$ rpki-client -vvf rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft File: nb0ycj1x0bhWzIRJBDf78NpVJWo.mft (raw, json) Hash identifier: AnGjaLi8B8bB430gUlOs+6JdtRXTgArUSRAgP+SNRL8= Subject key identifier: 13:27:E8:3E:14:A3:4B:D3:4B:59:51:B2:EA:AD:24:0E:11:2D:E7:78 Authority key identifier: 9D:BD:32:72:3D:71:D1:B8:56:CC:84:49:04:37:FB:F0:DA:55:25:6A Certificate issuer: /CN=A9165B41/serialNumber=9DBD32723D71D1B856CC84490437FBF0DA55256A Certificate serial: 0F2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft Manifest number: 0F26 Signing time: Thu 24 Apr 2025 17:36:11 +0000 Manifest this update: Thu 24 Apr 2025 17:36:10 +0000 Manifest next update: Thu 01 May 2025 17:36:10 +0000 Files and hashes: 1: nb0ycj1x0bhWzIRJBDf78NpVJWo.crl (hash: su5JmyliU3/APkE66rvTd43ku1Mtf8aWZgQFsdews48=) 2: B0DA9FC46FDD11E9BC194664C4F9AE02.roa (hash: Hb9hkw/JGVDNL3WRZDBLo8Md0h4gCqoVhQUhIQUyimQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.crl rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:36:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3885 (0xf2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165B41, serialNumber=9DBD32723D71D1B856CC84490437FBF0DA55256A Validity Not Before: Apr 24 17:36:10 2025 GMT Not After : May 1 17:36:10 2025 GMT Subject: CN=680a768a-d4d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e7:14:08:73:71:a7:dc:c6:a1:08:b6:d7:a2: 59:94:9d:f4:e1:ab:03:0c:a0:b4:17:a4:c1:1d:85: 23:1a:cd:46:f5:a7:90:34:79:ee:05:19:8d:55:18: c8:87:3a:6c:aa:d8:19:84:b3:41:e4:cf:46:8f:5f: f2:08:b4:83:4d:52:cb:f1:38:b6:99:da:9c:0c:73: 81:a5:74:97:35:2d:80:22:a0:5b:e4:3f:ef:db:82: 33:6d:1d:62:f9:b8:ac:f6:f9:ee:67:33:1a:a8:e4: cc:dc:be:63:4b:ce:e0:e8:81:a6:ed:d9:9d:3a:7b: e3:d5:97:01:97:a2:2b:57:e5:6c:cd:fa:f3:4a:b9: ca:90:43:2a:27:6f:e6:23:0d:3a:e3:b4:45:d6:a4: 6e:60:15:0b:80:52:9a:ee:55:29:d7:21:2d:e8:3c: b6:16:68:74:9c:c2:a6:15:0d:30:1d:82:24:c5:1b: 5b:8c:5e:a7:66:e4:8f:be:a9:8e:91:24:6c:02:f3: 7e:ad:47:df:89:eb:87:73:c0:05:ee:60:3f:c8:b4: 51:c8:39:6a:7b:ef:19:9b:ec:f0:b1:33:21:48:ad: ca:2e:ae:e9:a7:ca:e0:16:05:21:13:ad:09:4c:0f: 7b:fe:5b:5d:6c:ef:0f:c6:11:b3:25:ac:1e:3f:75: d5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:27:E8:3E:14:A3:4B:D3:4B:59:51:B2:EA:AD:24:0E:11:2D:E7:78 X509v3 Authority Key Identifier: keyid:9D:BD:32:72:3D:71:D1:B8:56:CC:84:49:04:37:FB:F0:DA:55:25:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nb0ycj1x0bhWzIRJBDf78NpVJWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165B41/33D253166FDB11E9A6E6BD5DC4F9AE02/nb0ycj1x0bhWzIRJBDf78NpVJWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:2d:a4:03:ea:a4:6d:8f:07:50:ef:53:5a:d4:b2:99:d2:bf: