a9:71:e2:4f:bd:bc:8f:08:49:97:0e:ef:a5:35:c5:a5:5d:28: cb:98:bf:4d:4a:6a:52:f7:f2:d2:3c:c3:58:f6:10:64:55:8f: c0:3a:b2:c2:54:46:33:6f:ef:de:c0:cd:87:6b:e6:b6:66:a6: 09:5c:9a:64:60:fb:ff:51:c7:36:14:be:3a:c1:74:f5:70:68: 13:24:13:16:c6:9e:03:af:0e:d3:cc:0f:3f:7b:70:e2:24:58: a1:cb:0a:7e:90:11:1f:36:6c:f5:cf:3f:b6:da:f2:93:e6:cd: 4e:1f:50:53:c9:0e:c8:23:4d:70:58:f2:e3:41:e5:30:2d:03: ea:09:b6:50 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0REQjExMC8GA1UEBRMoMzRDREE2NUIwMkYxNzZCRkMyNDg3ODREQUE5QUM4QTdC RTE2NTNEQjAeFw0yNTA3MTkwODE2NDlaFw0yNTA3MjYwODE2NDlaMBgxFjAUBgNV BAMTDTY4N2I1NDcxLWFkM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5bd438u5AOdmquQEWEIaj6kKm7k3LPedx2jJ0bFadRt3GoeG7HDnHV7tyGBFf CvaBihnW5bAxMAbUCFW2bi31QTm4P5l1kmjUWpOyk00vMy7sSleCIA9rcIAZo1mX mZYk4Bp2NN/ItnYxiZBWurONxLakKeHDym8YWrM0v4UM4AXz3voeKQzUDOvC9qoV Bz4mB44H6s/vBLDH4wIc8cGF2hsngroDJyYVmJFJ/tk3hjZ/5vUtBK/wWPqe9BhK WYaxV4GvJY9c7xziPYg9+ybeMLRKGR1Xad0hDYd36sjrqcgdvns6xlgfWW6EmXCg sckRJeHiloQr2dF7yBl97kXxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKYylRwgb lEBr5R30lEHU0JFnpnwwHwYDVR0jBBgwFoAUNM2mWwLxdr/CSHhNqprIp74WU9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRERCLzBFM0JEQUVDNDcy NDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJfQ1NIaE5xcHJJcDc0V1U5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTk0ybVd3THhkcl9DU0hoTnFwcklwNzRXVTlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RERCLzBFM0JEQUVDNDcyNDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJf Q1NIaE5xcHJJcDc0V1U5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACduv2UrX5AxZhecgDNe+Dx1Cfd0THrfxVrdEXPpClLeguEILOELlVY8 9fapc1RQbGb/yz4x/kWAQA0bDH/uLp4ezcHlrxkfenVjENvCtCaOda8hnDmEY95X 0k9kdvx/WbY3gM4rJCWJffpfhHpMDFTlIPB1/3DJF+fwc4oX/6lx4k+9vI8ISZcO 76U1xaVdKMuYv01KalL38tI8w1j2EGRVj8A6ssJURjNv797AzYdr5rZmpglcmmRg +/9RxzYUvjrBdPVwaBMkExbGngOvDtPMDz97cOIkWKHLCn6QER82bPXPP7ba8pPm zU4fUFPJDsgjTXBY8uNB5TAtA+oJtlA= -----END CERTIFICATE-----Generated at Mon Jul 21 07:09:56 2025 by rpki-client