$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: hZgSGgrb9wFF1/LYs3Ae6eO2FIpNNfga7iV6AhJWQ2Q= Subject key identifier: BB:36:16:7B:75:8F:5A:F0:F7:87:CB:24:B3:6A:43:68:48:F3:3A:AB Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 0247 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 0244 Signing time: Tue 01 Jul 2025 02:33:38 +0000 Manifest this update: Tue 01 Jul 2025 02:33:37 +0000 Manifest next update: Tue 08 Jul 2025 02:33:37 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: /p3tzTK80tp57QEfRFDYbKYUZ7nkzy0ErRfAIbif8NQ=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: Tnx2Z5nAikiyTdOaTCX/ncL6S79XtcR6l/WD0Ni24yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:33:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 583 (0x247) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Jul 1 02:33:37 2025 GMT Not After : Jul 8 02:33:37 2025 GMT Subject: CN=68634901-7c32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:70:39:41:b9:9a:68:f9:77:db:80:b3:43:fc: 59:f7:8c:c9:46:de:0b:15:1b:d1:52:df:47:a8:39: 72:ab:a4:07:dd:2b:c6:a6:ca:e4:cc:49:f8:54:9b: 57:b3:4b:59:24:c4:07:e5:be:7b:c8:1d:37:52:f2: 6f:6d:ab:07:a3:eb:d0:a4:5b:97:9c:4c:84:90:2c: c7:ae:3c:cb:e2:cf:f4:0a:36:1a:db:20:6a:09:b1: 76:40:8a:cb:8b:24:31:e3:59:e3:12:b1:cc:a7:8c: fa:3f:f3:a3:2e:ed:83:5f:0c:7b:f3:6d:8a:f5:66: 23:c6:45:24:05:e2:ac:0a:ce:d1:7c:b3:59:32:ca: 6a:22:8d:ba:61:bf:c4:e2:80:d7:03:0c:20:54:4f: 2b:89:ba:24:45:3b:09:f6:a9:95:46:f5:97:24:01: bb:98:00:91:ae:df:85:3e:fe:b2:aa:91:a9:74:d3: 51:d1:5c:ae:6c:8d:0e:e5:ad:4c:0a:6a:0a:7f:9d: 68:1d:45:93:3a:fd:bc:ef:7d:3c:2b:33:5b:50:4a: 43:73:a1:a5:30:70:76:bc:6b:41:e4:e4:c0:e1:31: 81:90:73:17:d5:31:c9:a8:6e:fe:b4:fb:6b:ab:dc: df:92:87:67:7f:95:ff:60:7d:bd:70:ee:da:2a:c2: d4:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:36:16:7B:75:8F:5A:F0:F7:87:CB:24:B3:6A:43:68:48:F3:3A:AB X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:f9:7b:dc:1c:05:e5:f2:07:00:7c:98:40:a8:47:6c:48:d2: 84:70:d0:42:ec:a6:a7:81:ad:a0:ae:9c:47:8b:cb:b1:4d:c7: 84:82:79:33:21:4f:5c:9f:1c:84:d6:d7:b1:ab:34:41:0e:01: c0:94:4d:4b:20:2e:56:79:09:80:99:0e:d7:9c:bd:ef:42:5a: 2a:a8:8c:ed:ee:ae:a6:12:b3:cb:94:40:04:da:30:9f:05:92: 2a:6c:95:87:4c:a5:f9:fd:0f:85:a9:77:3e:1d:09:48:94:4b: fa:cf:db:77:6b:63:bc:9e:20:e1:fc:08:c9:17:7f:7f:47:72: 63:07:08:d1:ac:b3:6d:7b:21:49:29:2a:32:79:8c:7b:af:e8: 4f:fc:31:66:0a:e6:20:50:a8:45:5a:39:e5:c4:02:9e:98:52: e8:4f:fd:6f:55:28:4d:10:36:1e:d0:3e:01:47:5f:a4:4f:bf: 35:4d:e9:df:f3:20:6c:7b:53:c4:79:e3:c6:48:c1:6b:81:dc: f1:78:f1:b3:fe:47:3f:7e:a5:6c:90:d0:2a:df:09:a5:98:ce: 16:3a:c2:5f:37:d8:36:fe:07:8a:49:ec:42:87:22:e8:ac:52: fc:62:f9:5c:ca:53:db:a1:f1:f9:8b:2b:c3:e1:6e:70:8f:fe: f7:97:61:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUwNzAxMDIzMzM3WhcNMjUwNzA4MDIzMzM3WjAYMRYwFAYD VQQDEw02ODYzNDkwMS03YzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXA5QbmaaPl324CzQ/xZ94zJRt4LFRvRUt9HqDlyq6QH3SvGpsrkzEn4VJtX s0tZJMQH5b57yB03UvJvbasHo+vQpFuXnEyEkCzHrjzL4s/0CjYa2yBqCbF2QIrL iyQx41njErHMp4z6P/OjLu2DXwx7822K9WYjxkUkBeKsCs7RfLNZMspqIo26Yb/E 4oDXAwwgVE8ribokRTsJ9qmVRvWXJAG7mACRrt+FPv6yqpGpdNNR0VyubI0O5a1M CmoKf51oHUWTOv287308KzNbUEpDc6GlMHB2vGtB5OTA4TGBkHMX1THJqG7+tPtr q9zfkodnf5X/YH29cO7aKsLUaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLs2Fnt1 j1rw94fLJLNqQ2hI8zqrMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9+XvcHAXl8gcAfJhAqEdsSNKEcNBC7Kanga2grpxHi8uxTceEgnkz IU9cnxyE1texqzRBDgHAlE1LIC5WeQmAmQ7XnL3vQloqqIzt7q6mErPLlEAE2jCf BZIqbJWHTKX5/Q+FqXc+HQlIlEv6z9t3a2O8niDh/AjJF39/R3JjBwjRrLNteyFJ KSoyeYx7r+hP/DFmCuYgUKhFWjnlxAKemFLoT/1vVShNEDYe0D4BR1+kT781Tenf 8yBse1PEeePGSMFrgdzxePGz/kc/fqVskNAq3wmlmM4WOsJfN9g2/geKSexChyLo rFL8YvlcylPbofH5iyvD4W5wj/73l2Hi -----END CERTIFICATE-----Generated at Wed Jul 2 01:56:32 2025 by rpki-client