$ rpki-client -vvf rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.mft File: NxkwlLzz42Ui-tvxlU7l_51gHg4.mft (raw, json) Hash identifier: hY8KzNm+QaEtNrfxbDEpyxx02/35t/gri67ahI3ThWw= Subject key identifier: 2C:BD:B8:99:91:FD:B2:19:A5:EC:02:BE:60:06:1F:B3:7F:00:F7:85 Authority key identifier: 37:19:30:94:BC:F3:E3:65:22:FA:DB:F1:95:4E:E5:FF:9D:60:1E:0E Certificate issuer: /CN=A9134285/serialNumber=37193094BCF3E36522FADBF1954EE5FF9D601E0E Certificate serial: 0674 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxkwlLzz42Ui-tvxlU7l_51gHg4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.mft Manifest number: 066E Signing time: Mon 08 Sep 2025 22:34:06 +0000 Manifest this update: Mon 08 Sep 2025 22:34:06 +0000 Manifest next update: Mon 15 Sep 2025 22:34:06 +0000 Files and hashes: 1: NxkwlLzz42Ui-tvxlU7l_51gHg4.crl (hash: Ocl3WIWGMYuFfCq4PZkUfp5S45WyoYNlzpmsImE7Fdk=) 2: 3A00D342928511EB8B3AAC22C4F9AE02.roa (hash: aj64AT3Eg74eRiHek2DyIpF1DXkedRqzt0byGVydNm8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.crl rsync://rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxkwlLzz42Ui-tvxlU7l_51gHg4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 22:34:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1652 (0x674) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134285, serialNumber=37193094BCF3E36522FADBF1954EE5FF9D601E0E Validity Not Before: Sep 8 22:34:06 2025 GMT Not After : Sep 15 22:34:06 2025 GMT Subject: CN=68bf59de-d19b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:da:d2:26:cb:45:96:8a:67:e8:8d:fc:f4:7c: c9:c5:41:72:46:58:3e:38:0b:23:a2:26:24:6b:18: ec:0a:5f:4f:b3:1c:20:48:b4:d1:3e:ea:b7:9f:ba: d5:11:cf:53:b4:34:dc:32:09:46:76:18:1d:0f:f6: 32:e8:d6:33:e8:25:3c:2e:89:68:65:d6:e7:9b:de: 08:6b:af:92:49:1b:7c:0e:ef:d8:99:53:f9:b2:6e: 3a:c6:d0:46:3b:e6:54:f1:54:8a:86:bd:43:52:3a: d7:7b:4d:fd:6c:da:8f:4d:0e:57:cd:13:c4:c4:11: b8:35:db:f9:b5:98:5d:60:c0:ae:7e:db:06:85:5e: b2:32:20:1f:84:1a:61:14:1f:07:d5:63:0d:24:6c: 1e:36:2f:c8:d7:d9:88:d7:24:a2:ff:bf:fd:e1:26: 72:f8:7c:d4:7d:e4:f7:e8:dc:7a:ed:bb:20:35:b5: 9d:1d:33:ac:b9:cc:31:d9:41:4a:fb:0a:d1:e1:03: 33:e0:2f:71:00:c4:ab:01:12:91:76:03:a0:c8:d2: f2:13:1b:70:61:ac:11:fe:20:cb:4b:a2:27:7b:25: 3d:60:65:91:9e:7c:7f:4b:4b:d6:58:27:7c:81:9e: f2:7b:89:26:bd:62:b5:97:c3:1d:3e:03:b4:00:4c: f9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:BD:B8:99:91:FD:B2:19:A5:EC:02:BE:60:06:1F:B3:7F:00:F7:85 X509v3 Authority Key Identifier: keyid:37:19:30:94:BC:F3:E3:65:22:FA:DB:F1:95:4E:E5:FF:9D:60:1E:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxkwlLzz42Ui-tvxlU7l_51gHg4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134285/6F15B572928311EB80970420C4F9AE02/NxkwlLzz42Ui-tvxlU7l_51gHg4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:69:49:dd:b3:97:18:07:9b:7f:b0:e7:c5:45:61:b5:a7:4a: c1:cd:2c:c3:9d:ea:8f:94:48:b8:e3:ac:46:cb:1c:d8:38:0f: cc:b7:52:a0:a5:75:e2:82:8b:5d:aa:b0:a3:96:18:b6:04:a4: 93:d8:83:4a:d9:51:47:32:2e:27:34:38:17:db:33:d7:9e:aa: fb:c9:d9:ac:d8:80:ae:f7:9d:0f:bb:c0:e3:24:83:98:f2:0e: b1:d6:fb:95:5a:20:7a:9f:75:5b:cf:54:c1:9c:0b:49:e6:fd: 5e:b3:c3:6f:f0:d3:c3:2d:0a:9a:c0:5e:d9:d6:c2:28:bb:8d: 00:6f:2b:75:fc:30:6d:8e:4a:f0:3e:0e:b4:1a:aa:fd:20:57: 4e:bb:87:e0:7c:93:fb:05:e6:25:a0:18:a8:47:76:57:6e:75: 9d:aa:20:84:04:16:9d:d4:cc:69:21:e4:63:c2:48:39:7d:4d: 94:32:c8:d2:23:81:c5:de:fe:b8:ec:9c:ef:eb:fe:28:46:bc: 90:4f:b7:1e:e7:0c:f2:e7:2d:65:6e:35:f8:c8:4e:ae:4b:c4: 28:68:e5:15:ff:52:b6:b3:af:7f:1f:3d:0d:6f:b8:68:ed:ee: 27:27:5b:79:31:bf:e4:37:53:cc:6d:78:98:03:62:1e:92:1f: 53:03:46:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyODUxMTAvBgNVBAUTKDM3MTkzMDk0QkNGM0UzNjUyMkZBREJGMTk1NEVFNUZG OUQ2MDFFMEUwHhcNMjUwOTA4MjIzNDA2WhcNMjUwOTE1MjIzNDA2WjAYMRYwFAYD VQQDEw02OGJmNTlkZS1kMTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqNrSJstFlopn6I389HzJxUFyRlg+OAsjoiYkaxjsCl9PsxwgSLTRPuq3n7rV Ec9TtDTcMglGdhgdD/Yy6NYz6CU8LoloZdbnm94Ia6+SSRt8Du/YmVP5sm46xtBG O+ZU8VSKhr1DUjrXe039bNqPTQ5XzRPExBG4Ndv5tZhdYMCuftsGhV6yMiAfhBph FB8H1WMNJGweNi/I19mI1ySi/7/94SZy+HzUfeT36Nx67bsgNbWdHTOsucwx2UFK +wrR4QMz4C9xAMSrARKRdgOgyNLyExtwYawR/iDLS6IneyU9YGWRnnx/S0vWWCd8 gZ7ye4kmvWK1l8MdPgO0AEz5wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCy9uJmR /bIZpewCvmAGH7N/APeFMB8GA1UdIwQYMBaAFDcZMJS88+NlIvrb8ZVO5f+dYB4O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDI4NS82RjE1QjU3Mjky ODMxMUVCODA5NzA0MjBDNEY5QUUwMi9OeGt3bEx6ejQyVWktdHZ4bFU3bF81MWdI ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL054a3dsTHp6NDJVaS10dnhsVTdsXzUxZ0hnNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDI4NS82RjE1QjU3MjkyODMxMUVCODA5NzA0MjBDNEY5QUUwMi9OeGt3bEx6ejQy VWktdHZ4bFU3bF81MWdIZzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATaUnds5cYB5t/sOfFRWG1p0rBzSzDneqPlEi446xGyxzYOA/Mt1Kg pXXigotdqrCjlhi2BKST2INK2VFHMi4nNDgX2zPXnqr7ydms2ICu950Pu8DjJIOY 8g6x1vuVWiB6n3Vbz1TBnAtJ5v1es8Nv8NPDLQqawF7Z1sIou40Abyt1/DBtjkrw Pg60Gqr9IFdOu4fgfJP7BeYloBioR3ZXbnWdqiCEBBad1MxpIeRjwkg5fU2UMsjS I4HF3v647Jzv6/4oRryQT7ce5wzy5y1lbjX4yE6uS8QoaOUV/1K2s69/Hz0Nb7ho 7e4nJ1t5Mb/kN1PMbXiYA2Iekh9TA0Zt -----END CERTIFICATE-----Generated at Tue Sep 9 13:25:25 2025 by rpki-client