$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: M+O2wb+WhQ7Z7ZYx0X8wgW+fOJnB6C6S4cCd+l+U09Y= Subject key identifier: 43:1D:87:5F:62:26:B8:6B:81:C5:3D:BA:1D:23:B5:0A:23:BA:1E:06 Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 0886 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 0881 Signing time: Sun 20 Jul 2025 20:43:12 +0000 Manifest this update: Sun 20 Jul 2025 20:43:11 +0000 Manifest next update: Sun 27 Jul 2025 20:43:11 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: d8DmiGNdH8BZS8+gKdgnBt6KzF7XE58DlyBCjfe+iew=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: 7JqfyMrbJ4CL7Io5TdtHAHWsu8lXWZvGXH4eXClkDWI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2182 (0x886) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Jul 20 20:43:11 2025 GMT Not After : Jul 27 20:43:11 2025 GMT Subject: CN=687d54e0-6a8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a1:4d:9e:85:cd:53:a4:1a:69:3b:81:02:94: 9f:7e:df:01:aa:6d:9b:c2:a6:47:5e:db:43:1f:6f: b2:a4:30:4e:5b:b4:89:1e:a4:66:3e:00:ca:34:6f: 57:d9:cd:e9:4d:9e:56:2c:61:0a:60:24:e7:f0:50: 1b:ea:89:25:dc:3a:68:d6:14:83:26:ed:38:d3:08: ee:57:f5:2b:97:c2:0d:b5:11:5f:95:94:b7:e0:82: e0:a8:ee:60:01:66:45:c6:e1:2c:fb:1b:fd:b0:82: c7:74:d5:c2:9c:17:70:1e:df:8d:cd:7b:d1:fb:61: 8e:15:83:91:d8:24:06:be:9d:5a:88:a6:e7:8f:37: 8e:92:9f:48:77:f0:ed:ed:75:41:d0:40:2b:78:fa: 90:59:0b:77:27:3d:62:8e:8d:b0:c2:6f:55:0d:67: 68:ef:4e:85:79:85:ea:65:5e:be:aa:5d:ae:3e:4a: 94:43:43:af:d4:24:81:e2:f5:27:f2:95:bb:b8:ba: b7:b2:0f:75:78:c7:c0:15:a5:ec:65:e4:56:3d:d5: 89:dc:8f:a1:5a:d5:4b:c5:0e:06:eb:12:c1:6c:a6: 9f:99:22:29:46:57:e2:6d:fe:2e:e9:48:4d:77:d5: 1c:f3:40:61:36:84:e3:7c:6c:91:71:4e:3d:c1:98: 42:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:1D:87:5F:62:26:B8:6B:81:C5:3D:BA:1D:23:B5:0A:23:BA:1E:06 X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:8a:f7:d2:2a:f4:f5:5f:93:3e:38:02:e1:45:35:8c:ec:7b: 14:82:e3:e3:6c:06:ff:d1:04:85:43:0b:e1:fa:8f:bb:3a:a5: 17:c1:c4:d3:45:35:59:39:24:3a:61:8e:13:91:73:8f:1a:92: 05:20:bc:ba:9a:3a:47:ac:a3:3b:21:7e:63:92:8e:91:d0:0a: f7:a3:09:68:f1:e0:89:00:83:ad:af:53:e1:b7:96:21:b2:29: 49:59:a3:0a:1c:7d:92:ef:03:89:8a:cc:ad:8a:73:ee:8a:a5: c1:df:a3:38:9d:58:c9:10:e6:aa:a8:d8:57:91:2f:82:7a:e9: 8a:ce:4b:a1:44:22:c2:9f:46:58:6f:63:b2:51:0b:49:fc:9f: 64:68:90:a1:b5:25:7a:07:15:a7:41:c7:b0:db:43:53:db:f7: 5a:0e:02:01:8c:ea:0f:7f:a0:47:d2:62:d2:8e:39:38:e0:65: bb:75:b4:0d:84:26:38:14:0d:bc:f6:11:52:2f:c5:8e:04:85: 1f:75:48:47:a0:77:9e:ad:f3:00:30:6b:da:35:47:8f:7e:7d: be:1b:ce:58:09:48:74:25:4c:38:e3:a9:3b:be:50:2c:6b:29: 9d:c8:77:f8:6e:27:93:ac:cb:d4:c8:4b:30:be:46:78:58:0f: 48:40:52:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUwNzIwMjA0MzExWhcNMjUwNzI3MjA0MzExWjAYMRYwFAYD VQQDEw02ODdkNTRlMC02YThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsqFNnoXNU6QaaTuBApSfft8Bqm2bwqZHXttDH2+ypDBOW7SJHqRmPgDKNG9X 2c3pTZ5WLGEKYCTn8FAb6okl3Dpo1hSDJu040wjuV/Url8INtRFflZS34ILgqO5g AWZFxuEs+xv9sILHdNXCnBdwHt+NzXvR+2GOFYOR2CQGvp1aiKbnjzeOkp9Id/Dt 7XVB0EArePqQWQt3Jz1ijo2wwm9VDWdo706FeYXqZV6+ql2uPkqUQ0Ov1CSB4vUn 8pW7uLq3sg91eMfAFaXsZeRWPdWJ3I+hWtVLxQ4G6xLBbKafmSIpRlfibf4u6UhN d9Uc80BhNoTjfGyRcU49wZhCkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEMdh19i JrhrgcU9uh0jtQojuh4GMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUivfSKvT1X5M+OALhRTWM7HsUguPjbAb/0QSFQwvh+o+7OqUXwcTT RTVZOSQ6YY4TkXOPGpIFILy6mjpHrKM7IX5jko6R0Ar3owlo8eCJAIOtr1Pht5Yh silJWaMKHH2S7wOJisytinPuiqXB36M4nVjJEOaqqNhXkS+CeumKzkuhRCLCn0ZY b2OyUQtJ/J9kaJChtSV6BxWnQcew20NT2/daDgIBjOoPf6BH0mLSjjk44GW7dbQN hCY4FA289hFSL8WOBIUfdUhHoHeerfMAMGvaNUePfn2+G85YCUh0JUw446k7vlAs aymdyHf4bieTrMvUyEswvkZ4WA9IQFII -----END CERTIFICATE-----Generated at Mon Jul 21 03:05:29 2025 by rpki-client