$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: ZNNLKKq+xIRaOce54AVlLYE8hyQVGSqQqPNBrIYKYfQ= Subject key identifier: A1:F7:3C:2D:BC:3C:4D:E6:E4:06:DD:CC:6A:30:22:72:73:1A:F4:D2 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 02B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 02B2 Signing time: Sat 31 May 2025 01:40:31 +0000 Manifest this update: Sat 31 May 2025 01:40:30 +0000 Manifest next update: Sat 07 Jun 2025 01:40:30 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: eEkbZv4wcIMiQJwLQ2h7TdYqkeRmSzNX87q/KGQz18Y=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:40:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 695 (0x2b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: May 31 01:40:30 2025 GMT Not After : Jun 7 01:40:30 2025 GMT Subject: CN=683a5e0f-0ac8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d7:80:fa:a1:89:cc:75:3c:3f:a8:b4:40:4e: f6:d4:4c:8a:5c:8f:f2:98:b2:11:42:2f:a8:cf:f9: 06:0b:0c:55:84:05:2c:11:6c:b9:e4:d6:52:50:0e: 33:6d:55:6b:8c:97:a0:fb:77:6b:64:ed:88:2d:29: 9d:20:97:b0:cb:a3:d1:c6:01:6a:64:b9:0e:dd:4b: 2a:7c:93:04:c2:cd:4c:8a:5e:dd:2f:77:47:d2:1b: 00:64:fc:b1:2b:58:74:d3:51:ea:68:01:6c:8b:84: 14:78:4e:ce:2b:88:d7:ad:ce:b9:8e:2b:f0:23:a5: db:a5:38:77:3b:a2:7f:85:2a:a5:78:9b:96:6c:42: 0f:52:b7:61:e9:a5:e0:6f:75:84:d7:35:cc:83:00: 95:57:4b:3d:14:a8:22:9d:40:31:7c:ab:62:e4:43: 62:74:db:12:32:c6:64:e6:23:65:67:f7:37:ea:d7: af:0f:26:89:f9:48:2d:94:94:5b:24:bf:ea:27:67: db:72:76:28:f2:b1:50:e8:10:cc:df:98:6e:c8:e5: 0d:78:18:93:3d:62:7f:fe:7b:9e:ec:38:d4:74:68: ea:5d:a1:7f:76:7a:c1:8a:9a:85:b9:1f:47:60:ab: d3:e0:dc:80:7d:be:27:11:4b:c4:a1:c1:24:51:8e: 4d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:F7:3C:2D:BC:3C:4D:E6:E4:06:DD:CC:6A:30:22:72:73:1A:F4:D2 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:72:a1:f0:c8:be:65:42:ed:4b:b3:6d:4a:69:24:1b:d8:0a: 06:49:17:81:d3:14:90:69:6f:55:7a:03:c7:9e:d3:a1:1f:5f: e7:41:3c:50:c7:b9:09:2b:ee:68:9b:38:56:d2:4d:08:09:c4: ba:45:84:d9:42:40:2e:41:7a:ef:35:16:c8:2d:5a:cb:ac:3d: 21:83:5f:ac:55:9d:db:a8:8e:9e:66:a6:ae:fe:28:04:f6:89: 53:14:d6:30:6c:94:7e:36:f2:bc:ba:41:1e:7c:f6:c7:d3:7e: ec:bb:a3:af:dc:34:07:17:c6:d2:f3:c7:2d:b1:f5:7f:59:87: d6:28:26:c2:0a:9c:3c:3d:22:aa:33:fe:e3:03:40:ef:f0:89: 09:96:78:e4:aa:b5:0f:da:e4:f0:1b:b1:5f:c6:1a:fd:40:dc: 18:d6:e8:9b:57:2c:57:5a:ea:34:94:0e:57:ed:1b:73:9c:ef: 14:61:c1:c4:5e:10:a0:40:cd:dc:e2:c8:bf:a0:5d:74:e5:32: 01:d3:40:c0:82:37:42:3c:b9:d9:f9:c7:18:26:9b:49:10:58: ac:a1:df:e9:f1:91:89:19:75:29:c9:cf:33:81:f9:17:f1:be: 99:e4:60:e6:b4:8d:6d:ba:8c:b2:43:11:cd:37:b7:b5:cc:bc: 6e:60:a2:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjUwNTMxMDE0MDMwWhcNMjUwNjA3MDE0MDMwWjAYMRYwFAYD VQQDEw02ODNhNWUwZi0wYWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwdeA+qGJzHU8P6i0QE721EyKXI/ymLIRQi+oz/kGCwxVhAUsEWy55NZSUA4z bVVrjJeg+3drZO2ILSmdIJewy6PRxgFqZLkO3UsqfJMEws1Mil7dL3dH0hsAZPyx K1h001HqaAFsi4QUeE7OK4jXrc65jivwI6XbpTh3O6J/hSqleJuWbEIPUrdh6aXg b3WE1zXMgwCVV0s9FKginUAxfKti5ENidNsSMsZk5iNlZ/c36tevDyaJ+UgtlJRb JL/qJ2fbcnYo8rFQ6BDM35huyOUNeBiTPWJ//nue7DjUdGjqXaF/dnrBipqFuR9H YKvT4NyAfb4nEUvEocEkUY5N4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKH3PC28 PE3m5AbdzGowInJzGvTSMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYcqHwyL5lQu1Ls21KaSQb2AoGSReB0xSQaW9VegPHntOhH1/nQTxQ x7kJK+5omzhW0k0ICcS6RYTZQkAuQXrvNRbILVrLrD0hg1+sVZ3bqI6eZqau/igE 9olTFNYwbJR+NvK8ukEefPbH037su6Ov3DQHF8bS88ctsfV/WYfWKCbCCpw8PSKq M/7jA0Dv8IkJlnjkqrUP2uTwG7Ffxhr9QNwY1uibVyxXWuo0lA5X7RtznO8UYcHE XhCgQM3c4si/oF105TIB00DAgjdCPLnZ+ccYJptJEFisod/p8ZGJGXUpyc8zgfkX 8b6Z5GDmtI1tuoyyQxHNN7e1zLxuYKJG -----END CERTIFICATE-----Generated at Sat May 31 16:49:07 2025 by rpki-client