$ rpki-client -vvf rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.mft File: NkCMEcVHK4Ikiv_r7tuyDj4Hps0.mft (raw, json) Hash identifier: gy5rUU3nJpZO0qY0oc8v53PvRyJR0ZRB8X4R7N7pAgA= Subject key identifier: 85:11:A0:A2:9D:29:0B:6A:0E:13:F7:68:53:29:DE:70:E5:5E:C7:2D Authority key identifier: 36:40:8C:11:C5:47:2B:82:24:8A:FF:EB:EE:DB:B2:0E:3E:07:A6:CD Certificate issuer: /CN=A913F333/serialNumber=36408C11C5472B82248AFFEBEEDBB20E3E07A6CD Certificate serial: 02AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.mft Manifest number: 029D Signing time: Mon 03 Nov 2025 01:31:26 +0000 Manifest this update: Mon 03 Nov 2025 01:31:26 +0000 Manifest next update: Mon 10 Nov 2025 01:31:26 +0000 Files and hashes: 1: NkCMEcVHK4Ikiv_r7tuyDj4Hps0.crl (hash: ta4mfThaoWe+0KgWCN370VISXiOCdzntZTZMKVARjfU=) 2: 134B439A91B611ED8BA25C80C4F9AE02.roa (hash: jNBzv9AEhkETumwnZVmfkixYJ4ySA7uLCgYaGX6tsDU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.crl rsync://rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:31:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 683 (0x2ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F333, serialNumber=36408C11C5472B82248AFFEBEEDBB20E3E07A6CD Validity Not Before: Nov 3 01:31:26 2025 GMT Not After : Nov 10 01:31:26 2025 GMT Subject: CN=690805ee-5b03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:87:61:ef:f0:8c:5a:d9:28:a8:9d:9c:dc:6a: 8c:36:9d:f8:ed:07:5a:53:f6:5c:ce:55:82:0f:ce: d1:71:21:b3:fb:23:fc:04:61:35:c0:e3:dd:31:fc: 69:a5:10:d7:68:e8:5b:86:75:d0:07:d7:22:76:7a: a6:e1:be:85:e9:0c:3a:a3:2b:ff:cf:b5:90:df:b7: 44:02:1d:3c:e0:e1:64:47:a7:f6:7e:aa:d4:e6:8f: c6:02:fc:06:b9:22:e0:5e:c2:b6:72:6c:a0:3f:df: f5:65:75:71:3a:5c:e7:e2:12:06:2c:c7:fd:55:14: c7:81:8d:e4:0a:f5:7d:ba:b8:7b:90:74:eb:56:cc: 96:c2:a9:08:33:06:33:f8:c9:0f:fd:cd:d1:76:ee: 7b:d3:fc:45:18:1d:c7:5e:05:34:3d:42:b2:43:46: ca:9f:96:33:71:20:98:10:b2:dd:9e:3e:09:1b:48: 21:00:f7:2c:84:c7:8a:04:ba:24:ed:37:2d:80:a5: cb:20:3b:71:f9:ae:68:42:60:0c:a7:d2:ff:f9:59: e5:48:f2:b3:7d:a4:02:d2:87:17:bc:90:12:a5:2f: 7d:4d:91:fe:d3:74:f8:0c:fa:ce:a6:63:5a:f1:59: bf:81:a8:c8:9c:6e:15:2b:be:0d:27:11:43:df:59: c1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:11:A0:A2:9D:29:0B:6A:0E:13:F7:68:53:29:DE:70:E5:5E:C7:2D X509v3 Authority Key Identifier: keyid:36:40:8C:11:C5:47:2B:82:24:8A:FF:EB:EE:DB:B2:0E:3E:07:A6:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F333/DECB65A4239811ED9067226FC4F9AE02/NkCMEcVHK4Ikiv_r7tuyDj4Hps0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:fa:7e:65:c7:80:59:18:2a:23:4e:34:70:31:3b:72:28:c0: 