$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: HrmVL8U/OHJMVm7aM9IP/Id6Z/u+aymisyyi0R5DsvI= Subject key identifier: FC:BE:F6:50:8C:CA:68:63:1F:13:A4:E3:B6:3A:99:E6:18:97:05:91 Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 022E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 022B Signing time: Sun 11 May 2025 01:27:37 +0000 Manifest this update: Sun 11 May 2025 01:27:36 +0000 Manifest next update: Sun 18 May 2025 01:27:36 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: IvvqkNa5yZagkG+7lwLtz2v0/BzNZ7loTbiZ6aPwRHc=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: Tnx2Z5nAikiyTdOaTCX/ncL6S79XtcR6l/WD0Ni24yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 01:27:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 558 (0x22e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: May 11 01:27:36 2025 GMT Not After : May 18 01:27:36 2025 GMT Subject: CN=681ffd08-9244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ca:db:e2:80:71:26:25:40:1b:e3:40:16:48: 2b:bd:fa:52:ae:b9:1b:86:20:98:d3:b1:c0:fa:ef: 3f:bf:d5:21:f2:bc:25:e1:60:47:06:54:0b:62:1a: 84:3c:a5:bb:8d:27:e8:1c:6e:cc:e7:41:62:18:37: e7:d7:19:ee:55:a5:56:f2:f4:d5:c5:b8:0a:78:a7: f0:3b:e0:e3:f0:e6:9c:26:ba:7b:ad:26:b6:97:e0: 2b:57:90:8e:21:fb:c7:7c:9c:90:66:e5:3b:70:98: fb:d0:ec:21:6a:a8:d7:df:0d:10:30:91:aa:93:ce: a7:b8:b0:09:05:f4:3c:58:88:8d:15:eb:61:72:33: 99:60:06:90:f4:6e:de:e8:cf:ba:1e:e0:72:54:9a: f9:1c:16:a5:2e:0f:40:c8:2b:61:c8:3d:78:6e:30: 1d:75:99:f2:fb:fa:f3:d3:ca:23:3a:6b:d5:a5:82: a2:8c:86:74:f6:c9:3b:c3:58:d3:89:ee:58:16:4c: eb:78:31:e4:e2:a6:fb:a9:9c:75:da:3b:ff:18:db: 05:68:82:15:42:ff:e5:c8:0f:4a:0f:43:7c:68:19: 00:26:8a:43:43:32:31:e0:2d:d6:4a:99:6d:b7:0c: 00:22:19:ad:3a:f3:21:2e:2d:75:6b:38:3f:2b:d1: 31:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:BE:F6:50:8C:CA:68:63:1F:13:A4:E3:B6:3A:99:E6:18:97:05:91 X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:54:9d:de:21:03:a8:a2:74:47:0a:f1:33:25:f1:d2:00:d3: e4:9d:b4:88:03:7a:3c:64:d6:06:09:3f:cf:fc:80:97:08:9c: 0d:30:3d:cb:aa:fc:c6:13:b4:a8:9a:42:6e:ee:ca:2f:9c:a6: ef:a1:e8:29:86:38:a7:2b:53:8b:a7:2e:4a:58:4a:46:50:3d: 22:ed:04:8c:92:8a:be:c7:60:50:e1:47:41:f0:69:77:93:03: 3b:df:1d:71:fa:48:a3:5c:f9:c5:f5:92:88:20:b8:7a:35:f3: e9:2a:6d:6d:6d:97:f6:7e:d9:ad:96:86:74:df:ec:64:ec:5a: c9:03:cd:ac:2e:26:d0:b5:e6:62:d4:26:42:ff:8c:79:e2:b8: 4b:31:f8:e1:cc:1a:42:6c:fc:71:76:c7:c8:d9:a3:07:54:5a: d9:c7:ff:aa:02:f7:ad:c8:26:af:74:89:38:ca:f0:c1:2e:99: 96:10:ad:fa:2e:b3:f7:c0:23:20:e4:0d:f1:8b:5a:d0:e7:50: 09:81:fe:f1:aa:0c:e1:64:d6:d3:75:bf:aa:c8:51:f6:c6:d3: 4f:df:54:65:84:9a:fe:9d:21:c0:0e:57:a4:84:29:9c:4b:33: 92:14:2f:12:11:5c:88:7f:c4:b7:cb:4b:ed:87:b5:19:03:9e: 5e:37:8a:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUwNTExMDEyNzM2WhcNMjUwNTE4MDEyNzM2WjAYMRYwFAYD VQQDEw02ODFmZmQwOC05MjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArcrb4oBxJiVAG+NAFkgrvfpSrrkbhiCY07HA+u8/v9Uh8rwl4WBHBlQLYhqE PKW7jSfoHG7M50FiGDfn1xnuVaVW8vTVxbgKeKfwO+Dj8OacJrp7rSa2l+ArV5CO IfvHfJyQZuU7cJj70OwhaqjX3w0QMJGqk86nuLAJBfQ8WIiNFethcjOZYAaQ9G7e 6M+6HuByVJr5HBalLg9AyCthyD14bjAddZny+/rz08ojOmvVpYKijIZ09sk7w1jT ie5YFkzreDHk4qb7qZx12jv/GNsFaIIVQv/lyA9KD0N8aBkAJopDQzIx4C3WSplt twwAIhmtOvMhLi11azg/K9ExyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPy+9lCM ymhjHxOk47Y6meYYlwWRMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7VJ3eIQOoonRHCvEzJfHSANPknbSIA3o8ZNYGCT/P/ICXCJwNMD3L qvzGE7SomkJu7sovnKbvoegphjinK1OLpy5KWEpGUD0i7QSMkoq+x2BQ4UdB8Gl3 kwM73x1x+kijXPnF9ZKIILh6NfPpKm1tbZf2ftmtloZ03+xk7FrJA82sLibQteZi 1CZC/4x54rhLMfjhzBpCbPxxdsfI2aMHVFrZx/+qAvetyCavdIk4yvDBLpmWEK36 LrP3wCMg5A3xi1rQ51AJgf7xqgzhZNbTdb+qyFH2xtNP31RlhJr+nSHADlekhCmc SzOSFC8SEVyIf8S3y0vth7UZA55eN4o0 -----END CERTIFICATE-----Generated at Mon May 12 06:31:29 2025 by rpki-client