$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.mft File: nlE6zE17kAFKhn-1KviSKeALpKw.mft (raw, json) Hash identifier: /CzNAMjr4T/D5WzCb4Uznaw5qzf1C7F/QNdO4dlj4XY= Subject key identifier: 7C:29:AB:35:C0:60:D0:58:F8:DC:3A:1B:1E:FE:6F:E7:61:65:CF:C1 Authority key identifier: 9E:51:3A:CC:4D:7B:90:01:4A:86:7F:B5:2A:F8:92:29:E0:0B:A4:AC Certificate issuer: /CN=A91B2472/serialNumber=9E513ACC4D7B90014A867FB52AF89229E00BA4AC Certificate serial: A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nlE6zE17kAFKhn-1KviSKeALpKw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.mft Manifest number: A2 Signing time: Sat 31 May 2025 05:48:58 +0000 Manifest this update: Sat 31 May 2025 05:48:57 +0000 Manifest next update: Sat 07 Jun 2025 05:48:57 +0000 Files and hashes: 1: nlE6zE17kAFKhn-1KviSKeALpKw.crl (hash: nm9wycoKtWgIxikUCu5c5OeDvtnxJpo0DI4gLjmoR+s=) 2: 1B4BDA5C48B011EF9D34415EC4F9AE02.roa (hash: /fW0UzdpOpiVi/4bzpgP5X5TzlzFOgXdGZfbyGjzbdE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.crl rsync://rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nlE6zE17kAFKhn-1KviSKeALpKw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:48:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165 (0xa5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2472, serialNumber=9E513ACC4D7B90014A867FB52AF89229E00BA4AC Validity Not Before: May 31 05:48:57 2025 GMT Not After : Jun 7 05:48:57 2025 GMT Subject: CN=683a9849-e1b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:57:92:52:70:20:aa:b6:21:b7:ec:86:fc:d8: 9a:df:a7:1c:27:44:3c:43:56:76:72:d2:18:49:17: 73:71:1c:c9:22:83:74:29:b6:b3:4f:a3:92:d3:18: 5c:98:13:b9:b2:4a:d8:80:3a:1c:35:c2:4f:3d:9d: 9f:06:10:56:54:f8:46:10:ee:46:3e:d1:5c:f2:c9: 74:42:77:ad:d6:1d:38:7a:e8:fd:bc:01:6f:10:7a: a3:1e:36:62:01:3e:e4:d4:f2:06:6a:36:ac:b5:62: 85:47:03:cd:d4:d8:7c:4b:e1:12:0e:93:c8:58:d4: dd:0e:30:10:14:e2:23:8e:58:ec:0c:4d:a0:04:6f: 1b:83:74:45:ef:eb:6b:63:07:2c:5f:9c:ce:47:ef: f8:79:5d:22:d3:e3:ea:63:65:ee:64:06:b2:0b:8c: 42:de:ab:af:64:6d:9c:8c:d8:fd:4e:4c:6c:bf:21: 88:17:f1:09:3f:38:42:f1:23:a9:ed:c6:01:25:ec: d7:7d:1f:58:67:be:ea:23:07:f5:9c:26:f4:78:08: 64:7c:e0:57:2c:a5:85:1a:da:c3:b6:af:ec:1d:52: 8e:fa:7c:91:2d:ab:e6:de:4c:39:9b:c0:01:a9:85: 58:66:ab:e7:d2:86:99:f6:21:a7:76:e5:81:26:2c: 1f:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:29:AB:35:C0:60:D0:58:F8:DC:3A:1B:1E:FE:6F:E7:61:65:CF:C1 X509v3 Authority Key Identifier: