$ rpki-client -vvf rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft File: nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft (raw, json) Hash identifier: TwC0xHQlJGmQVcBCoU2y0Brq5/nGk3UsTY4xn1aXJX4= Subject key identifier: 12:B0:B8:5D:41:5B:22:CC:64:F0:21:F5:A8:98:36:20:36:5C:49:07 Authority key identifier: 9E:29:B0:F5:1B:BB:6D:60:33:C0:EF:00:62:3C:C4:BB:AC:EA:58:41 Certificate issuer: /CN=A9172CE3/serialNumber=9E29B0F51BBB6D6033C0EF00623CC4BBACEA5841 Certificate serial: 0477 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft Manifest number: 0477 Signing time: Sat 10 May 2025 23:39:10 +0000 Manifest this update: Sat 10 May 2025 23:39:09 +0000 Manifest next update: Sat 17 May 2025 23:39:09 +0000 Files and hashes: 1: nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl (hash: H/XtDKS8LYnQ58Qv8G6iVFU5/q3thQ24d21CoPpBfbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 23:39:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1143 (0x477) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172CE3, serialNumber=9E29B0F51BBB6D6033C0EF00623CC4BBACEA5841 Validity Not Before: May 10 23:39:09 2025 GMT Not After : May 17 23:39:09 2025 GMT Subject: CN=681fe39d-0eaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4f:0a:ce:26:d0:19:26:1c:b7:e8:88:fe:34: c6:03:dc:a1:a2:71:de:69:9e:1e:81:6e:8d:d5:2e: 24:97:4a:8b:c6:ea:85:31:90:f9:39:85:ac:6b:48: de:02:5b:9b:ad:0f:b0:a3:12:6d:14:c8:d7:ab:72: 4c:b1:d4:ce:b6:84:3b:d9:0d:d7:96:f4:16:bb:26: 22:a2:87:5e:7e:5b:5c:83:28:f1:ea:61:1e:cb:bf: 59:40:31:6d:11:c5:f6:1b:88:60:d9:69:10:a5:5f: 11:05:ac:71:30:01:38:ef:36:39:80:91:3d:59:0e: 11:84:cb:5e:6b:5c:0c:eb:26:cb:7f:65:59:4c:22: 8c:82:27:92:78:83:b8:2f:38:11:fb:45:b0:f3:a2: 54:6b:af:b5:ee:a7:46:da:09:f6:05:f8:f9:37:61: 13:2f:62:24:04:ad:41:bd:3a:72:cc:20:61:f5:7b: f3:70:2e:d6:a7:0e:7d:87:9a:a4:8e:46:e9:a8:dd: 41:5a:c2:c1:b3:64:64:97:ad:af:6b:4d:9c:55:01: 3b:1d:62:f1:db:0b:f2:c6:63:86:46:f9:f4:59:ca: 71:6a:12:09:0f:cd:9b:6f:2e:32:67:e0:f9:e9:aa: 7c:ce:04:a7:5d:cf:f6:a6:d6:c6:4b:ac:fd:14:85: e0:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B0:B8:5D:41:5B:22:CC:64:F0:21:F5:A8:98:36:20:36:5C:49:07 X509v3 Authority Key Identifier: keyid:9E:29:B0:F5:1B:BB:6D:60:33:C0:EF:00:62:3C:C4:BB:AC:EA:58:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:f6:7d:14:2c:45:40:9e:06:ad:f9:3b:d1:ba:7d:68:64:26: d8:9d:2e:8f:d3:15:51:76:4e:d8:dd:df:f0:b1:0a:52:c3:bc: 38:70:1d:39:4c:fb:e0:2d:22:54:bc:9e:4d:9f:aa:b9:76:1d: a5:94:de:77:40:1c:76:c1:42:65:07:c3:d8:4f:1a:0b:2d:de: 16:78:a8:e4:96:f0:bc:3c:90:41:b2:6b:08:f0:db:ad:a7:1c: a0:9d:ba:e3:62:82:a9:4c:6b:19:5b:56:16:71:01:19:20:15: 3f:cc:b0:fa:8c:4d:3e:2a:21:e5:60:3f:c3:0c:45:11:11:55: 42:01:4e:7d:e2:b4:c1:22:96:1d:87:e1:eb:61:8e:fe:72:45: 36:83:a2:eb:ab:82:20:72:30:34:39:43:56:46:0f:55:9e:0c: f9:bb:79:d8:df:04:09:4e:f2:7b:50:24:31:3f:06:cc:15:36: 5e:72:2e:27:93:9a:fe:9d:80:d9:02:1e:54:b0:33:2e:81:da: 5b:5b:cd:4c:a3:c3:b7:df:ea:f3:b8:8b:30:60:7b:df:95:42: bf:1c:3a:71:fe:60:1f:8e:02:73:6e:0a:6f:1c:16:7d:16:e5: 8d:dd:ee:32:d5:a7:cf:d5:60:48:96:ed:e8:cc:a9:53:bc:46: 02:01:1a:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDRTMxMTAvBgNVBAUTKDlFMjlCMEY1MUJCQjZENjAzM0MwRUYwMDYyM0NDNEJC QUNFQTU4NDEwHhcNMjUwNTEwMjMzOTA5WhcNMjUwNTE3MjMzOTA5WjAYMRYwFAYD VQQDEw02ODFmZTM5ZC0wZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwE8KzibQGSYct+iI/jTGA9yhonHeaZ4egW6N1S4kl0qLxuqFMZD5OYWsa0je AlubrQ+woxJtFMjXq3JMsdTOtoQ72Q3XlvQWuyYioodefltcgyjx6mEey79ZQDFt EcX2G4hg2WkQpV8RBaxxMAE47zY5gJE9WQ4RhMtea1wM6ybLf2VZTCKMgieSeIO4 LzgR+0Ww86JUa6+17qdG2gn2Bfj5N2ETL2IkBK1BvTpyzCBh9XvzcC7Wpw59h5qk jkbpqN1BWsLBs2Rkl62va02cVQE7HWLx2wvyxmOGRvn0WcpxahIJD82bby4yZ+D5 6ap8zgSnXc/2ptbGS6z9FIXg8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKwuF1B WyLMZPAh9aiYNiA2XEkHMB8GA1UdIwQYMBaAFJ4psPUbu21gM8DvAGI8xLus6lhB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkNFMy82NzI4QzRDNDQw NTkxMUVDQTBBRkFBNERDNEY5QUUwMi9uaW13OVJ1N2JXQXp3TzhBWWp6RXU2enFX RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25pbXc5UnU3YldBendPOEFZanpFdTZ6cVdFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkNFMy82NzI4QzRDNDQwNTkxMUVDQTBBRkFBNERDNEY5QUUwMi9uaW13OVJ1N2JX QXp3TzhBWWp6RXU2enFXRUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC49n0ULEVAngat+TvRun1oZCbYnS6P0xVRdk7Y3d/wsQpSw7w4cB05 TPvgLSJUvJ5Nn6q5dh2llN53QBx2wUJlB8PYTxoLLd4WeKjklvC8PJBBsmsI8Nut pxygnbrjYoKpTGsZW1YWcQEZIBU/zLD6jE0+KiHlYD/DDEUREVVCAU594rTBIpYd h+HrYY7+ckU2g6Lrq4IgcjA0OUNWRg9Vngz5u3nY3wQJTvJ7UCQxPwbMFTZeci4n k5r+nYDZAh5UsDMugdpbW81Mo8O33+rzuIswYHvflUK/HDpx/mAfjgJzbgpvHBZ9 FuWN3e4y1afP1WBIlu3ozKlTvEYCARrI -----END CERTIFICATE-----Generated at Mon May 12 09:01:33 2025 by rpki-client