$ rpki-client -vvf rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft File: nOkX3Drgxboud8t3WjrZnGhcQGs.mft (raw, json) Hash identifier: 32cAOkky64/2EgLCDCiBIX/dByPOw+jPQOTXeadSGPQ= Subject key identifier: 0D:64:B7:6B:4F:32:F2:A4:7E:35:E7:D4:48:DE:39:08:07:A5:91:B8 Authority key identifier: 9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B Certificate issuer: /CN=A9161F3E/serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Certificate serial: 52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft Manifest number: 50 Signing time: Fri 05 Sep 2025 07:47:24 +0000 Manifest this update: Fri 05 Sep 2025 07:47:23 +0000 Manifest next update: Fri 12 Sep 2025 07:47:23 +0000 Files and hashes: 1: nOkX3Drgxboud8t3WjrZnGhcQGs.crl (hash: H0bCKZvUzzPDzalO/BvzII0YsYVXcs/o0nJit/GL0VI=) 2: 49DEAEDC12A711F099020A73C4F9AE02.roa (hash: ZDuunhoBLIFxkgffUJp6fhz6W2Ysr7yM0HyGKDGLaSU=) 3: 4A3C802012A711F099020A73C4F9AE02.roa (hash: EvMFCkIZLxU/4T9yDv4rTrnplB41rjMOAziWwMgP5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 07:47:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 82 (0x52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161F3E, serialNumber=9CE917DC3AE0C5BA2E77CB775A3AD99C685C406B Validity Not Before: Sep 5 07:47:23 2025 GMT Not After : Sep 12 07:47:23 2025 GMT Subject: CN=68ba958c-b033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:49:34:2d:e7:65:1c:84:f6:d8:2a:f7:85:3b: 42:bf:7c:6d:15:00:01:15:d4:9a:fc:6d:5c:be:3b: 77:05:27:8d:47:4f:b5:a7:80:6a:70:da:71:e6:4e: 63:52:f6:a8:f3:c6:e2:63:5a:f1:cc:56:54:74:54: 39:c2:86:01:58:b2:8c:cc:5d:28:15:0b:db:7f:c2: fe:47:d3:88:91:83:be:a0:21:bd:fc:69:f0:08:eb: 2c:24:16:6d:58:a1:1a:f4:7e:6e:c6:e0:2a:c6:ce: f0:cc:5c:77:4c:bc:75:be:ea:91:3c:85:3e:2d:73: fc:94:db:c8:99:48:c7:76:46:b1:7c:00:9e:a6:ec: aa:f2:bd:af:8a:6b:15:ee:00:81:ac:15:bc:8f:49: 48:68:15:06:d2:6f:0b:09:f2:24:ed:3a:15:76:1b: ca:86:66:d7:19:8f:d5:b1:cd:b3:85:cf:c8:31:7b: 98:2e:81:ab:d1:97:71:68:cb:9b:88:e1:7e:ab:96: a9:32:f2:9f:40:b6:a1:85:f4:3e:05:ea:e8:74:4f: b5:09:14:0f:98:97:23:df:27:f4:8c:77:c3:f4:72: 4e:41:cd:ac:c5:35:37:04:c9:47:00:25:40:3c:3f: 54:60:7c:03:15:ec:8a:03:b5:8e:dc:6e:8b:0c:68: c8:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:64:B7:6B:4F:32:F2:A4:7E:35:E7:D4:48:DE:39:08:07:A5:91:B8 X509v3 Authority Key Identifier: keyid:9C:E9:17:DC:3A:E0:C5:BA:2E:77:CB:77:5A:3A:D9:9C:68:5C:40:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nOkX3Drgxboud8t3WjrZnGhcQGs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161F3E/339EDE6810E411F0B75B8166C4F9AE02/nOkX3Drgxboud8t3WjrZnGhcQGs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:7f:86:fb:48:f1:6a:e7:c6:c7:12:f1:f3:fd:b1:99:da:c2: 