$ rpki-client -vvf rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.mft File: NS1M7Db4784NhRINl9keIqNY9Ys.mft (raw, json) Hash identifier: 9VfyHwTfX0MQrWwzvjRYURM3WI76ESzV5C4nmmSz7Ns= Subject key identifier: 5D:BE:F8:7D:11:CC:A5:F5:A7:D0:E8:1E:24:C3:7B:69:21:46:92:4C Authority key identifier: 35:2D:4C:EC:36:F8:EF:CE:0D:85:12:0D:97:D9:1E:22:A3:58:F5:8B Certificate issuer: /CN=A9151AC7/serialNumber=352D4CEC36F8EFCE0D85120D97D91E22A358F58B Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NS1M7Db4784NhRINl9keIqNY9Ys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.mft Manifest number: 21 Signing time: Fri 25 Apr 2025 06:49:36 +0000 Manifest this update: Fri 25 Apr 2025 06:49:35 +0000 Manifest next update: Fri 02 May 2025 06:49:35 +0000 Files and hashes: 1: NS1M7Db4784NhRINl9keIqNY9Ys.crl (hash: DmqyfN3/rWIapqZsSWrBECbagGC6aQjl7KAQLlGkg80=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.crl rsync://rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NS1M7Db4784NhRINl9keIqNY9Ys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:49:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151AC7, serialNumber=352D4CEC36F8EFCE0D85120D97D91E22A358F58B Validity Not Before: Apr 25 06:49:35 2025 GMT Not After : May 2 06:49:35 2025 GMT Subject: CN=680b3080-06fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:eb:51:82:9b:7c:20:7b:d7:25:7c:c5:b2:4c: 1a:bd:ee:25:d0:f5:cd:1b:fd:38:31:70:1c:dd:08: 54:31:3a:f7:e3:9c:6b:be:18:3b:ae:ec:36:73:34: 67:1a:e3:5d:b2:75:87:3d:59:a3:dc:fc:ed:40:d8: 0a:96:99:f9:b7:fb:70:6d:1a:13:14:cb:b3:2e:d4: a2:33:c3:e4:63:b7:66:d6:d2:81:d0:d5:66:db:97: 45:8b:86:80:ce:89:81:18:8c:72:75:d3:88:15:28: bb:a0:f3:92:cf:1b:ef:fa:59:21:84:37:e4:2d:ed: d5:0e:13:21:1f:4e:d2:b9:b1:45:ca:35:74:c7:c2: c7:b6:b7:2b:55:27:df:4f:e1:a1:50:9e:f3:62:98: 70:ed:35:87:98:65:03:c8:31:61:2e:31:f8:4a:d0: 4c:a1:53:64:dd:a7:e7:e1:e9:45:68:a0:78:65:7f: fa:20:28:03:d3:2a:cb:07:db:b5:6a:65:a9:75:53: a1:a0:c6:d4:b8:02:b8:76:24:c4:2e:55:69:a4:96: 53:20:70:66:33:e6:0e:8b:1e:de:c4:99:fa:36:09: 60:04:94:03:9a:c1:19:1a:80:c2:cb:1c:a5:57:31: 66:82:14:7c:98:98:9e:1e:b5:d6:b6:2a:29:6a:a7: 51:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:BE:F8:7D:11:CC:A5:F5:A7:D0:E8:1E:24:C3:7B:69:21:46:92:4C X509v3 Authority Key Identifier: keyid:35:2D:4C:EC:36:F8:EF:CE:0D:85:12:0D:97:D9:1E:22:A3:58:F5:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NS1M7Db4784NhRINl9keIqNY9Ys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151AC7/41A46B50F39711EF9101D210C4F9AE02/NS1M7Db4784NhRINl9keIqNY9Ys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:00:be:af:17:71:bb:d0:58:a9:1d:00:8e:03:7b:db:50:8e: 