$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.mft File: NPD4zYe4jE9SDkb7ldLbhPoEM2I.mft (raw, json) Hash identifier: l3+RjZFH419ZjsmCrRMVR+yf4cVZyIN0SZB3eoPHZrU= Subject key identifier: DA:9B:99:91:28:1F:6B:31:AA:AB:71:60:D2:18:78:33:60:AE:E9:42 Authority key identifier: 34:F0:F8:CD:87:B8:8C:4F:52:0E:46:FB:95:D2:DB:84:FA:04:33:62 Certificate issuer: /CN=A91A7B36/serialNumber=34F0F8CD87B88C4F520E46FB95D2DB84FA043362 Certificate serial: 14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NPD4zYe4jE9SDkb7ldLbhPoEM2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.mft Manifest number: 12 Signing time: Tue 01 Jul 2025 08:52:21 +0000 Manifest this update: Tue 01 Jul 2025 08:52:20 +0000 Manifest next update: Tue 08 Jul 2025 08:52:20 +0000 Files and hashes: 1: NPD4zYe4jE9SDkb7ldLbhPoEM2I.crl (hash: PGX/jzARPus7r+fbqbBKU2HZyNXOvK9qypqrmMvK55A=) 2: 5E4EF73E409011F0986B1F68C4F9AE02.roa (hash: zzVlxhn6+jvA03mHN2RlJJu0S5vEXRz/2+gZ9LS069Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.crl rsync://rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NPD4zYe4jE9SDkb7ldLbhPoEM2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:52:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7B36, serialNumber=34F0F8CD87B88C4F520E46FB95D2DB84FA043362 Validity Not Before: Jul 1 08:52:20 2025 GMT Not After : Jul 8 08:52:20 2025 GMT Subject: CN=6863a1c4-a0a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:84:5f:91:21:e1:d5:ae:85:5c:f4:58:60:9a: b9:0d:5e:49:de:ae:53:0b:28:41:11:15:ef:c6:25: dc:8d:3d:6b:a7:9e:50:e9:5f:f8:94:ca:45:a3:4a: b7:f4:c5:e7:e1:31:fe:58:ab:42:13:27:e1:ca:ab: 7b:6f:6b:3a:bf:1d:e7:da:c7:6a:d9:6c:7e:5c:19: 1c:ea:29:f5:7d:81:35:1a:a0:59:2e:e4:97:ec:61: 25:2a:fc:f4:ae:3a:c2:02:d1:4f:e6:c5:f8:99:52: fb:1a:3c:62:3b:7d:83:c2:71:4d:76:63:4e:8b:66: 89:c2:95:88:f6:cf:34:ff:dd:40:2d:e6:d7:38:6a: 3c:e6:b8:42:20:c7:d3:4d:e1:3f:4a:ea:c5:9f:39: 2d:89:4b:ea:89:09:4e:0c:9d:f6:2a:76:9d:61:e3: 83:44:3e:19:d9:3f:d8:6a:70:69:82:53:cb:46:2a: 3d:41:34:d5:ce:0b:41:83:96:ac:72:80:2f:30:b3: a5:d9:f1:83:bf:10:3f:86:77:da:06:ed:04:46:5a: 2f:56:9c:de:51:4f:c5:f9:b9:fe:f4:eb:41:d3:32: a5:a4:ee:b2:b7:44:4c:b3:de:26:e7:90:a2:67:c3: df:f1:92:0b:32:6c:9c:73:5a:ad:ca:9a:94:5e:6b: 69:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:9B:99:91:28:1F:6B:31:AA:AB:71:60:D2:18:78:33:60:AE:E9:42 X509v3 Authority Key Identifier: keyid:34:F0:F8:CD:87:B8:8C:4F:52:0E:46:FB:95:D2:DB:84:FA:04:33:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NPD4zYe4jE9SDkb7ldLbhPoEM2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7B36/72E6FA26408F11F0B34AEF47C4F9AE02/NPD4zYe4jE9SDkb7ldLbhPoEM2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:b1:a9:44:08:9f:21:fa:41:1b:cd:05:24:ab:b7:d4:8a:16: ea:4b:31:90:1c:52:58:40:9b:32:22:32:b3:b2:9d:72:e5:3a: de:55:56:dc:c9:0b:55:71:12:a7:80:55:0f:ff:ec:d4:9c:1a: e7:56:9b:dc:2a:72:60:93:74:1d:9b:86:23:76:18:19:a9:41: 9c:57:07:f6:72:18:03:f6:fd:ac:ea:ac:fb:04:19:f7:aa:f3: a1:b4:0c:40:30:40:a8:0a:d6:dd:82:3e:9d:bf:77:58:ef:da: e7:b8:53:d6:74:9e:c3:1c:93:1a:87:19:62:a8:58:2a:4c:54: 24:4d:0d:81:7e:88:38:19:2d:3d:b9:64:28:95:c6:64:26:3a: f4:e6:cd:1b:09:f1:cf:4f:90:22:02:31:ad:92:ce:bf:fd:7b: bd:10:65:a6:b6:a3:cf:50:fb:ee:e8:c3:8f:4d:23:bf:9e:6d: 3b:3f:53:b0:5a:50:e0:43:6a:cd:ca:a1:cf:e5:58:aa:22:f6: c9:6a:b2:2a:18:84:8f:5f:a1:08:4d:d8:2a:c7:a1:6a:b5:43: 45:5e:9e:98:2e:2a:c6:05:01:bd:5d:34:7b:90:ae:67:30:53: 85:67:95:f1:8b:9a:14:e8:4d:3d:56:90:01:fe:70:71:04:9a: 5f:c7:35:b8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB N0IzNjExMC8GA1UEBRMoMzRGMEY4Q0Q4N0I4OEM0RjUyMEU0NkZCOTVEMkRCODRG QTA0MzM2MjAeFw0yNTA3MDEwODUyMjBaFw0yNTA3MDgwODUyMjBaMBgxFjAUBgNV BAMTDTY4NjNhMWM0LWEwYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDShF+RIeHVroVc9FhgmrkNXknerlMLKEERFe/GJdyNPWunnlDpX/iUykWjSrf0 xefhMf5Yq0ITJ+HKq3tvazq/Hefax2rZbH5cGRzqKfV9gTUaoFku5JfsYSUq/PSu OsIC0U/mxfiZUvsaPGI7fYPCcU12Y06LZonClYj2zzT/3UAt5tc4ajzmuEIgx9NN 4T9K6sWfOS2JS+qJCU4MnfYqdp1h44NEPhnZP9hqcGmCU8tGKj1BNNXOC0GDlqxy gC8ws6XZ8YO/ED+Gd9oG7QRGWi9WnN5RT8X5uf7060HTMqWk7rK3REyz3ibnkKJn w9/xkgsybJxzWq3KmpRea2mTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2puZkSgf azGqq3Fg0hh4M2Cu6UIwHwYDVR0jBBgwFoAUNPD4zYe4jE9SDkb7ldLbhPoEM2Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3QjM2LzcyRTZGQTI2NDA4 RjExRjBCMzRBRUY0N0M0RjlBRTAyL05QRDR6WWU0akU5U0RrYjdsZExiaFBvRU0y SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTlBENHpZZTRqRTlTRGtiN2xkTGJoUG9FTTJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3 QjM2LzcyRTZGQTI2NDA4RjExRjBCMzRBRUY0N0M0RjlBRTAyL05QRDR6WWU0akU5 U0RrYjdsZExiaFBvRU0ySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKuxqUQInyH6QRvNBSSrt9SKFupLMZAcUlhAmzIiMrOynXLlOt5VVtzJ C1VxEqeAVQ//7NScGudWm9wqcmCTdB2bhiN2GBmpQZxXB/ZyGAP2/azqrPsEGfeq 86G0DEAwQKgK1t2CPp2/d1jv2ue4U9Z0nsMckxqHGWKoWCpMVCRNDYF+iDgZLT25 ZCiVxmQmOvTmzRsJ8c9PkCICMa2Szr/9e70QZaa2o89Q++7ow49NI7+ebTs/U7Ba UOBDas3Koc/lWKoi9slqsioYhI9foQhN2CrHoWq1Q0VenpguKsYFAb1dNHuQrmcw U4VnlfGLmhToTT1WkAH+cHEEml/HNbg= -----END CERTIFICATE-----Generated at Tue Jul 1 21:09:05 2025 by rpki-client