7a:49:1f:cd:43:ca:51:72:d0:e1:9f:2b:ac:f6:85:3e:6f:80: 02:76:2c:4d:d5:35:42:4b:74:c1:9e:72:f5:6a:a3:30:0c:8c: a4:75:a1:0c:02:ff:2c:05:9f:a4:a2:2e:4d:d6:21:78:70:15: 18:a3:8e:c5:ed:aa:b3:a2:ff:fe:a6:da:6a:e9:c3:85:46:8c: 5d:d2:e8:cd:8e:de:c2:76:a9:0a:32:41:04:b9:59:3e:e0:cc: ab:8d:ee:c9:89:5c:61:db:22:e3:f9:37:c6:f8:90:33:df:85: 73:91:af:25:ea:5d:45:08:82:0c:34:83:78:39:f6:b1:99:c2: 56:67:3b:8d:28:47:af:f0:ae:2b:a4:93:de:33:05:5a:6e:2e: 43:98:58:5d:6a:59:92:44:2a:ca:4a:9c:a1:6e:29:e1:54:de: 49:c1:c0:cf:37:aa:56:5f:3f:db:e7:c4:b3:67:43:f4:03:11: 11:e2:93:da:f6:4d:b6:33:56:11:2e:de:16:d7:23:d8:98:d6: 84:75:e4:42:09:13:a0:c4:19:9f:0f:54:5c:7c:dd:84:a6:d8: 0a:c2:31:e5:21:04:98:3b:50:a1:47:18:3a:92:5d:78:cd:e6: 4b:5e:2f:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0YzMzMxMTAvBgNVBAUTKDM2NDA4QzExQzU0NzJCODIyNDhBRkZFQkVFREJCMjBF M0UwN0E2Q0QwHhcNMjUxMTAzMDEzMTI2WhcNMjUxMTEwMDEzMTI2WjAYMRYwFAYD VQQDEw02OTA4MDVlZS01YjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv4dh7/CMWtkoqJ2c3GqMNp347QdaU/ZczlWCD87RcSGz+yP8BGE1wOPdMfxp pRDXaOhbhnXQB9cidnqm4b6F6Qw6oyv/z7WQ37dEAh084OFkR6f2fqrU5o/GAvwG uSLgXsK2cmygP9/1ZXVxOlzn4hIGLMf9VRTHgY3kCvV9urh7kHTrVsyWwqkIMwYz +MkP/c3Rdu570/xFGB3HXgU0PUKyQ0bKn5YzcSCYELLdnj4JG0ghAPcshMeKBLok 7TctgKXLIDtx+a5oQmAMp9L/+VnlSPKzfaQC0ocXvJASpS99TZH+03T4DPrOpmNa 8Vm/gajInG4VK74NJxFD31nBcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIURoKKd KQtqDhP3aFMp3nDlXsctMB8GA1UdIwQYMBaAFDZAjBHFRyuCJIr/6+7bsg4+B6bN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjMzMy9ERUNCNjVBNDIz OTgxMUVEOTA2NzIyNkZDNEY5QUUwMi9Oa0NNRWNWSEs0SWtpdl9yN3R1eURqNEhw czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05rQ01FY1ZISzRJa2l2X3I3dHV5RGo0SHBzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjMzMy9ERUNCNjVBNDIzOTgxMUVEOTA2NzIyNkZDNEY5QUUwMi9Oa0NNRWNWSEs0 SWtpdl9yN3R1eURqNEhwczAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAx+n5lx4BZGCojTjRwMTtyKMB6SR/NQ8pRctDhnyus9oU+b4ACdixN 1TVCS3TBnnL1aqMwDIykdaEMAv8sBZ+koi5N1iF4cBUYo47F7aqzov/+ptpq6cOF Roxd0ujNjt7CdqkKMkEEuVk+4Myrje7JiVxh2yLj+TfG+JAz34Vzka8l6l1FCIIM NIN4OfaxmcJWZzuNKEev8K4rpJPeMwVabi5DmFhdalmSRCrKSpyhbinhVN5JwcDP N6pWXz/b58SzZ0P0AxER4pPa9k22M1YRLt4W1yPYmNaEdeRCCROgxBmfD1RcfN2E ptgKwjHlIQSYO1ChRxg6kl14zeZLXi8Y -----END CERTIFICATE-----Generated at Tue Nov 4 12:34:16 2025 by rpki-client