$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: dHVJydPKZXbxoeb8/76nHW5OcQVmqQ0Bc2z7iN4P83Q= Subject key identifier: FE:3D:46:A5:72:E4:A2:24:8F:A5:11:D3:DB:66:01:C9:22:CA:FE:08 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 02A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 02A1 Signing time: Fri 25 Apr 2025 01:17:38 +0000 Manifest this update: Fri 25 Apr 2025 01:17:38 +0000 Manifest next update: Fri 02 May 2025 01:17:38 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: tqk98vhi9+QcaIdoPtVAZvO9MIkkQaO4ib6QRFfqZMk=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:17:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 678 (0x2a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: Apr 25 01:17:38 2025 GMT Not After : May 2 01:17:38 2025 GMT Subject: CN=680ae2b2-25b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7a:d8:70:f0:e2:9c:1f:cb:2e:61:14:fd:0b: d6:c8:ed:42:f3:64:0a:7e:d0:39:15:67:39:42:03: 15:94:8b:4c:10:2c:b6:6e:9f:8e:f1:85:1f:6e:6c: 65:f3:64:4a:2a:3f:36:41:4d:6f:3f:9a:ff:33:c2: 4a:96:eb:71:6b:9a:f2:4f:71:c9:07:35:e4:fd:6b: 80:64:92:a3:6c:ec:2a:f1:a6:26:d8:d9:06:67:5f: 4a:50:97:9f:75:c2:c7:64:49:00:6b:62:9c:61:9e: 2c:7b:46:3a:4c:e4:ed:5d:31:f8:ea:66:55:80:0b: e4:93:b4:c4:09:c7:b0:24:a9:7c:2d:21:df:13:24: 72:2c:99:70:7a:f8:c4:db:34:3f:82:a4:74:ee:fa: c8:5f:b3:2d:bf:48:b9:77:48:83:13:ba:71:4c:69: bb:9b:a2:ac:6d:c5:92:4e:33:d9:a3:df:a2:a7:e7: 49:a7:95:fe:cf:b0:a4:7e:0b:a8:e2:84:f8:72:0c: f8:09:12:d2:33:84:4c:87:6b:87:f1:76:df:7b:a7: b9:4d:e0:b7:8a:d1:fe:31:f5:bc:8a:9c:e3:28:de: 17:60:87:c9:e1:f2:f4:62:c4:cc:f4:95:89:cb:44: 8f:9b:70:ae:47:98:24:db:d1:ae:87:40:92:d4:25: b0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:3D:46:A5:72:E4:A2:24:8F:A5:11:D3:DB:66:01:C9:22:CA:FE:08 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:84:4a:ae:5f:1d:7a:2a:6a:09:53:d8:b5:79:0f:fc:26:21: c7:63:2a:37:73:7c:bf:ef:e1:7f:ba:93:30:5b:51:9e:83:66: 86:a3:89:e3:98:dc:59:54:e1:49:5c:47:38:ae:c6:f7:f1:cd: 33:58:d6:4b:2e:11:05:fb:68:df:da:e2:ff:40:49:7c:41:0d: f5:46:a3:d8:ec:5b:83:da:be:1a:e1:1a:5e:08:f9:a2:65:a8: 27:d7:70:b3:ff:08:c7:e8:5a:53:32:78:1c:3d:f7:f4:73:ea: a6:e1:d6:e7:fe:08:3a:b9:71:5e:d0:5e:55:2a:70:5b:d7:8e: 90:b4:f9:e7:2b:13:b3:f1:03:d0:46:76:a5:a5:e5:1c:f5:d9: 86:09:61:7d:91:4c:76:32:56:53:dd:eb:b1:d9:4a:fd:db:70: 72:f5:1e:b8:84:fb:10:9b:cd:7c:c0:30:2f:13:3a:37:43:d7: 75:d3:9d:27:14:f2:c4:d7:2b:ff:0c:6b:8f:8e:79:fc:58:9b: 6f:ad:87:b9:5e:70:16:1b:49:11:f1:ea:13:1c:ab:c9:b6:7c: 7f:fd:dd:ca:9e:a4:8f:18:51:00:a7:db:98:7b:f7:ee:b6:de: 32:5e:51:2f:40:43:95:c5:a2:27:fd:df:8d:8e:3a:e3:82:72: 4f:e4:ba:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjUwNDI1MDExNzM4WhcNMjUwNTAyMDExNzM4WjAYMRYwFAYD VQQDEw02ODBhZTJiMi0yNWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA13rYcPDinB/LLmEU/QvWyO1C82QKftA5FWc5QgMVlItMECy2bp+O8YUfbmxl 82RKKj82QU1vP5r/M8JKlutxa5ryT3HJBzXk/WuAZJKjbOwq8aYm2NkGZ19KUJef dcLHZEkAa2KcYZ4se0Y6TOTtXTH46mZVgAvkk7TECcewJKl8LSHfEyRyLJlwevjE 2zQ/gqR07vrIX7Mtv0i5d0iDE7pxTGm7m6KsbcWSTjPZo9+ip+dJp5X+z7Ckfguo 4oT4cgz4CRLSM4RMh2uH8Xbfe6e5TeC3itH+MfW8ipzjKN4XYIfJ4fL0YsTM9JWJ y0SPm3CuR5gk29Guh0CS1CWw0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP49RqVy 5KIkj6UR09tmAckiyv4IMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZhEquXx16KmoJU9i1eQ/8JiHHYyo3c3y/7+F/upMwW1Geg2aGo4nj mNxZVOFJXEc4rsb38c0zWNZLLhEF+2jf2uL/QEl8QQ31RqPY7FuD2r4a4RpeCPmi Zagn13Cz/wjH6FpTMngcPff0c+qm4dbn/gg6uXFe0F5VKnBb146QtPnnKxOz8QPQ RnalpeUc9dmGCWF9kUx2MlZT3eux2Ur923By9R64hPsQm818wDAvEzo3Q9d1050n FPLE1yv/DGuPjnn8WJtvrYe5XnAWG0kR8eoTHKvJtnx//d3KnqSPGFEAp9uYe/fu tt4yXlEvQEOVxaIn/d+NjjrjgnJP5Lrn -----END CERTIFICATE-----Generated at Sat Apr 26 12:25:24 2025 by rpki-client