$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: JN21/3gYIJvUYnV9LkiUo/bBUXdo84jua0hW5n3lHcQ= Subject key identifier: E5:C6:E2:09:6F:9F:6F:9F:92:40:8A:2B:33:C1:31:7F:30:E9:B7:7B Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 086E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 0869 Signing time: Mon 02 Jun 2025 20:50:51 +0000 Manifest this update: Mon 02 Jun 2025 20:50:51 +0000 Manifest next update: Mon 09 Jun 2025 20:50:50 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: mFF9qYVckinQHsDBobivTN7l+5nnUXVO0V1ZyzCnkNs=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: 7JqfyMrbJ4CL7Io5TdtHAHWsu8lXWZvGXH4eXClkDWI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 20:50:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2158 (0x86e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Jun 2 20:50:51 2025 GMT Not After : Jun 9 20:50:50 2025 GMT Subject: CN=683e0eab-d212 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fe:9a:ec:a2:ab:ea:37:e3:ee:42:f0:94:4c: 88:1c:c3:ab:0b:58:24:20:6d:9c:f4:a7:4b:7d:12: a6:ce:c1:03:9d:3c:bb:a9:e1:a9:91:cb:0c:82:5c: f8:df:71:88:19:48:c0:f7:0e:7d:b4:3f:9b:f1:d3: 26:3b:e2:09:62:6d:12:b8:11:13:5d:fc:ae:64:26: ad:ac:09:49:8b:be:7d:cd:f6:99:2b:5b:bb:73:d9: 62:be:79:61:ef:89:16:25:56:76:15:e2:50:27:84: f2:71:59:dc:97:73:f6:8a:ca:05:5c:b5:9e:25:86: 3e:c4:4b:57:09:18:76:70:a3:6d:e4:08:d3:70:0e: 1f:c2:9f:bd:62:92:d8:8c:66:43:9f:40:c6:85:35: ee:62:45:e2:58:91:1d:6b:01:97:4a:0b:92:d7:64: bf:7b:76:76:e9:56:75:57:bc:9a:dd:5f:e0:30:9a: 96:1f:05:ef:c6:32:12:a8:80:80:e9:b3:2e:6d:c5: 03:17:6b:a5:81:f5:9f:fd:b3:f1:69:d4:9f:08:ea: f1:0b:78:d3:4a:29:5c:2b:39:4e:14:07:2a:3e:1c: 51:51:80:79:ae:83:e7:60:f1:37:cf:5f:ea:f6:73: 22:74:cd:62:04:c3:e0:36:cd:da:c2:5d:da:5a:ec: 7a:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:C6:E2:09:6F:9F:6F:9F:92:40:8A:2B:33:C1:31:7F:30:E9:B7:7B X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:d0:ab:c3:d3:1b:90:b2:ed:84:c4:95:0c:0a:de:53:bf:02: 3d:8c:68:66:09:2f:17:36:09:08:54:60:7f:26:c8:bb:fa:5d: 50:65:5a:81:d5:cf:e7:4e:74:07:07:de:92:7f:fd:65:64:a3: df:e6:fd:19:f1:3b:32:24:f2:dc:c5:df:ca:bf:e0:84:b1:a1: c0:99:7c:d2:b5:50:50:99:12:65:1f:2f:92:4d:21:88:88:ed: d8:ec:b2:98:d9:7a:8e:a2:87:d5:4e:ba:26:20:24:37:b4:ec: 7e:67:b9:f5:6d:d2:aa:ee:fe:15:91:58:83:ab:72:23:ce:7a: da:c0:d2:46:1e:e9:d3:e5:2f:68:c3:34:39:5a:44:68:9a:72: 3f:dc:b2:25:a5:16:e1:04:9d:03:a8:54:e2:80:7d:a8:ba:36: d9:f8:35:2e:33:64:cc:ea:4e:cd:d5:56:b2:ec:7d:71:42:55: 56:ea:3d:52:11:a0:bd:20:f4:67:04:0f:41:a8:95:4c:25:44: cd:93:7d:78:f5:2b:5b:98:68:82:c1:b3:6d:9e:f0:53:71:a0: 53:c2:7d:b6:4a:53:da:44:c9:f4:85:2e:31:ff:4b:5e:71:b2: 98:7c:06:1f:96:51:f5:45:30:f6:87:16:a6:f5:8a:b1:c4:18: 4d:0e:98:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUwNjAyMjA1MDUxWhcNMjUwNjA5MjA1MDUwWjAYMRYwFAYD VQQDEw02ODNlMGVhYi1kMjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvP6a7KKr6jfj7kLwlEyIHMOrC1gkIG2c9KdLfRKmzsEDnTy7qeGpkcsMglz4 33GIGUjA9w59tD+b8dMmO+IJYm0SuBETXfyuZCatrAlJi759zfaZK1u7c9livnlh 74kWJVZ2FeJQJ4TycVncl3P2isoFXLWeJYY+xEtXCRh2cKNt5AjTcA4fwp+9YpLY jGZDn0DGhTXuYkXiWJEdawGXSguS12S/e3Z26VZ1V7ya3V/gMJqWHwXvxjISqICA 6bMubcUDF2ulgfWf/bPxadSfCOrxC3jTSilcKzlOFAcqPhxRUYB5roPnYPE3z1/q 9nMidM1iBMPgNs3awl3aWux6pQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOXG4glv n2+fkkCKKzPBMX8w6bd7MB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA50KvD0xuQsu2ExJUMCt5TvwI9jGhmCS8XNgkIVGB/Jsi7+l1QZVqB 1c/nTnQHB96Sf/1lZKPf5v0Z8TsyJPLcxd/Kv+CEsaHAmXzStVBQmRJlHy+STSGI iO3Y7LKY2XqOoofVTromICQ3tOx+Z7n1bdKq7v4VkViDq3IjznrawNJGHunT5S9o wzQ5WkRomnI/3LIlpRbhBJ0DqFTigH2oujbZ+DUuM2TM6k7N1Vay7H1xQlVW6j1S EaC9IPRnBA9BqJVMJUTNk3149StbmGiCwbNtnvBTcaBTwn22SlPaRMn0hS4x/0te cbKYfAYfllH1RTD2hxam9YqxxBhNDpjq -----END CERTIFICATE-----Generated at Tue Jun 3 23:53:09 2025 by rpki-client