$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: AzBIwVxcWyzTM2NrG8U+65ENLPY+b4WFkT3prscNzSQ= Subject key identifier: B4:0F:3D:76:F3:97:9D:BB:CD:55:7A:73:B6:0C:78:D5:6F:2D:7F:68 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 02DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 02D6 Signing time: Sat 09 Aug 2025 01:54:44 +0000 Manifest this update: Sat 09 Aug 2025 01:54:43 +0000 Manifest next update: Sat 16 Aug 2025 01:54:43 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: +t+l61gvB4BhlHV/JPd8ThbFUsa74JhPh+Uc55rZmR8=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 731 (0x2db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: Aug 9 01:54:43 2025 GMT Not After : Aug 16 01:54:43 2025 GMT Subject: CN=6896aa64-c033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d4:b7:1b:4f:28:fe:21:a8:bf:25:ea:ca:76: de:89:d7:a1:a9:03:ec:7c:d6:12:21:a4:02:fb:09: c7:08:f7:4f:07:d7:db:60:13:b1:8a:dd:bd:ca:b2: 59:77:26:b4:d7:1f:ef:23:c8:a7:f9:27:a3:e9:45: b7:7c:1d:7b:32:9c:bd:95:df:4f:05:93:15:ad:8c: 7e:77:1e:eb:24:00:51:3f:9d:b6:a6:5a:33:36:1d: ef:f7:09:0f:ca:1f:19:4a:fd:9f:b0:aa:5f:3f:25: e9:fe:98:d0:aa:9f:1e:68:56:a3:a5:f1:b0:0f:bf: c9:51:62:f9:7f:12:50:7e:89:59:fc:4f:50:5b:dc: 39:ec:28:82:91:b1:a1:35:c8:8b:7a:33:bf:5e:40: fe:8d:b8:f9:a5:0d:c0:0c:48:73:f2:1b:ab:28:c7: 85:a4:88:e7:7f:63:3d:0a:b7:ce:f3:aa:bb:dc:8b: 16:f5:dc:b6:e7:28:88:cc:8b:70:a1:52:23:4c:bf: 33:dd:b1:0b:76:cb:bc:6c:2a:ec:73:8b:81:f3:b8: 8f:2f:5b:66:df:50:7b:b9:15:28:22:fd:d3:31:6f: 5c:f0:e0:54:ae:b4:6f:91:52:8f:c4:49:30:af:fe: f8:1a:8d:bf:32:d8:09:53:e7:f9:b2:c7:e1:d7:13: c2:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:0F:3D:76:F3:97:9D:BB:CD:55:7A:73:B6:0C:78:D5:6F:2D:7F:68 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:58:cb:fc:70:f3:22:3e:0a:8c:da:35:ba:82:3a:2c:8f:42: ed:57:b6:e0:36:00:8a:31:26:f9:86:c3:8f:94:0b:b5:81:1e: b4:fa:da:3d:e0:e8:52:d0:42:a8:33:32:0e:52:d2:09:d5:48: bc:0d:92:3b:af:4a:74:34:b7:a4:84:31:f8:6f:29:24:1e:79: 42:5f:50:c4:72:5c:7f:20:5f:87:a4:c4:eb:31:eb:d9:f2:15: 56:0a:ce:93:b4:1c:49:a2:ad:5f:aa:19:d3:9a:80:32:f6:61: 44:b5:df:e3:ed:23:7d:9b:2b:1b:40:c0:1a:e1:d0:f0:83:b7: 6e:fa:51:49:9e:65:e3:40:26:c9:70:44:a8:f8:7a:8f:7d:23: cd:80:39:77:0e:9f:00:ee:bd:0e:33:99:0d:71:74:ae:b1:7a: a5:25:b3:df:08:37:c7:77:f2:bd:6d:02:bb:42:81:11:1d:03: 51:c7:e2:ee:bd:ab:83:7c:f6:3c:ce:fd:65:cb:70:9d:9f:8a: 03:fc:ba:38:f5:54:4a:a5:51:b0:1b:48:c3:7a:af:2d:1d:b1: 67:0a:ba:32:6a:f2:ff:02:31:46:88:bb:55:6f:db:1d:6a:b8: 70:11:4e:1b:25:00:37:c7:37:92:71:e0:4d:29:f9:e6:ad:68: 21:d2:b5:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjUwODA5MDE1NDQzWhcNMjUwODE2MDE1NDQzWjAYMRYwFAYD VQQDEw02ODk2YWE2NC1jMDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzdS3G08o/iGovyXqynbeidehqQPsfNYSIaQC+wnHCPdPB9fbYBOxit29yrJZ dya01x/vI8in+Sej6UW3fB17Mpy9ld9PBZMVrYx+dx7rJABRP522plozNh3v9wkP yh8ZSv2fsKpfPyXp/pjQqp8eaFajpfGwD7/JUWL5fxJQfolZ/E9QW9w57CiCkbGh NciLejO/XkD+jbj5pQ3ADEhz8hurKMeFpIjnf2M9CrfO86q73IsW9dy25yiIzItw oVIjTL8z3bELdsu8bCrsc4uB87iPL1tm31B7uRUoIv3TMW9c8OBUrrRvkVKPxEkw r/74Go2/MtgJU+f5ssfh1xPCGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQPPXbz l527zVV6c7YMeNVvLX9oMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFWMv8cPMiPgqM2jW6gjosj0LtV7bgNgCKMSb5hsOPlAu1gR60+to9 4OhS0EKoMzIOUtIJ1Ui8DZI7r0p0NLekhDH4bykkHnlCX1DEclx/IF+HpMTrMevZ 8hVWCs6TtBxJoq1fqhnTmoAy9mFEtd/j7SN9mysbQMAa4dDwg7du+lFJnmXjQCbJ cESo+HqPfSPNgDl3Dp8A7r0OM5kNcXSusXqlJbPfCDfHd/K9bQK7QoERHQNRx+Lu vauDfPY8zv1ly3Cdn4oD/Lo49VRKpVGwG0jDeq8tHbFnCroyavL/AjFGiLtVb9sd arhwEU4bJQA3xzeSceBNKfnmrWgh0rW4 -----END CERTIFICATE-----Generated at Sun Aug 10 13:46:44 2025 by rpki-client