$ rpki-client -vvf rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.mft File: NmIvmQC0aq380FRk8Q1CsTBiUXY.mft (raw, json) Hash identifier: erDChojetFl+W55CSpnUrDsor1XjM5v9vwaIjLVhycs= Subject key identifier: 34:17:7D:74:C3:8F:C9:E8:D4:0E:2D:88:B7:96:ED:6E:7C:43:5F:4E Authority key identifier: 36:62:2F:99:00:B4:6A:AD:FC:D0:54:64:F1:0D:42:B1:30:62:51:76 Certificate issuer: /CN=A919CE1D/serialNumber=36622F9900B46AADFCD05464F10D42B130625176 Certificate serial: 04 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NmIvmQC0aq380FRk8Q1CsTBiUXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.mft Manifest number: 03 Signing time: Sat 19 Jul 2025 08:31:18 +0000 Manifest this update: Sat 19 Jul 2025 08:31:17 +0000 Manifest next update: Sat 26 Jul 2025 08:31:17 +0000 Files and hashes: 1: NmIvmQC0aq380FRk8Q1CsTBiUXY.crl (hash: uTRJfdR+yNPpbEylKEci75SiUF5i0yRsaPAgzKtcduA=) 2: 2518C04062E011F08D04F42EC4F9AE02.roa (hash: YXoQ9r4tej6CnG1FdK26UeZMqNkqakqvZSbUkeab5Z8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.crl rsync://rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NmIvmQC0aq380FRk8Q1CsTBiUXY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:31:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919CE1D, serialNumber=36622F9900B46AADFCD05464F10D42B130625176 Validity Not Before: Jul 19 08:31:17 2025 GMT Not After : Jul 26 08:31:17 2025 GMT Subject: CN=687b57d5-779d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b1:be:a8:eb:ca:eb:bf:2c:fe:f2:23:43:29: d6:3b:0b:dc:39:72:27:25:66:04:6b:cf:96:64:a3: 57:b8:8d:c7:44:a3:9b:1b:a8:22:d2:d3:98:05:d1: 73:62:67:26:54:b7:4a:3f:83:6c:84:87:40:a7:d1: 14:66:d9:73:54:fe:2e:a1:02:f9:76:29:c8:b5:88: 0f:2a:c9:22:95:91:0a:4d:16:18:41:d3:5b:bf:b0: 00:c1:6b:7f:7a:ac:d1:13:25:34:4f:f8:7f:13:57: 97:07:50:7b:04:b5:e8:fb:88:d0:03:f5:4b:52:04: ad:bb:e2:77:e8:55:50:29:cf:f8:da:99:75:6b:17: 33:27:ea:65:ba:83:7a:5f:df:f5:e1:f6:38:a1:55: b5:55:3c:eb:2e:d5:67:be:77:40:da:32:34:d4:98: 49:de:db:d4:aa:e4:05:18:18:ba:a6:92:c5:56:e8: a3:11:5e:78:dc:b3:ee:6f:82:29:2a:00:ae:65:be: f7:b9:bd:a5:0f:01:25:1a:2b:fc:c3:25:1a:8c:02: cf:76:c9:35:01:cf:00:0f:89:c4:ad:ae:9e:93:a0: 69:74:5c:38:f0:94:93:a9:00:fc:bd:e4:70:1f:e3: fd:62:15:80:b9:4a:6b:43:03:9a:54:69:64:b5:2d: 9b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:17:7D:74:C3:8F:C9:E8:D4:0E:2D:88:B7:96:ED:6E:7C:43:5F:4E X509v3 Authority Key Identifier: keyid:36:62:2F:99:00:B4:6A:AD:FC:D0:54:64:F1:0D:42:B1:30:62:51:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NmIvmQC0aq380FRk8Q1CsTBiUXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919CE1D/B548DBE262DF11F0A1E37E0EC4F9AE02/NmIvmQC0aq380FRk8Q1CsTBiUXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:76:3f:45:2b:c5:48:cb:0b:6c:3b:0a:33:7c:f1:52:10:f6: 0f:2c:70:8a:52:4a:91:4b:c5:82:f7:69:c2:3d:a2:7c:61:0a: a7:75:52:6f:b3:52:a7:5d:a7:5c:5f:51:1a:9c:cf:dd:49:30: cc:01:1f:df:8d:a6:1a:bc:03:1d:a3:0f:9f:91:54:6d:d3:0a: 67:0e:f3:c0:0a:3c:58:54:2f:72:7e:5d:2d:39:45:3f:a0:64: 98:af:a6:71:3c:a5:d3:44:08:0b:a7:e4:52:9c:73:b6:4e:36: df:c7:3b:36:a7:5f:4b:06:31:08:dd:a6:b3:6f:ad:4f:54:ca: d5:e6:53:55:6a:59:b5:00:e4:a7:d2:f6:74:6c:b8:29:ea:8f: ed:fa:5a:60:93:4a:69:88:0f:5e:b8:49:3a:03:b6:4b:b5:e9: 94:75:41:92:60:28:76:3e:5c:1d:17:02:f4:32:da:ce:5e:c7: 8f:6e:35:9f:31:bb:20:a3:67:01:05:4b:85:97:2a:5b:0e:7a: 73:6a:5c:4b:cb:de:e2:db:02:e5:a2:f8:bb:b9:4f:af:c2:cc: fc:46:1d:1c:33:bc:5f:2b:99:0f:38:17:1a:21:8b:45:c6:3a: 32:bc:07:c0:1d:a7:e0:52:8b:67:dd:65:e1:2c:4a:c8:5c:7a: fa:90:e8:af -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 Q0UxRDExMC8GA1UEBRMoMzY2MjJGOTkwMEI0NkFBREZDRDA1NDY0RjEwRDQyQjEz MDYyNTE3NjAeFw0yNTA3MTkwODMxMTdaFw0yNTA3MjYwODMxMTdaMBgxFjAUBgNV BAMTDTY4N2I1N2Q1LTc3OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDNsb6o68rrvyz+8iNDKdY7C9w5ciclZgRrz5Zko1e4jcdEo5sbqCLS05gF0XNi ZyZUt0o/g2yEh0Cn0RRm2XNU/i6hAvl2Kci1iA8qySKVkQpNFhhB01u/sADBa396 rNETJTRP+H8TV5cHUHsEtej7iNAD9UtSBK274nfoVVApz/jamXVrFzMn6mW6g3pf 3/Xh9jihVbVVPOsu1We+d0DaMjTUmEne29Sq5AUYGLqmksVW6KMRXnjcs+5vgikq AK5lvve5vaUPASUaK/zDJRqMAs92yTUBzwAPicStrp6ToGl0XDjwlJOpAPy95HAf 4/1iFYC5SmtDA5pUaWS1LZtpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUNBd9dMOP yejUDi2It5btbnxDX04wHwYDVR0jBBgwFoAUNmIvmQC0aq380FRk8Q1CsTBiUXYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlDRTFEL0I1NDhEQkUyNjJE RjExRjBBMUUzN0UwRUM0RjlBRTAyL05tSXZtUUMwYXEzODBGUms4UTFDc1RCaVVY WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTm1Jdm1RQzBhcTM4MEZSazhRMUNzVEJpVVhZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlD RTFEL0I1NDhEQkUyNjJERjExRjBBMUUzN0UwRUM0RjlBRTAyL05tSXZtUUMwYXEz ODBGUms4UTFDc1RCaVVYWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIt2P0UrxUjLC2w7CjN88VIQ9g8scIpSSpFLxYL3acI9onxhCqd1Um+z Uqddp1xfURqcz91JMMwBH9+Nphq8Ax2jD5+RVG3TCmcO88AKPFhUL3J+XS05RT+g ZJivpnE8pdNECAun5FKcc7ZONt/HOzanX0sGMQjdprNvrU9UytXmU1VqWbUA5KfS 9nRsuCnqj+36WmCTSmmID164SToDtku16ZR1QZJgKHY+XB0XAvQy2s5ex49uNZ8x uyCjZwEFS4WXKlsOenNqXEvL3uLbAuWi+Lu5T6/CzPxGHRwzvF8rmQ84Fxohi0XG OjK8B8Adp+BSi2fdZeEsSshcevqQ6K8= -----END CERTIFICATE-----Generated at Sun Jul 20 20:42:22 2025 by rpki-client