keyid:9E:51:3A:CC:4D:7B:90:01:4A:86:7F:B5:2A:F8:92:29:E0:0B:A4:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nlE6zE17kAFKhn-1KviSKeALpKw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2472/E62B735A481911EFB8BE4534C4F9AE02/nlE6zE17kAFKhn-1KviSKeALpKw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:02:33:14:63:cc:80:21:17:eb:cd:3f:d5:aa:cb:99:05:05: f5:b4:75:f1:ad:2a:41:3d:92:66:e4:df:fe:5d:c3:03:c7:71: a5:6c:94:e2:ab:8c:8f:56:ab:46:d5:a9:94:3e:0e:ac:f2:81: c4:9f:23:98:00:37:b1:56:39:55:33:eb:01:f1:85:25:fc:53: 1c:12:00:5c:8b:9c:96:71:0a:c2:af:3c:7f:89:57:a3:b9:f0: 52:01:c4:f0:9b:ca:de:a6:21:bd:8f:28:52:35:61:ab:bd:67: 34:6e:3f:14:17:f7:ae:fb:e9:4c:b3:35:12:7d:c6:27:61:06: 43:71:03:2e:d0:aa:6c:a0:92:23:f2:6f:94:8f:e2:15:48:f0: 8f:0a:0e:b3:4e:33:14:f5:20:66:06:cd:8c:88:a2:c6:c0:0b: d2:4d:a5:b5:b2:f6:71:aa:da:a5:0d:26:b7:e9:fa:34:1d:4c: ef:f7:06:52:f1:fc:36:3a:64:1c:c0:0c:aa:f0:19:b3:30:77: 02:cc:15:98:4e:cd:f3:0a:dc:0e:5e:0d:cd:4b:86:9e:92:09: f8:5e:87:86:3f:09:40:5c:4b:c7:58:32:44:9c:2f:9c:e2:b4: 55:fd:6c:aa:4f:ad:d2:c6:00:27:46:e3:47:1b:7d:1c:b4:ef: a9:85:16:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI0NzIxMTAvBgNVBAUTKDlFNTEzQUNDNEQ3QjkwMDE0QTg2N0ZCNTJBRjg5MjI5 RTAwQkE0QUMwHhcNMjUwNTMxMDU0ODU3WhcNMjUwNjA3MDU0ODU3WjAYMRYwFAYD VQQDEw02ODNhOTg0OS1lMWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqVeSUnAgqrYht+yG/Nia36ccJ0Q8Q1Z2ctIYSRdzcRzJIoN0KbazT6OS0xhc mBO5skrYgDocNcJPPZ2fBhBWVPhGEO5GPtFc8sl0Qnet1h04euj9vAFvEHqjHjZi AT7k1PIGajastWKFRwPN1Nh8S+ESDpPIWNTdDjAQFOIjjljsDE2gBG8bg3RF7+tr YwcsX5zOR+/4eV0i0+PqY2XuZAayC4xC3quvZG2cjNj9TkxsvyGIF/EJPzhC8SOp 7cYBJezXfR9YZ77qIwf1nCb0eAhkfOBXLKWFGtrDtq/sHVKO+nyRLavm3kw5m8AB qYVYZqvn0oaZ9iGnduWBJiwfFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHwpqzXA YNBY+Nw6Gx7+b+dhZc/BMB8GA1UdIwQYMBaAFJ5ROsxNe5ABSoZ/tSr4kingC6Ss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjQ3Mi9FNjJCNzM1QTQ4 MTkxMUVGQjhCRTQ1MzRDNEY5QUUwMi9ubEU2ekUxN2tBRktobi0xS3ZpU0tlQUxw S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25sRTZ6RTE3a0FGS2huLTFLdmlTS2VBTHBLdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MjQ3Mi9FNjJCNzM1QTQ4MTkxMUVGQjhCRTQ1MzRDNEY5QUUwMi9ubEU2ekUxN2tB Rktobi0xS3ZpU0tlQUxwS3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwAjMUY8yAIRfrzT/VqsuZBQX1tHXxrSpBPZJm5N/+XcMDx3GlbJTi q4yPVqtG1amUPg6s8oHEnyOYADexVjlVM+sB8YUl/FMcEgBci5yWcQrCrzx/iVej ufBSAcTwm8repiG9jyhSNWGrvWc0bj8UF/eu++lMszUSfcYnYQZDcQMu0KpsoJIj 8m+Uj+IVSPCPCg6zTjMU9SBmBs2MiKLGwAvSTaW1svZxqtqlDSa36fo0HUzv9wZS 8fw2OmQcwAyq8BmzMHcCzBWYTs3zCtwOXg3NS4aekgn4XoeGPwlAXEvHWDJEnC+c 4rRV/WyqT63SxgAnRuNHG30ctO+phRbQ -----END CERTIFICATE-----Generated at Sat May 31 17:17:24 2025 by rpki-client