$ rpki-client -vvf rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.mft File: NdqtT3Wuk43GUzSEzejIF93Csig.mft (raw, json) Hash identifier: nq3ezsb/riyQ9kniuCaZwHNjOTLYt9tfWiT6PjgF8nk= Subject key identifier: A6:BC:C8:12:37:EB:8B:51:5A:4A:60:25:57:FE:3D:DE:C9:D6:14:65 Authority key identifier: 35:DA:AD:4F:75:AE:93:8D:C6:53:34:84:CD:E8:C8:17:DD:C2:B2:28 Certificate issuer: /CN=A911E351/serialNumber=35DAAD4F75AE938DC6533484CDE8C817DDC2B228 Certificate serial: 03F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NdqtT3Wuk43GUzSEzejIF93Csig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.mft Manifest number: 03F5 Signing time: Sat 31 May 2025 00:40:29 +0000 Manifest this update: Sat 31 May 2025 00:40:29 +0000 Manifest next update: Sat 07 Jun 2025 00:40:29 +0000 Files and hashes: 1: NdqtT3Wuk43GUzSEzejIF93Csig.crl (hash: 6c3TYj+m4CbsbmPHusLtB/owpaa6ajQRmdVtnn0K4hI=) 2: E9ED080A785011ECBD2B6A10C4F9AE02.roa (hash: iYM80ZUZv11SjTkmdUWv3G7CQp9g2JbkQfuMruAgJ5Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.crl rsync://rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NdqtT3Wuk43GUzSEzejIF93Csig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:40:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1017 (0x3f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E351, serialNumber=35DAAD4F75AE938DC6533484CDE8C817DDC2B228 Validity Not Before: May 31 00:40:29 2025 GMT Not After : Jun 7 00:40:29 2025 GMT Subject: CN=683a4ffd-668c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:16:31:a1:4d:c8:25:d3:14:00:da:a6:79:bb: ca:b6:75:61:7c:fe:a2:54:64:7e:5d:71:a0:c7:b1: c3:f9:43:02:66:d5:6f:3d:97:17:1d:95:3f:0c:2e: 1b:01:e4:da:54:e2:90:26:cb:cd:61:8b:cd:3a:5b: 33:1a:f1:1b:53:ba:2a:53:65:ae:78:aa:3d:d6:8f: 2d:5c:22:94:fc:7a:ec:98:c3:9a:19:38:58:ef:bc: 39:bd:3f:47:5d:1d:32:a3:8f:df:f5:0e:16:62:8c: e6:b8:52:f3:18:1a:cc:06:40:f6:0e:3d:2b:e1:2a: d6:1a:28:8c:f3:79:e4:dc:1a:58:f4:2a:04:11:60: 28:d9:20:75:a3:29:c2:2d:7d:6f:23:64:fa:b0:04: 85:40:7c:c4:01:89:d4:77:c6:12:b4:31:78:a9:12: 7f:00:6e:3b:f6:99:f7:fb:52:93:9c:6f:70:58:cc: cd:d0:61:8f:bb:78:f1:24:d8:f1:c1:92:9d:eb:41: 05:79:28:5a:4d:e5:0d:86:8a:d5:5b:58:6b:95:47: e4:52:a2:72:70:8a:13:b9:51:40:49:49:64:70:9a: 72:54:d0:17:77:b1:6f:f6:80:c1:f4:dd:b2:22:63: 66:00:1b:61:9d:73:15:52:04:48:2d:46:1a:8a:1d: e7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:BC:C8:12:37:EB:8B:51:5A:4A:60:25:57:FE:3D:DE:C9:D6:14:65 X509v3 Authority Key Identifier: keyid:35:DA:AD:4F:75:AE:93:8D:C6:53:34:84:CD:E8:C8:17:DD:C2:B2:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NdqtT3Wuk43GUzSEzejIF93Csig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E351/5BCF88A6784E11EC8A44450EC4F9AE02/NdqtT3Wuk43GUzSEzejIF93Csig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption de:e5:f0:02:61:dd:af:2e:cc:03:de:f8:fc:3e:87:9a:59:0d: a0:5e:6c:9b:f7:42:f0:99:3a:ee:54:e4:2f:1e:55:1e:bc:a6: 16:84:7b:42:48:75:ca:8a:0f:b8:6f:bf:ba:82:2c:6d:7b:2a: 1f:d2:6a:c7:4d:60:4b:d3:fb:0a:be:f0:19:43:44:3e:b7:ac: 72:ab:18:a3:f1:25:15:c8:7b:3b:4d:57:20:60:11:bc:30:9c: 6e:a8:82:da:17:c6:35:84:f9:16:15:a3:dc:eb:c4:71:bf:68: 58:86:bc:6d:b3:78:58:e5:21:38:3e:e6:83:95:e7:69:14:af: 12:6b:12:7c:a3:69:4d:cd:d7:33:34:02:71:e7:07:1b:88:3e: f8:3f:58:be:86:3c:5c:87:a8:21:b1:3b:81:3c:73:9a:32:4a: ee:54:4b:88:f4:f8:cd:fe:5c:b5:fa:be:52:b2:a3:f3:1c:01: be:11:b8:1c:99:34:97:36:8e:a2:11:a5:81:ef:76:79:d2:cc: 3f:a9:fe:7d:1c:b6:36:7e:22:ae:2e:fb:84:4b:c8:0b:97:37: 45:e8:3b:c2:b5:95:37:8e:5e:5e:e5:37:e6:ee:4c:7f:e7:e2: 31:6f:a1:26:da:ab:39:22:96:ef:12:a1:0e:42:6c:e1:2a:6b: 8c:04:52:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUUzNTExMTAvBgNVBAUTKDM1REFBRDRGNzVBRTkzOERDNjUzMzQ4NENERThDODE3 RERDMkIyMjgwHhcNMjUwNTMxMDA0MDI5WhcNMjUwNjA3MDA0MDI5WjAYMRYwFAYD VQQDEw02ODNhNGZmZC02NjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8BYxoU3IJdMUANqmebvKtnVhfP6iVGR+XXGgx7HD+UMCZtVvPZcXHZU/DC4b AeTaVOKQJsvNYYvNOlszGvEbU7oqU2WueKo91o8tXCKU/HrsmMOaGThY77w5vT9H XR0yo4/f9Q4WYozmuFLzGBrMBkD2Dj0r4SrWGiiM83nk3BpY9CoEEWAo2SB1oynC LX1vI2T6sASFQHzEAYnUd8YStDF4qRJ/AG479pn3+1KTnG9wWMzN0GGPu3jxJNjx wZKd60EFeShaTeUNhorVW1hrlUfkUqJycIoTuVFASUlkcJpyVNAXd7Fv9oDB9N2y ImNmABthnXMVUgRILUYaih3nQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKa8yBI3 64tRWkpgJVf+Pd7J1hRlMB8GA1UdIwQYMBaAFDXarU91rpONxlM0hM3oyBfdwrIo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTM1MS81QkNGODhBNjc4 NEUxMUVDOEE0NDQ1MEVDNEY5QUUwMi9OZHF0VDNXdWs0M0dVelNFemVqSUY5M0Nz aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05kcXRUM1d1azQzR1V6U0V6ZWpJRjkzQ3NpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTM1MS81QkNGODhBNjc4NEUxMUVDOEE0NDQ1MEVDNEY5QUUwMi9OZHF0VDNXdWs0 M0dVelNFemVqSUY5M0NzaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDe5fACYd2vLswD3vj8PoeaWQ2gXmyb90LwmTruVOQvHlUevKYWhHtC SHXKig+4b7+6gixteyof0mrHTWBL0/sKvvAZQ0Q+t6xyqxij8SUVyHs7TVcgYBG8 MJxuqILaF8Y1hPkWFaPc68Rxv2hYhrxts3hY5SE4PuaDledpFK8SaxJ8o2lNzdcz NAJx5wcbiD74P1i+hjxch6ghsTuBPHOaMkruVEuI9PjN/ly1+r5SsqPzHAG+Ebgc mTSXNo6iEaWB73Z50sw/qf59HLY2fiKuLvuES8gLlzdF6DvCtZU3jl5e5Tfm7kx/ 5+Ixb6Em2qs5IpbvEqEOQmzhKmuMBFLL -----END CERTIFICATE-----Generated at Sat May 31 17:13:01 2025 by rpki-client