$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft File: NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft (raw, json) Hash identifier: q/1aL0SRDIY16PVDZLjbJ1pBfuQuHRX7aYbKurXlVVE= Subject key identifier: CE:29:82:12:AE:23:6E:34:E3:F7:38:87:3A:CE:94:AC:09:03:41:23 Authority key identifier: 37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A Certificate issuer: /CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Certificate serial: 11EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft Manifest number: 11C0 Signing time: Wed 10 Sep 2025 17:20:28 +0000 Manifest this update: Wed 10 Sep 2025 17:20:27 +0000 Manifest next update: Wed 17 Sep 2025 17:20:27 +0000 Files and hashes: 1: NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl (hash: kl3AtwgfTXQu6ejVXdzd16oV7GUHSxu0057MeURvmcY=) 2: 7F7F1470091D11F0B7E95627C4F9AE02.roa (hash: hpmM9pfcrUFnNRets4Cm3b/cVvffA5StG3HyqAHQxOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 17:20:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4591 (0x11ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE7DE, serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Validity Not Before: Sep 10 17:20:27 2025 GMT Not After : Sep 17 17:20:27 2025 GMT Subject: CN=68c1b35b-e598 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:46:fd:b2:9d:8e:3d:ec:56:7e:3f:5d:84:0d: 99:b9:3b:95:be:f2:b7:51:70:1b:da:5a:06:c0:19: 17:56:0b:dd:90:31:b8:70:20:4e:e8:1b:5e:6d:79: 78:6f:df:32:ef:74:6f:bf:8a:d5:90:2d:9f:48:89: d5:71:80:e9:4b:75:3d:9d:33:5f:fb:41:76:7c:02: 2b:f6:53:9e:7d:ac:47:71:ad:9e:1b:0d:16:66:6a: 99:37:23:63:81:4d:cf:f2:35:1e:2b:0b:8a:7d:a2: a5:b6:0e:d0:0d:2f:78:6e:8d:ca:b7:ad:90:c2:85: c6:97:1a:86:7a:24:db:2f:cd:ee:e1:b1:d6:b3:f3: 9a:f0:ba:7c:d3:9d:fc:81:fa:f6:db:77:34:4d:46: 12:72:7c:e4:4a:75:2e:cd:fc:27:17:4b:63:7e:90: b9:dd:01:3e:24:6c:48:6e:83:65:37:25:b0:74:da: f4:c0:35:97:ec:75:4e:a7:06:db:88:18:47:75:ba: 7a:f1:72:59:21:67:d8:41:97:ed:72:21:65:5c:be: 19:59:9a:7e:a4:c2:e2:21:67:06:22:ea:ef:6f:2a: 25:af:7f:54:e5:89:bb:04:51:c2:ad:1f:c2:1b:8e: 85:7d:13:8d:3c:8d:f8:27:24:e9:da:58:c8:ff:0e: cb:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:29:82:12:AE:23:6E:34:E3:F7:38:87:3A:CE:94:AC:09:03:41:23 X509v3 Authority Key Identifier: keyid:37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:2e:8f:3c:6a:ef:9a:21:a6:b2:74:ce:cb:09:20:bd:10:bb: f5:82:79:9f:02:d8:b9:82:61:82:d1:74:65:44:28:01:d6:ee: b5:0f:f1:51:dd:c8:97:a8:90:91:59:0a:56:00:f2:6b:06:ad: 5a:8f:2e:4f:8e:2f:8c:da:b6:c0:3a:aa:19:a2:48:0a:8b:46: 4f:76:90:9a:82:02:8b:e8:bb:4c:87:aa:aa:0d:3a:f4:97:4a: f3:88:64:48:20:e1:2b:3e:05:d4:78:e8:73:f4:b2:56:81:2f: db:cd:da:1e:42:8f:d0:ed:2c:fc:91:99:95:e2:28:06:41:9d: ed:72:fe:8b:e9:9d:a6:08:69:3b:ea:45:fe:c9:3f:36:3c:7d: f0:a2:7e:b8:5d:43:f7:52:44:df:d0:53:1c:61:5c:5b:0f:07: b1:3c:9e:93:54:a1:44:ed:28:8b:45:0e:8a:55:d8:08:16:d5: 2e:3c:e6:42:76:ac:2d:e5:6e:dd:77:ae:b1:6f:83:af:67:77: 68:b8:be:c3:4c:b3:a3:4a:e5:e5:dc:be:3b:ea:56:ea:27:d8: e3:24:3c:45:37:8d:f9:31:0f:a0:52:0e:15:f0:15:af:b8:c5: f2:bc:6a:77:b8:50:bd:51:1e:fa:11:b7:c8:5b:d1:3f:95:7f: 8a:2b:6b:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU3REUxMTAvBgNVBAUTKDM3MTI3M0NGRDhDMkM5MDhCNjkxRDZCRUExNzVFOERF ODJCRDQzOUEwHhcNMjUwOTEwMTcyMDI3WhcNMjUwOTE3MTcyMDI3WjAYMRYwFAYD VQQDEw02OGMxYjM1Yi1lNTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu0b9sp2OPexWfj9dhA2ZuTuVvvK3UXAb2loGwBkXVgvdkDG4cCBO6BtebXl4 b98y73Rvv4rVkC2fSInVcYDpS3U9nTNf+0F2fAIr9lOefaxHca2eGw0WZmqZNyNj gU3P8jUeKwuKfaKltg7QDS94bo3Kt62QwoXGlxqGeiTbL83u4bHWs/Oa8Lp80538 gfr223c0TUYScnzkSnUuzfwnF0tjfpC53QE+JGxIboNlNyWwdNr0wDWX7HVOpwbb iBhHdbp68XJZIWfYQZftciFlXL4ZWZp+pMLiIWcGIurvbyolr39U5Ym7BFHCrR/C G46FfRONPI34JyTp2ljI/w7LgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM4pghKu I2404/c4hzrOlKwJA0EjMB8GA1UdIwQYMBaAFDcSc8/YwskItpHWvqF16N6CvUOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTdERS9DRUUzRDcxODA0 RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lRaTJrZGEtb1hYbzNvSzlR NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL054Snp6OWpDeVFpMmtkYS1vWFhvM29LOVE1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTdERS9DRUUzRDcxODA0RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lR aTJrZGEtb1hYbzNvSzlRNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwLo88au+aIaaydM7LCSC9ELv1gnmfAti5gmGC0XRlRCgB1u61D/FR 3ciXqJCRWQpWAPJrBq1ajy5Pji+M2rbAOqoZokgKi0ZPdpCaggKL6LtMh6qqDTr0 l0rziGRIIOErPgXUeOhz9LJWgS/bzdoeQo/Q7Sz8kZmV4igGQZ3tcv6L6Z2mCGk7 6kX+yT82PH3won64XUP3UkTf0FMcYVxbDwexPJ6TVKFE7SiLRQ6KVdgIFtUuPOZC dqwt5W7dd66xb4OvZ3douL7DTLOjSuXl3L476lbqJ9jjJDxFN435MQ+gUg4V8BWv uMXyvGp3uFC9UR76EbfIW9E/lX+KK2sB -----END CERTIFICATE-----Generated at Thu Sep 11 06:32:30 2025 by rpki-client