$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: xoXdS5zMRrBRSuI+IT6wBUABKAHtO+TWH/Bo932CZTU= Subject key identifier: D0:6A:30:88:A2:73:B5:3E:7A:C2:BD:76:00:76:0B:51:5F:96:8F:BF Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 0174 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 0170 Signing time: Sat 31 May 2025 03:31:33 +0000 Manifest this update: Sat 31 May 2025 03:31:33 +0000 Manifest next update: Sat 07 Jun 2025 03:31:33 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: VuWWmTB9RTAOb/9qCWbadpu83eo9u1rtZMXNS9WcA9I=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: 4YQPxlb6PsWiAtpK43YsiLFyCkQjvUYNK7OStoBKN5I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:31:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 372 (0x174) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: May 31 03:31:33 2025 GMT Not After : Jun 7 03:31:33 2025 GMT Subject: CN=683a7815-3699 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f6:6e:f7:c5:b4:bf:94:60:86:74:62:cf:d4: 82:06:10:c1:5e:fc:b9:5b:7c:cc:b0:19:e2:bb:40: 89:a5:df:af:b1:15:ca:93:ed:4c:80:7d:8c:4f:13: a5:72:cf:1f:5e:71:32:a7:f6:12:cd:28:75:0b:71: f7:a9:bb:ea:37:01:dc:b2:18:6b:95:8d:dd:a4:f4: eb:8b:b1:2d:67:41:09:a1:20:40:c2:09:fa:6e:c4: 38:45:3c:bc:cd:97:c4:c7:f0:8f:8f:c5:f8:84:a3: 4b:c7:3e:8d:9c:0b:23:1e:c9:f5:7d:5c:11:0a:3e: 5e:87:77:48:c0:47:1a:d2:02:16:1e:56:ba:06:a2: 40:8c:38:53:0a:6c:de:96:1f:ab:0c:27:72:db:13: ed:05:ce:e0:f6:97:a0:d5:c5:d1:8c:8a:85:fa:cc: a2:a9:04:a7:10:55:24:50:ab:7a:6d:9c:3a:8a:1d: 45:f5:ac:a5:de:5f:d2:b2:b5:6f:c0:d3:4c:47:77: 91:ec:90:e4:c9:87:c3:01:bc:4e:17:85:31:fe:82: dd:4c:e8:42:39:59:5e:21:47:f6:a9:97:33:76:c6: a7:04:ad:18:aa:83:4f:4f:4e:44:9c:41:6a:f6:6c: b4:92:e5:6b:ca:61:80:e1:8e:35:87:c4:02:98:74: fa:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:6A:30:88:A2:73:B5:3E:7A:C2:BD:76:00:76:0B:51:5F:96:8F:BF X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:97:06:f5:ba:96:bf:47:ea:32:b7:4c:f6:57:54:b8:11:55: df:ec:ab:9d:f5:0d:1e:48:17:bd:50:9c:21:8f:6d:cf:3f:27: 47:c1:26:5f:cd:55:2e:9e:76:e6:09:73:40:da:83:ad:9c:c3: 0e:16:57:94:9d:91:30:ae:32:32:f5:6a:37:d4:70:55:dd:55: 31:c7:e2:74:1c:11:c9:af:a9:b4:41:f1:3e:43:2a:07:90:e7: d0:d6:9a:a2:4f:6f:ed:70:7a:2e:43:e0:ed:bd:4c:1b:85:ac: 05:54:49:b2:75:b6:03:c8:af:f1:02:47:ee:38:e5:7f:49:25: 12:9a:b9:bb:f0:de:bb:92:a5:06:3a:65:d0:af:4f:b7:22:14: 45:0c:a7:84:0a:9d:7c:e8:88:7a:ac:22:c6:d7:1d:b4:a0:ca: 64:e6:81:39:0c:ff:f5:01:8c:52:5d:d3:bd:5c:d0:2a:41:db: cf:c7:a2:00:2e:15:e3:0e:ae:62:a9:d5:54:92:2f:8c:ed:cb: 15:3e:a0:d2:9f:7e:b0:f4:25:09:75:1c:37:27:c1:ea:03:dc: 4a:96:8b:e9:4d:fa:7a:5f:33:ba:15:0e:22:15:38:77:f4:09: 4a:4a:84:fe:68:36:f0:55:83:86:1b:1d:9d:01:31:da:78:92: 03:e4:c5:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUwNTMxMDMzMTMzWhcNMjUwNjA3MDMzMTMzWjAYMRYwFAYD VQQDEw02ODNhNzgxNS0zNjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/Zu98W0v5RghnRiz9SCBhDBXvy5W3zMsBniu0CJpd+vsRXKk+1MgH2MTxOl cs8fXnEyp/YSzSh1C3H3qbvqNwHcshhrlY3dpPTri7EtZ0EJoSBAwgn6bsQ4RTy8 zZfEx/CPj8X4hKNLxz6NnAsjHsn1fVwRCj5eh3dIwEca0gIWHla6BqJAjDhTCmze lh+rDCdy2xPtBc7g9peg1cXRjIqF+syiqQSnEFUkUKt6bZw6ih1F9ayl3l/SsrVv wNNMR3eR7JDkyYfDAbxOF4Ux/oLdTOhCOVleIUf2qZczdsanBK0YqoNPT05EnEFq 9my0kuVrymGA4Y41h8QCmHT6JwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNBqMIii c7U+esK9dgB2C1Fflo+/MB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0lwb1upa/R+oyt0z2V1S4EVXf7Kud9Q0eSBe9UJwhj23PPydHwSZf zVUunnbmCXNA2oOtnMMOFleUnZEwrjIy9Wo31HBV3VUxx+J0HBHJr6m0QfE+QyoH kOfQ1pqiT2/tcHouQ+DtvUwbhawFVEmydbYDyK/xAkfuOOV/SSUSmrm78N67kqUG OmXQr0+3IhRFDKeECp186Ih6rCLG1x20oMpk5oE5DP/1AYxSXdO9XNAqQdvPx6IA LhXjDq5iqdVUki+M7csVPqDSn36w9CUJdRw3J8HqA9xKlovpTfp6XzO6FQ4iFTh3 9AlKSoT+aDbwVYOGGx2dATHaeJID5MVe -----END CERTIFICATE-----Generated at Sat May 31 17:45:04 2025 by rpki-client