$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft File: NNz0cp9FgmKIjvB6K9RnX24xE4A.mft (raw, json) Hash identifier: JSgRKkcSuGIqmFyTfvc7ZbHntdPD9DkoK3W/4tmSxNg= Subject key identifier: C2:4C:76:DB:8E:00:EC:9F:A1:6A:7A:71:6B:D3:D3:82:A5:9D:9D:83 Authority key identifier: 34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 Certificate issuer: /CN=A9157B7F/serialNumber=34DCF4729F458262888EF07A2BD4675F6E311380 Certificate serial: 0682 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft Manifest number: 067B Signing time: Thu 24 Apr 2025 22:06:06 +0000 Manifest this update: Thu 24 Apr 2025 22:06:06 +0000 Manifest next update: Thu 01 May 2025 22:06:06 +0000 Files and hashes: 1: NNz0cp9FgmKIjvB6K9RnX24xE4A.crl (hash: jp+2WrphFmcYEtN+eIZo6VhFhc/5bVvds7yrMijx2iY=) 2: AE27A8A671B311EBB90BB364C4F9AE02.roa (hash: zKqUOk2enQVo+KwTKKBvY1Ib1LdBjKOEZObmTpDLQzs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:06:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1666 (0x682) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B7F, serialNumber=34DCF4729F458262888EF07A2BD4675F6E311380 Validity Not Before: Apr 24 22:06:06 2025 GMT Not After : May 1 22:06:06 2025 GMT Subject: CN=680ab5ce-3736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:16:44:11:8a:e3:83:ad:08:a1:00:af:63:26: 87:17:4d:34:52:98:42:8d:f1:90:f7:66:e4:76:36: d5:6e:0c:56:f4:2c:3a:a2:fd:3d:18:fc:84:ab:6e: b7:9e:0b:6d:35:c7:71:df:9c:4c:8a:a2:a8:fc:bb: c2:32:90:b5:88:e8:a7:16:bc:bf:cc:b0:1e:39:82: a6:ca:d5:64:3c:41:7d:5f:01:8d:07:08:be:29:f3: 66:b7:07:3d:15:82:11:9f:56:78:57:2f:22:32:11: 80:1b:2c:1e:02:ec:fc:d8:9a:e2:dd:83:0a:62:f8: d8:f4:93:e3:7f:f1:2a:8f:35:2e:2a:0d:b2:5e:f7: 80:f8:50:87:b0:eb:84:7f:1e:57:e8:bf:21:81:8d: c6:c3:20:5b:26:a5:ac:30:b0:67:5b:5d:a1:d9:c0: df:61:ca:f5:7b:e6:be:d2:c5:9a:ce:a4:cc:3f:f6: 46:d7:8c:70:04:6f:13:61:ae:8e:91:73:64:59:8b: 41:78:25:d1:92:02:03:ae:7a:76:f1:38:e2:bc:18: 80:13:52:60:02:4f:5c:c9:95:8f:9b:d7:e5:0e:7f: 1d:86:c3:3c:8e:3e:87:68:03:92:cf:c1:04:9f:b7: 2c:26:d6:b1:22:f1:65:a7:dd:81:91:f6:e3:4c:85: ec:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:4C:76:DB:8E:00:EC:9F:A1:6A:7A:71:6B:D3:D3:82:A5:9D:9D:83 X509v3 Authority Key Identifier: keyid:34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:87:53:55:cd:55:ff:11:d8:f9:44:92:bd:86:0c:67:e6:7f: b5:5c:a0:d9:d2:c5:db:e7:46:54:3c:a1:0f:9f:ed:9e:96:7e: f6:e0:82:79:88:63:74:d9:1a:ea:6c:e4:b7:2b:72:a3:97:1e: 25:73:cd:ea:16:46:9f:d8:60:85:c0:b8:1b:e6:38:8a:63:11: b0:f9:7c:13:90:be:d4:54:10:ab:1c:38:97:8d:ba:28:61:ff: de:83:a0:ba:78:68:cd:6b:7b:24:2d:8c:95:3c:41:a9:37:d6: 10:04:a6:ef:9d:5e:67:cc:50:07:c5:4c:c1:f4:49:18:c5:81: ec:9b:da:bb:cd:16:fb:73:78:c2:51:00:39:23:58:1f:a2:fc: fc:7a:32:5b:31:1f:5a:35:1b:52:3e:a7:8e:e9:94:10:f7:ed: 03:a9:72:1e:79:29:f0:c5:42:da:b4:75:a2:66:6c:c0:1b:62: cb:0b:4f:d9:f1:88:8c:77:01:0f:a2:45:67:2f:95:60:36:62: b3:6e:5c:73:17:52:30:43:5e:c0:f1:fb:2b:c9:60:c7:ea:54: 9b:15:c7:68:d7:8c:12:47:8b:fb:f4:9a:52:4e:e2:34:28:7e: 6b:0b:6d:5d:14:5f:aa:c7:b5:42:f1:0b:89:e3:84:31:51:08: 7b:86:79:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCN0YxMTAvBgNVBAUTKDM0RENGNDcyOUY0NTgyNjI4ODhFRjA3QTJCRDQ2NzVG NkUzMTEzODAwHhcNMjUwNDI0MjIwNjA2WhcNMjUwNTAxMjIwNjA2WjAYMRYwFAYD VQQDEw02ODBhYjVjZS0zNzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApxZEEYrjg60IoQCvYyaHF000UphCjfGQ92bkdjbVbgxW9Cw6ov09GPyEq263 ngttNcdx35xMiqKo/LvCMpC1iOinFry/zLAeOYKmytVkPEF9XwGNBwi+KfNmtwc9 FYIRn1Z4Vy8iMhGAGyweAuz82Jri3YMKYvjY9JPjf/EqjzUuKg2yXveA+FCHsOuE fx5X6L8hgY3GwyBbJqWsMLBnW12h2cDfYcr1e+a+0sWazqTMP/ZG14xwBG8TYa6O kXNkWYtBeCXRkgIDrnp28TjivBiAE1JgAk9cyZWPm9flDn8dhsM8jj6HaAOSz8EE n7csJtaxIvFlp92BkfbjTIXsIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMJMdtuO AOyfoWp6cWvT04KlnZ2DMB8GA1UdIwQYMBaAFDTc9HKfRYJiiI7weivUZ19uMROA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0I3Ri8zN0I4MkM1MDcx QjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5RmdtS0lqdkI2SzlSblgyNHhF NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OejBjcDlGZ21LSWp2QjZLOVJuWDI0eEU0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0I3Ri8zN0I4MkM1MDcxQjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5Rmdt S0lqdkI2SzlSblgyNHhFNEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGh1NVzVX/Edj5RJK9hgxn5n+1XKDZ0sXb50ZUPKEPn+2eln724IJ5 iGN02RrqbOS3K3Kjlx4lc83qFkaf2GCFwLgb5jiKYxGw+XwTkL7UVBCrHDiXjboo Yf/eg6C6eGjNa3skLYyVPEGpN9YQBKbvnV5nzFAHxUzB9EkYxYHsm9q7zRb7c3jC UQA5I1gfovz8ejJbMR9aNRtSPqeO6ZQQ9+0DqXIeeSnwxULatHWiZmzAG2LLC0/Z 8YiMdwEPokVnL5VgNmKzblxzF1IwQ17A8fsryWDH6lSbFcdo14wSR4v79JpSTuI0 KH5rC21dFF+qx7VC8QuJ44QxUQh7hnl8 -----END CERTIFICATE-----Generated at Sat Apr 26 13:36:03 2025 by rpki-client