e6:ec:d9:01:a9:e8:01:8b:6f:fa:96:e2:12:b2:6c:99:35:3a: bc:63:b5:22:bf:b7:93:c5:2c:6b:11:06:43:ff:67:ba:23:ed: d4:85:84:92:33:c0:00:ab:a3:b4:55:d1:f0:b5:0b:a8:95:4a: c1:bc:4a:7a:fc:a0:35:f7:81:2a:a8:f2:40:13:df:e5:35:8f: e1:c5:aa:06:d7:ce:fa:63:2e:9f:ee:d2:7a:44:ea:c1:2a:da: e9:41:df:ba:21:61:01:c2:9f:67:4f:a3:c3:83:55:d8:a7:43: 17:5f:dd:de:01:16:13:b0:fd:01:08:94:d5:0c:ca:e6:b5:27: cb:eb:14:94:7d:21:68:88:60:fa:a8:89:e4:aa:d7:28:ac:b1: 53:13:2e:b8:84:c6:49:1a:5f:61:7e:80:f7:d5:0c:bf:27:91: 9a:4f:a2:28:a4:4c:11:7b:ae:26:fc:26:e8:5e:82:c9:03:d6: 3d:c7:2e:31:2e:b3:99:a2:2a:e6:e6:f7:4d:7b:3f:76:80:49: de:ff:24:2c:ee:34:a9:fa:47:79:a4:2b:cc:5f:11:2c:1a:66: 82:27:b2:d9:db:66:39:e1:5e:24:55:3f:8d:92:4b:5d:1d:b2: 00:58:6f:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVCNDExMTAvBgNVBAUTKDlEQkQzMjcyM0Q3MUQxQjg1NkNDODQ0OTA0MzdGQkYw REE1NTI1NkEwHhcNMjUwNDI0MTczNjEwWhcNMjUwNTAxMTczNjEwWjAYMRYwFAYD VQQDEw02ODBhNzY4YS1kNGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu+cUCHNxp9zGoQi216JZlJ304asDDKC0F6TBHYUjGs1G9aeQNHnuBRmNVRjI hzpsqtgZhLNB5M9Gj1/yCLSDTVLL8Ti2mdqcDHOBpXSXNS2AIqBb5D/v24IzbR1i +bis9vnuZzMaqOTM3L5jS87g6IGm7dmdOnvj1ZcBl6IrV+VszfrzSrnKkEMqJ2/m Iw0647RF1qRuYBULgFKa7lUp1yEt6Dy2Fmh0nMKmFQ0wHYIkxRtbjF6nZuSPvqmO kSRsAvN+rUffieuHc8AF7mA/yLRRyDlqe+8Zm+zwsTMhSK3KLq7pp8rgFgUhE60J TA97/ltdbO8PxhGzJaweP3XVkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBMn6D4U o0vTS1lRsuqtJA4RLed4MB8GA1UdIwQYMBaAFJ29MnI9cdG4VsyESQQ3+/DaVSVq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUI0MS8zM0QyNTMxNjZG REIxMUU5QTZFNkJENURDNEY5QUUwMi9uYjB5Y2oxeDBiaFd6SVJKQkRmNzhOcFZK V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25iMHljajF4MGJoV3pJUkpCRGY3OE5wVkpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NUI0MS8zM0QyNTMxNjZGREIxMUU5QTZFNkJENURDNEY5QUUwMi9uYjB5Y2oxeDBi aFd6SVJKQkRmNzhOcFZKV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtLaQD6qRtjwdQ71Na1LKZ0r/m7NkBqegBi2/6luISsmyZNTq8Y7Ui v7eTxSxrEQZD/2e6I+3UhYSSM8AAq6O0VdHwtQuolUrBvEp6/KA194EqqPJAE9/l NY/hxaoG1876Yy6f7tJ6ROrBKtrpQd+6IWEBwp9nT6PDg1XYp0MXX93eARYTsP0B CJTVDMrmtSfL6xSUfSFoiGD6qInkqtcorLFTEy64hMZJGl9hfoD31Qy/J5GaT6Io pEwRe64m/CboXoLJA9Y9xy4xLrOZoirm5vdNez92gEne/yQs7jSp+kd5pCvMXxEs GmaCJ7LZ22Y54V4kVT+NkktdHbIAWG8r -----END CERTIFICATE-----Generated at Sat Apr 26 12:25:41 2025 by rpki-client