$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft File: NM2mWwLxdr_CSHhNqprIp74WU9s.mft (raw, json) Hash identifier: AIeHp89jb1yMKCWpaWuPI+EvY14ubwSWPrH8huMfAPk= Subject key identifier: B5:77:6B:CA:48:3F:78:E1:A7:01:5E:14:2C:30:7F:75:28:F5:D6:90 Authority key identifier: 34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB Certificate issuer: /CN=A91E3DDB/serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft Manifest number: 3A Signing time: Fri 19 Sep 2025 08:22:11 +0000 Manifest this update: Fri 19 Sep 2025 08:22:11 +0000 Manifest next update: Fri 26 Sep 2025 08:22:11 +0000 Files and hashes: 1: NM2mWwLxdr_CSHhNqprIp74WU9s.crl (hash: +/eBlfN7lZwx3MQxvYCkN3VJoRRRCDUTG2mWcxYZUps=) 2: B24F568A4C7A11F09CF1A77BC4F9AE02.roa (hash: iZRDXQppbsQwPvsyTvXzZpqvjaraKsPpnctxXUoNoxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 08:22:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3DDB, serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Validity Not Before: Sep 19 08:22:11 2025 GMT Not After : Sep 26 08:22:11 2025 GMT Subject: CN=68cd12b3-52f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a8:bb:65:ce:6b:2c:4b:6e:d7:31:86:19:70: b8:1b:5a:86:de:5f:5a:cf:a5:26:50:ee:30:0a:09: 14:d0:4a:5e:ec:38:a6:0e:b9:d8:d4:f0:46:dd:7c: ec:23:e8:3f:dd:18:01:a6:f7:ce:c8:53:1c:19:af: 2d:de:b8:ba:e7:85:de:61:50:94:01:4a:a9:ca:4e: 73:28:9d:24:ea:f8:df:14:66:54:a4:29:fa:4c:1f: 11:ae:51:79:6a:49:1c:ef:8d:d8:7d:2b:03:93:48: 39:91:02:b4:c0:07:5c:71:1c:e9:80:f6:bf:7d:49: 69:0d:90:12:aa:13:92:e0:4c:97:e6:0f:10:62:02: 67:32:d4:e6:e8:ae:51:57:f3:3e:9a:db:c6:df:a3: bd:3d:78:db:19:8a:79:ae:93:61:f7:f7:50:a3:36: 1b:4b:48:5e:8f:d9:12:e0:58:8e:19:18:cb:e9:3f: 24:b4:e9:42:da:e9:8d:34:68:4a:5a:0f:ea:9c:1d: 32:22:0b:24:82:5f:05:df:da:94:b5:18:90:8f:a2: e3:16:21:c1:ed:92:a6:91:98:32:c8:84:21:6c:d6: 4c:49:7c:ab:7b:81:57:c3:62:1c:64:6c:4f:5f:5c: cf:7c:ae:41:d9:fb:b6:fd:96:86:cf:06:46:cb:6f: b0:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:77:6B:CA:48:3F:78:E1:A7:01:5E:14:2C:30:7F:75:28:F5:D6:90 X509v3 Authority Key Identifier: keyid:34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:b6:75:a2:88:51:7d:6e:4b:33:e7:50:bb:66:6c:bc:aa:5a: 1b:4a:c2:b1:c9:56:da:3e:1e:90:05:b4:5f:64:37:22:88:3a: 0d:ef:57:e7:06:c3:9b:3d:e4:75:af:48:75:11:52:6b:a4:b5: 43:f7:02:3a:22:85:68:f3:7f:7d:6b:98:70:25:c7:ca:5d:c8: 97:3d:d1:63:7d:a3:54:5b:e8:37:bb:3a:5c:ed:f5:e0:f7:53: cc:6e:5b:90:f1:4b:56:47:d8:d9:46:8c:02:d3:ad:0f:14:a7: bd:86:90:80:72:d7:2f:73:c2:30:1b:98:99:95:8a:49:ff:13: 62:36:64:22:96:34:41:45:b0:e7:b3:a3:1a:d4:6d:d3:f9:6a: e8:b6:42:17:00:83:fa:74:44:2b:60:b4:47:fb:ef:da:69:07: 2a:fa:d2:30:c2:da:45:b7:22:2d:ac:a2:a6:37:6b:6c:ea:08: 38:89:c7:01:5d:ad:12:5b:38:51:fc:59:5e:de:d2:6b:76:e2: 7b:3c:69:0a:53:6d:0f:dd:bf:bf:f6:67:57:28:32:4d:72:de: fe:99:c1:a9:66:97:87:72:77:93:c1:67:18:fb:31:77:04:8a: 8b:48:76:7a:48:6d:4f:4e:3a:30:7f:f3:1a:86:25:cd:6b:44: bb:42:64:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0REQjExMC8GA1UEBRMoMzRDREE2NUIwMkYxNzZCRkMyNDg3ODREQUE5QUM4QTdC RTE2NTNEQjAeFw0yNTA5MTkwODIyMTFaFw0yNTA5MjYwODIyMTFaMBgxFjAUBgNV BAMTDTY4Y2QxMmIzLTUyZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDdqLtlzmssS27XMYYZcLgbWobeX1rPpSZQ7jAKCRTQSl7sOKYOudjU8EbdfOwj 6D/dGAGm987IUxwZry3euLrnhd5hUJQBSqnKTnMonSTq+N8UZlSkKfpMHxGuUXlq SRzvjdh9KwOTSDmRArTAB1xxHOmA9r99SWkNkBKqE5LgTJfmDxBiAmcy1OborlFX 8z6a28bfo709eNsZinmuk2H391CjNhtLSF6P2RLgWI4ZGMvpPyS06ULa6Y00aEpa D+qcHTIiCySCXwXf2pS1GJCPouMWIcHtkqaRmDLIhCFs1kxJfKt7gVfDYhxkbE9f XM98rkHZ+7b9lobPBkbLb7ARAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtXdrykg/ eOGnAV4ULDB/dSj11pAwHwYDVR0jBBgwFoAUNM2mWwLxdr/CSHhNqprIp74WU9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRERCLzBFM0JEQUVDNDcy NDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJfQ1NIaE5xcHJJcDc0V1U5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTk0ybVd3THhkcl9DU0hoTnFwcklwNzRXVTlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RERCLzBFM0JEQUVDNDcyNDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJf Q1NIaE5xcHJJcDc0V1U5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFS2daKIUX1uSzPnULtmbLyqWhtKwrHJVto+HpAFtF9kNyKIOg3vV+cG w5s95HWvSHURUmuktUP3AjoihWjzf31rmHAlx8pdyJc90WN9o1Rb6De7Olzt9eD3 U8xuW5DxS1ZH2NlGjALTrQ8Up72GkIBy1y9zwjAbmJmVikn/E2I2ZCKWNEFFsOez oxrUbdP5aui2QhcAg/p0RCtgtEf779ppByr60jDC2kW3Ii2soqY3a2zqCDiJxwFd rRJbOFH8WV7e0mt24ns8aQpTbQ/dv7/2Z1coMk1y3v6Zwalml4dyd5PBZxj7MXcE iotIdnpIbU9OOjB/8xqGJc1rRLtCZJE= -----END CERTIFICATE-----Generated at Sat Sep 20 05:51:14 2025 by rpki-client