02:79:a1:00:7c:51:82:36:9f:de:28:43:a9:9e:b3:5a:c9:8d: b7:29:b5:fa:08:e7:0e:52:f1:2b:18:18:1b:3c:26:62:c9:ae: a6:6c:9b:a7:40:19:64:50:d4:ca:69:9e:72:f0:50:59:c5:26: 76:15:ff:bf:78:27:ae:c2:ce:25:79:f2:c9:b6:8f:6f:3d:d7: a6:70:30:01:d1:3b:fd:80:e8:30:78:4d:1a:16:a2:dc:6c:23: cc:62:df:db:08:b7:3f:65:89:e8:5e:c2:ff:bc:95:cc:74:2e: 6c:de:a1:ce:bf:bd:89:36:8a:ad:9d:72:7b:8a:3b:95:34:6e: fe:b4:02:c0:c1:c3:8b:93:b2:1b:7a:f4:2b:15:fa:96:cc:cd: 54:ce:1f:e2:00:d6:a6:5e:a3:91:e3:65:4f:9f:20:74:85:47: 73:bc:cc:e6:6c:c7:8b:f3:2f:99:fb:5e:b6:13:0a:26:ee:76: 99:ec:53:b5:10:b0:b2:73:24:fe:05:ee:2c:4d:50:33:e9:e3: 90:b8:14:11:f8:bd:9e:a6:13:1c:52:7d:aa:b6:8b:af:bb:13: c0:c5:95:f7:a2:f6:b6:c2:70:64:b0:43:76:bd:1f:04:36:90: 74:b2:c0:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MUYzRTExMC8GA1UEBRMoOUNFOTE3REMzQUUwQzVCQTJFNzdDQjc3NUEzQUQ5OUM2 ODVDNDA2QjAeFw0yNTA5MDUwNzQ3MjNaFw0yNTA5MTIwNzQ3MjNaMBgxFjAUBgNV BAMTDTY4YmE5NThjLWIwMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjSTQt52UchPbYKveFO0K/fG0VAAEV1Jr8bVy+O3cFJ41HT7WngGpw2nHmTmNS 9qjzxuJjWvHMVlR0VDnChgFYsozMXSgVC9t/wv5H04iRg76gIb38afAI6ywkFm1Y oRr0fm7G4CrGzvDMXHdMvHW+6pE8hT4tc/yU28iZSMd2RrF8AJ6m7Kryva+KaxXu AIGsFbyPSUhoFQbSbwsJ8iTtOhV2G8qGZtcZj9WxzbOFz8gxe5gugavRl3Foy5uI 4X6rlqky8p9AtqGF9D4F6uh0T7UJFA+YlyPfJ/SMd8P0ck5BzazFNTcEyUcAJUA8 P1RgfAMV7IoDtY7cbosMaMiHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUDWS3a08y 8qR+NefUSN45CAelkbgwHwYDVR0jBBgwFoAUnOkX3Drgxboud8t3WjrZnGhcQGsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxRjNFLzMzOUVERTY4MTBF NDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJvdWQ4dDNXanJabkdoY1FH cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbk9rWDNEcmd4Ym91ZDh0M1dqclpuR2hjUUdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx RjNFLzMzOUVERTY4MTBFNDExRjBCNzVCODE2NkM0RjlBRTAyL25Pa1gzRHJneGJv dWQ4dDNXanJabkdoY1FHcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAE5/hvtI8WrnxscS8fP9sZnawgJ5oQB8UYI2n94oQ6mes1rJjbcptfoI 5w5S8SsYGBs8JmLJrqZsm6dAGWRQ1MppnnLwUFnFJnYV/794J67CziV58sm2j289 16ZwMAHRO/2A6DB4TRoWotxsI8xi39sItz9liehewv+8lcx0Lmzeoc6/vYk2iq2d cnuKO5U0bv60AsDBw4uTsht69CsV+pbMzVTOH+IA1qZeo5HjZU+fIHSFR3O8zOZs x4vzL5n7XrYTCibudpnsU7UQsLJzJP4F7ixNUDPp45C4FBH4vZ6mExxSfaq2i6+7 E8DFlfei9rbCcGSwQ3a9HwQ2kHSywMY= -----END CERTIFICATE-----Generated at Sat Sep 6 15:36:18 2025 by rpki-client