$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft File: NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft (raw, json) Hash identifier: tMEZY+G5gLtC1nX9+Lhe+VqRgBlXN3IOsBs2h4sEOS8= Subject key identifier: 24:5D:BA:A8:B0:B2:91:8C:6D:16:C2:2D:0F:04:85:E1:E1:78:68:49 Authority key identifier: 37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A Certificate issuer: /CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Certificate serial: 11BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft Manifest number: 118B Signing time: Fri 30 May 2025 17:25:27 +0000 Manifest this update: Fri 30 May 2025 17:25:27 +0000 Manifest next update: Fri 06 Jun 2025 17:25:27 +0000 Files and hashes: 1: NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl (hash: hIcjvWA4Skxdms2hpbw2H478lErYFWLKqgb7pfge/JQ=) 2: 7F7F1470091D11F0B7E95627C4F9AE02.roa (hash: hpmM9pfcrUFnNRets4Cm3b/cVvffA5StG3HyqAHQxOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:25:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4538 (0x11ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE7DE, serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Validity Not Before: May 30 17:25:27 2025 GMT Not After : Jun 6 17:25:27 2025 GMT Subject: CN=6839ea07-01f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:57:a5:04:71:74:da:4e:ee:70:ee:e3:2e:e0: d0:f3:5d:21:ac:4f:b6:e7:9f:c1:d7:e8:95:8b:b2: b2:21:e0:40:06:0c:5f:9f:79:72:db:5f:ae:1e:2d: 5d:3c:07:0b:6c:71:da:e8:59:9b:5b:b9:c4:03:2e: 6d:bf:66:c6:b1:f9:58:1b:0f:ea:33:5e:96:08:32: 80:04:cc:7c:87:3b:bc:00:94:28:f3:f5:30:9c:60: 96:74:ad:32:fa:18:1b:ba:a4:8c:c4:d7:9d:15:50: c4:e2:d3:27:1d:b9:8b:84:b6:7b:8b:8e:35:c4:81: eb:7a:fa:c4:1e:27:8a:48:ef:59:c8:74:92:55:8e: ee:0b:6d:81:ab:26:8a:24:11:2c:13:c6:38:d5:2d: 16:34:09:e0:90:b3:60:0e:80:1a:78:9b:26:bf:bd: a2:aa:25:4d:06:63:1b:99:f0:8b:a5:10:dd:d3:03: 8a:82:7d:27:d0:eb:57:63:79:b0:ff:57:cc:5d:69: 96:e9:9d:01:e7:b7:ce:91:ab:76:25:5d:f7:a6:bc: 3a:12:2e:bd:ae:7a:ea:1b:0a:a7:6c:43:d9:5c:02: a6:97:85:05:95:30:42:94:8e:fc:3e:39:0b:ad:1a: 37:92:08:56:37:d6:63:eb:4c:3f:91:41:39:48:96: 5b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:5D:BA:A8:B0:B2:91:8C:6D:16:C2:2D:0F:04:85:E1:E1:78:68:49 X509v3 Authority Key Identifier: keyid:37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:c5:a9:2f:c4:44:1a:0f:47:1d:e9:13:b9:85:cf:32:33:d8: b0:b7:a0:b8:3e:8f:13:4e:29:66:d8:2b:0a:64:24:12:cb:68: 6c:63:6b:1b:c7:5c:b6:8f:e4:d6:28:9d:57:79:25:fa:e1:95: c1:87:7e:7a:16:5b:65:c5:04:1d:9e:81:05:d1:d1:18:1f:81: 5a:e6:03:6f:8f:ab:97:14:0c:ba:ed:0a:e9:9c:c7:d7:d8:58: 58:cf:7a:30:a6:3b:5c:25:6a:ce:97:5c:96:85:1b:c6:9e:02: 3f:10:e4:25:20:33:b3:b1:49:6b:21:3e:89:b0:04:87:ac:86: f4:6e:74:69:2b:7f:0f:42:4f:50:14:b6:16:68:1a:ac:53:23: 17:8b:8b:6f:77:d2:1a:b6:fc:f2:3c:04:ef:41:18:ac:93:ec: c0:31:42:38:44:04:8d:e5:ca:04:7f:c1:1b:98:c8:c9:25:f0: e1:ea:b7:09:d8:84:bf:a3:d0:00:6e:a2:9e:78:ef:7d:6d:1b: 64:fb:40:7f:06:1f:dc:de:20:3e:43:56:c6:7e:87:f6:65:27: c4:c5:ae:22:46:52:03:b1:a8:64:8e:45:63:41:0f:9f:dc:7b: 26:75:81:2f:6c:af:ed:56:a8:2e:13:20:8c:77:3e:f1:ce:29: 1f:bc:d2:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU3REUxMTAvBgNVBAUTKDM3MTI3M0NGRDhDMkM5MDhCNjkxRDZCRUExNzVFOERF ODJCRDQzOUEwHhcNMjUwNTMwMTcyNTI3WhcNMjUwNjA2MTcyNTI3WjAYMRYwFAYD VQQDEw02ODM5ZWEwNy0wMWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkVelBHF02k7ucO7jLuDQ810hrE+255/B1+iVi7KyIeBABgxfn3ly21+uHi1d PAcLbHHa6FmbW7nEAy5tv2bGsflYGw/qM16WCDKABMx8hzu8AJQo8/UwnGCWdK0y +hgbuqSMxNedFVDE4tMnHbmLhLZ7i441xIHrevrEHieKSO9ZyHSSVY7uC22BqyaK JBEsE8Y41S0WNAngkLNgDoAaeJsmv72iqiVNBmMbmfCLpRDd0wOKgn0n0OtXY3mw /1fMXWmW6Z0B57fOkat2JV33prw6Ei69rnrqGwqnbEPZXAKml4UFlTBClI78PjkL rRo3kghWN9Zj60w/kUE5SJZbaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCRduqiw spGMbRbCLQ8EheHheGhJMB8GA1UdIwQYMBaAFDcSc8/YwskItpHWvqF16N6CvUOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTdERS9DRUUzRDcxODA0 RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lRaTJrZGEtb1hYbzNvSzlR NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL054Snp6OWpDeVFpMmtkYS1vWFhvM29LOVE1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTdERS9DRUUzRDcxODA0RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lR aTJrZGEtb1hYbzNvSzlRNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4xakvxEQaD0cd6RO5hc8yM9iwt6C4Po8TTilm2CsKZCQSy2hsY2sb x1y2j+TWKJ1XeSX64ZXBh356FltlxQQdnoEF0dEYH4Fa5gNvj6uXFAy67QrpnMfX 2FhYz3owpjtcJWrOl1yWhRvGngI/EOQlIDOzsUlrIT6JsASHrIb0bnRpK38PQk9Q FLYWaBqsUyMXi4tvd9IatvzyPATvQRisk+zAMUI4RASN5coEf8EbmMjJJfDh6rcJ 2IS/o9AAbqKeeO99bRtk+0B/Bh/c3iA+Q1bGfof2ZSfExa4iRlIDsahkjkVjQQ+f 3HsmdYEvbK/tVqguEyCMdz7xzikfvNId -----END CERTIFICATE-----Generated at Sat May 31 17:02:20 2025 by rpki-client