5a:0b:1c:16:d3:a5:36:3a:61:d1:b2:42:4d:b2:ac:3a:bc:a7: a7:e7:8d:fe:89:dc:84:a4:42:d9:47:eb:a6:ed:66:64:69:17: 13:9b:d9:bc:24:7a:9a:e4:f1:5c:b4:b5:22:df:84:e2:14:0d: 4c:27:95:27:da:61:96:c7:26:c3:3a:6d:4c:67:e8:50:6b:33: e0:89:b5:d6:9b:d7:72:26:cc:ef:30:5e:b7:8a:89:71:1f:b9: 45:cd:b6:94:59:e5:81:b6:99:30:f3:18:7d:a3:d6:33:a5:fa: 69:86:93:b0:bf:3b:7d:d2:9d:e1:af:90:ff:ef:45:a5:5d:ae: 31:a6:2e:e0:a7:d4:45:b8:ac:5d:84:2d:55:67:ac:4a:98:a1: 57:18:8e:10:f4:37:e5:06:6f:1e:30:2d:79:71:2a:da:71:90: 27:87:85:d1:42:55:b8:af:58:12:0b:55:94:8b:b3:71:2a:b9: 5a:72:b3:3a:d4:65:54:a0:73:fc:77:35:cc:12:a6:86:9e:e0: 14:fc:5d:16:4f:0d:a2:1e:a4:00:22:31:a6:32:20:75:f7:44: 66:b0:a0:ec:06:12:58:94:e9:7e:3d:be:63:2b:c3:e4:d4:07: 07:74:48:88 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MUFDNzExMC8GA1UEBRMoMzUyRDRDRUMzNkY4RUZDRTBEODUxMjBEOTdEOTFFMjJB MzU4RjU4QjAeFw0yNTA0MjUwNjQ5MzVaFw0yNTA1MDIwNjQ5MzVaMBgxFjAUBgNV BAMTDTY4MGIzMDgwLTA2ZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC561GCm3wge9clfMWyTBq97iXQ9c0b/TgxcBzdCFQxOvfjnGu+GDuu7DZzNGca 412ydYc9WaPc/O1A2AqWmfm3+3BtGhMUy7Mu1KIzw+Rjt2bW0oHQ1Wbbl0WLhoDO iYEYjHJ104gVKLug85LPG+/6WSGEN+Qt7dUOEyEfTtK5sUXKNXTHwse2tytVJ99P 4aFQnvNimHDtNYeYZQPIMWEuMfhK0EyhU2Tdp+fh6UVooHhlf/ogKAPTKssH27Vq Zal1U6GgxtS4Arh2JMQuVWmkllMgcGYz5g6LHt7Emfo2CWAElAOawRkagMLLHKVX MWaCFHyYmJ4etda2Kilqp1GtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXb74fRHM pfWn0OgeJMN7aSFGkkwwHwYDVR0jBBgwFoAUNS1M7Db4784NhRINl9keIqNY9Ysw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUxQUM3LzQxQTQ2QjUwRjM5 NzExRUY5MTAxRDIxMEM0RjlBRTAyL05TMU03RGI0Nzg0TmhSSU5sOWtlSXFOWTlZ cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTlMxTTdEYjQ3ODROaFJJTmw5a2VJcU5ZOVlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUx QUM3LzQxQTQ2QjUwRjM5NzExRUY5MTAxRDIxMEM0RjlBRTAyL05TMU03RGI0Nzg0 TmhSSU5sOWtlSXFOWTlZcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALkAvq8XcbvQWKkdAI4De9tQjloLHBbTpTY6YdGyQk2yrDq8p6fnjf6J 3ISkQtlH66btZmRpFxOb2bwkeprk8Vy0tSLfhOIUDUwnlSfaYZbHJsM6bUxn6FBr M+CJtdab13ImzO8wXreKiXEfuUXNtpRZ5YG2mTDzGH2j1jOl+mmGk7C/O33SneGv kP/vRaVdrjGmLuCn1EW4rF2ELVVnrEqYoVcYjhD0N+UGbx4wLXlxKtpxkCeHhdFC VbivWBILVZSLs3EquVpyszrUZVSgc/x3NcwSpoae4BT8XRZPDaIepAAiMaYyIHX3 RGawoOwGEliU6X49vmMrw+TUBwd0SIg= -----END CERTIFICATE-----Generated at Sat Apr 26 13:05:37 2025 by rpki-client