$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: KFJv1IN//QyhKm1X5tdf9aTRbox6wCixXDcYmJN8N1E= Subject key identifier: DC:48:86:38:30:5A:B5:97:C7:31:98:D3:8D:57:D4:B9:73:06:ED:C0 Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: CA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: BF Signing time: Fri 05 Sep 2025 06:33:10 +0000 Manifest this update: Fri 05 Sep 2025 06:33:09 +0000 Manifest next update: Fri 12 Sep 2025 06:33:09 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: /2hTUitU49AegoZ5fswpvRlWRXUrgqkPL5DXRm4y5Sg=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: 4Ilw9gY/NOcFcq0qbuj1smp6o0+TRpgSf2CHUKcnvWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:33:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: Sep 5 06:33:09 2025 GMT Not After : Sep 12 06:33:09 2025 GMT Subject: CN=68ba8425-25ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:4e:8e:1a:08:42:37:d3:12:59:84:e2:a0:c1: 68:d6:f7:e9:50:43:3f:35:22:d5:a1:12:92:2f:97: 90:60:87:a2:cf:1f:c0:b9:0a:b8:46:49:0b:97:ea: 86:5c:3c:be:cc:25:22:58:e5:e4:b1:91:e7:a0:ba: 02:1f:4d:64:f1:0c:d4:e5:b8:66:7f:c5:08:24:d9: cb:86:5a:45:8d:08:70:4b:07:ce:3f:43:25:d6:1d: 34:35:84:3b:ef:de:04:9c:10:f8:76:23:ee:17:3e: 3b:88:12:85:2c:48:53:4a:6d:b4:50:9b:32:22:23: be:dc:10:2d:34:9b:53:03:9d:22:bb:0c:a2:dd:d4: 99:fd:af:a3:02:32:60:8e:0c:6e:cd:53:22:bd:76: c2:76:e4:0a:3c:ad:c9:3f:dc:15:3f:86:dc:b6:02: 39:07:b9:74:04:89:09:ec:2c:a9:fb:92:cd:ad:ae: a6:86:3e:3a:88:ee:8f:c7:e2:2d:35:c6:5a:da:e0: 33:c5:ed:c2:db:7e:01:5a:fe:24:00:96:d0:ab:95: c3:46:d3:87:3c:c4:da:2b:93:eb:ba:c7:65:e8:f9: 52:4f:94:78:f7:94:ec:c0:41:39:08:a9:93:61:01: 47:af:0d:3c:83:5a:e9:42:4a:d5:14:59:be:c0:be: 9d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:48:86:38:30:5A:B5:97:C7:31:98:D3:8D:57:D4:B9:73:06:ED:C0 X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:2c:48:e1:06:fd:c1:94:04:5e:8c:ee:30:4a:d2:0d:f3:60: 68:52:99:7c:90:ce:fc:e9:bd:1a:6b:81:9c:82:74:f6:e4:d8: 76:4a:02:6a:3b:c9:60:6c:88:d6:43:4c:ff:62:a4:d7:e7:e5: 01:7b:6b:fa:30:fe:f9:49:c3:39:d3:85:0f:ff:f1:23:c6:5f: a2:41:04:d3:1b:37:1f:17:4f:5d:c8:86:fc:f0:2e:bf:03:91: bf:e1:96:fe:36:ce:42:6b:c3:8c:0d:6c:9b:6a:a0:19:dc:1a: 5b:10:95:47:b5:2f:49:1f:bc:b5:82:cc:4c:13:37:c7:0f:fe: 9d:f0:d2:77:ff:3b:06:73:29:14:ed:ef:ce:e9:00:97:b7:01: 5f:c6:a0:e6:14:4a:c1:5b:c8:25:d4:cf:2a:62:e7:b4:d9:7f: 59:fc:96:b8:d0:f7:c8:70:b7:ae:9c:46:ba:1c:5f:d7:0a:1f: e3:26:fe:ac:ca:23:be:8a:37:4e:36:34:ed:c0:84:5e:8f:63: b6:fb:71:a7:b6:d9:16:6a:b7:1e:58:b2:20:5a:ae:71:ae:c6: 67:da:49:7c:bc:31:76:7d:b7:a1:83:a8:f5:f7:f5:11:d1:47: 60:49:ee:c5:8a:f5:95:77:e2:af:1b:a9:2c:6e:34:4f:b5:1a: 54:46:c8:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDM1NzQ3OTBEOERGODJCM0I1NTFFM0I3MDI1NzFCQUY1 NUE5RTk5NjEwHhcNMjUwOTA1MDYzMzA5WhcNMjUwOTEyMDYzMzA5WjAYMRYwFAYD VQQDEw02OGJhODQyNS0yNWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8k6OGghCN9MSWYTioMFo1vfpUEM/NSLVoRKSL5eQYIeizx/AuQq4RkkLl+qG XDy+zCUiWOXksZHnoLoCH01k8QzU5bhmf8UIJNnLhlpFjQhwSwfOP0Ml1h00NYQ7 794EnBD4diPuFz47iBKFLEhTSm20UJsyIiO+3BAtNJtTA50iuwyi3dSZ/a+jAjJg jgxuzVMivXbCduQKPK3JP9wVP4bctgI5B7l0BIkJ7Cyp+5LNra6mhj46iO6Px+It NcZa2uAzxe3C234BWv4kAJbQq5XDRtOHPMTaK5Prusdl6PlST5R495TswEE5CKmT YQFHrw08g1rpQkrVFFm+wL6dCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxIhjgw WrWXxzGY041X1LlzBu3AMB8GA1UdIwQYMBaAFDV0eQ2N+Cs7VR47cCVxuvVanplh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi82QjVEMkE3Qzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6dFZIanR3SlhHNjlWcWVt V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1XRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6 dFZIanR3SlhHNjlWcWVtV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiLEjhBv3BlARejO4wStIN82BoUpl8kM786b0aa4GcgnT25Nh2SgJq O8lgbIjWQ0z/YqTX5+UBe2v6MP75ScM504UP//Ejxl+iQQTTGzcfF09dyIb88C6/ A5G/4Zb+Ns5Ca8OMDWybaqAZ3BpbEJVHtS9JH7y1gsxMEzfHD/6d8NJ3/zsGcykU 7e/O6QCXtwFfxqDmFErBW8gl1M8qYue02X9Z/Ja40PfIcLeunEa6HF/XCh/jJv6s yiO+ijdONjTtwIRej2O2+3GnttkWarceWLIgWq5xrsZn2kl8vDF2fbehg6j19/UR 0UdgSe7FivWVd+KvG6ksbjRPtRpURsjo -----END CERTIFICATE-----Generated at Sat Sep 6 21:01:20 2025 by rpki-client