$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: p5aS1BRv959OQnoNkof8IufJ92/ZlD/VbVvudcdd+Ew= Subject key identifier: 11:F7:4A:06:45:DF:D2:77:5F:F2:4F:B6:35:32:67:CD:D6:49:8F:47 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: 1E Signing time: Sat 31 May 2025 07:28:11 +0000 Manifest this update: Sat 31 May 2025 07:28:10 +0000 Manifest next update: Sat 07 Jun 2025 07:28:10 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: BUr3MJtIINpj4BI6jKmJsMctQOVEJkXql61Wv3HEHVA=) 2: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: ZDuunhoBLIFxkgffUJp6fhz6W2Ysr7yM0HyGKDGLaSU=) 3: 4A3C802012A711F099020A73C4F9AE02.roa (hash: EvMFCkIZLxU/4T9yDv4rTrnplB41rjMOAziWwMgP5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:28:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: May 31 07:28:10 2025 GMT Not After : Jun 7 07:28:10 2025 GMT Subject: CN=683aaf8b-da94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a3:3d:a9:4e:31:96:93:04:dd:5f:88:38:eb: cf:ce:df:e2:3d:1f:dd:b5:f1:e3:ff:6e:0e:40:3b: 96:30:a1:76:eb:67:9b:06:c3:76:24:d8:e0:0d:39: 13:09:89:c5:7c:ae:9e:64:55:4f:d7:a7:71:a4:26: 3a:6f:83:3c:e8:01:23:fd:b5:11:be:5f:ba:30:61: b2:91:d1:0f:7d:61:f6:d2:e4:b6:2b:d3:ed:98:c9: 89:b4:e7:7d:fc:53:bd:47:53:9d:4b:aa:1a:23:dc: 4b:34:fd:d8:68:15:c3:6a:1e:0d:b5:46:5a:98:16: 4e:72:2c:6e:8a:31:ee:9c:5f:f3:ee:ce:dd:70:17: 3c:25:95:72:41:0c:a5:bb:d0:09:47:ee:f0:47:47: ad:22:40:31:b0:d6:51:85:f8:b7:c5:0f:62:11:37: 7f:8c:41:df:0f:12:28:9e:d8:2e:cf:3b:9a:ee:5c: e8:b0:0e:65:5c:dd:88:1f:7c:4a:c0:88:83:94:4f: 2f:11:64:fc:48:75:ba:75:c4:a4:f8:b6:98:b1:44: 35:bc:e0:06:7f:e9:4c:93:9e:8d:3a:81:d0:9f:b1: 74:6d:0d:61:43:40:3a:0a:9d:3d:ac:07:f2:4a:ea: 1c:17:8c:88:a0:4b:fa:1c:df:ff:0d:5e:a8:a1:be: ec:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:F7:4A:06:45:DF:D2:77:5F:F2:4F:B6:35:32:67:CD:D6:49:8F:47 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:ac:d9:68:bd:8d:dc:2c:d8:e6:11:21:6d:6c:70:27:11:d0: 50:8e:5d:c6:6f:a0:85:38:56:c6:52:72:c9:90:58:f9:7e:04: ea:ab:1c:77:03:30:c3:e0:c3:cf:eb:cb:e5:b2:8f:78:98:5f: b6:3d:c0:1f:b0:df:02:d8:55:1c:35:29:8a:72:83:93:81:8b: e8:a1:b9:10:f8:3f:ea:5a:1d:fd:60:a2:6a:3d:ac:e0:55:5c: 89:3c:04:cd:20:05:d1:55:a8:2e:2b:57:ca:be:1e:3f:da:6d: d6:6a:5f:cf:b2:74:03:ba:5a:82:a4:1c:b4:67:07:cb:d0:2c: 8d:8a:37:05:13:b5:d0:8e:7c:eb:c3:46:62:1a:60:22:74:c4: 4c:53:94:69:2a:e6:da:fe:8d:a2:d7:af:6e:60:56:4e:13:5f: 05:64:83:91:02:f2:a2:02:ab:70:42:6f:d5:52:fb:eb:c4:e4: b7:9f:ae:32:98:78:54:8b:c8:bb:6f:7e:88:2d:05:64:61:91: 23:c3:ad:6b:02:92:28:e5:d0:96:43:c8:e0:26:8c:8b:e2:2c: 37:23:37:72:1e:67:3a:d8:3e:e1:0c:f5:9f:f2:50:1f:56:d7: e0:ca:d2:cf:e1:1d:9d:d2:7b:bd:87:63:ee:71:42:2c:ec:7f: 45:f6:35:44 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MUYzRTExMC8GA1UEBRMoOUNFOTE3REMzQUUwQzVCQTJFNzdDQjc3NUEzQUQ5OUM2 ODVDNDA2QjAeFw0yNTA1MzEwNzI4MTBaFw0yNTA2MDcwNzI4MTBaMBgxFjAUBgNV BAMTDTY4M2FhZjhiLWRhOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUoz2pTjGWkwTdX4g468/O3+I9H9218eP/bg5AO5YwoXbrZ5sGw3Yk2OANORMJ icV8rp5kVU/Xp3GkJjpvgzzoASP9tRG+X7owYbKR0Q99YfbS5LYr0+2YyYm05338 U71HU51Lqhoj3Es0/dhoFcNqHg21RlqYFk5yLG6KMe6cX/Puzt1wFzwllXJBDKW7 0AlH7vBHR60iQDGw1lGF+LfFD2IRN3+MQd8PEiie2C7PO5ruXOiwDmVc3YgffErA iIOUTy8RZPxIdbp1xKT4tpixRDW84AZ/6UyTno06gdCfsXRtDWFDQDoKnT2sB/JK 6hwXjIigS/oc3/8NXqihvuxlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUEfdKBkXf 0ndf8k+2NTJnzdZJj0cwHwYDVR0jBBgwFoAUnOkX3Drgxboud8t3WjrZnGhcQGsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxRjNFLzMzOUVERTY4MTBF NDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FH cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbk9rWDNEcmd4Ym91ZDh0M1dqclpuR2hjUUdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx RjNFLzMzOUVERTY4MTBFNDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJv dWQ4dDNXanJabkdoY1FHcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJas2Wi9jdws2OYRIW1scCcR0FCOXcZvoIU4VsZScsmQWPl+BOqrHHcD MMPgw8/ry+Wyj3iYX7Y9wB+w3wLYVRw1KYpyg5OBi+ihuRD4P+paHf1gomo9rOBV XIk8BM0gBdFVqC4rV8q+Hj/abdZqX8+ydAO6WoKkHLRnB8vQLI2KNwUTtdCOfOvD RmIaYCJ0xExTlGkq5tr+jaLXr25gVk4TXwVkg5EC8qICq3BCb9VS++vE5LefrjKY eFSLyLtvfogtBWRhkSPDrWsCkijl0JZDyOAmjIviLDcjN3IeZzrYPuEM9Z/yUB9W 1+DK0s/hHZ3Se72HY+5xQizsf0X2NUQ= -----END CERTIFICATE-----Generated at Sat May 31 17:50:40 2025 by rpki-client