$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: yLNFOhj08a3YGafFBRwasEAAlvoNutnQoSxgJES2N6o= Subject key identifier: 48:2A:B2:A2:92:E6:20:D4:F5:B8:5F:2C:B7:90:06:34:40:A0:23:85 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: EE Signing time: Sun 15 Jun 2025 04:31:05 +0000 Manifest this update: Sun 15 Jun 2025 04:31:04 +0000 Manifest next update: Sun 22 Jun 2025 04:31:04 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: wU5ktrbeHjMz0foIKRLVWqqDnTft9cNysyXjQztbCW4=) 2: 5605B7643B8D11F09517A40BC4F9AE02.roa (hash: kL+wl3X9lpPDAyc9VPoNCoIe2pFYCq0K/SEYMKMr+fs=) 3: 2D392D483B8D11F09468CF7BC4F9AE02.roa (hash: 3qGGrVLcHGyNXBjBxC/2DsjdY0M5cfUd+RZIo9JRQog=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:31:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 245 (0xf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Jun 15 04:31:04 2025 GMT Not After : Jun 22 04:31:04 2025 GMT Subject: CN=684e4c88-43d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bf:db:ff:1d:32:c6:d7:2f:09:d7:08:10:61: 72:a0:2d:68:01:59:e2:43:31:f9:44:41:b5:b3:6a: 37:52:fa:f2:5a:7a:7c:21:1e:81:58:8d:a0:8e:ae: 48:e5:ca:90:a3:71:c6:75:78:fa:dc:45:cb:66:60: 88:90:29:de:80:37:74:23:44:14:dc:af:32:b0:c6: c3:a9:fe:65:6f:eb:65:3b:c2:7b:e7:76:ef:f2:23: 0e:99:76:34:f8:42:e9:be:b3:49:e5:55:1d:48:bd: 6b:22:5e:c5:0a:16:88:5b:e0:c2:f1:97:06:29:ac: bc:52:21:ab:d6:e2:4a:28:f0:ef:b9:d9:3f:ad:17: 52:69:01:92:77:ab:f6:cc:57:59:f8:ea:f9:41:93: ce:77:51:7d:56:47:44:12:c9:62:5a:5d:2f:b5:a6: 5c:b6:a0:8d:96:e8:11:2b:37:0e:d4:6c:a0:84:7f: e4:e1:9c:62:9a:cf:3e:16:0d:b2:50:57:d6:42:c2: 5e:26:04:55:35:4b:fc:e7:96:e5:f6:94:b6:4a:81: be:96:5c:9b:55:1e:db:05:e6:88:8d:71:51:b1:61: e0:ab:e4:a9:99:4a:56:f5:8a:8d:e4:3b:e0:28:0e: 00:a4:73:a9:af:d7:dd:f2:d8:90:fc:ae:bc:f8:3c: 46:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:2A:B2:A2:92:E6:20:D4:F5:B8:5F:2C:B7:90:06:34:40:A0:23:85 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:9d:b7:e4:d0:65:2d:84:a1:53:65:6c:51:4f:08:79:7a:96: b0:39:d1:a4:89:75:f9:93:37:2a:71:49:48:d6:71:8d:d1:11: 0a:c2:e2:d1:c8:26:65:29:04:1a:3b:4b:75:4b:40:b4:28:78: 22:f7:6e:c7:44:0e:87:c2:09:36:8c:f6:2f:9b:58:81:39:1d: 23:6a:4f:3d:1d:39:cc:e6:c3:b3:78:b2:d7:c5:d7:f9:1e:fd: b5:8f:f8:4e:4c:5e:e2:76:af:6f:7b:9b:12:dd:ed:bd:8a:78: 8c:60:40:09:5f:4b:2a:30:46:c8:bc:9f:28:d0:46:c7:18:26: e7:e8:9e:0b:4e:f6:4d:3d:a5:43:b7:c1:da:a6:cd:ba:e3:3a: a4:4a:02:3c:d4:ed:e7:7d:54:a8:13:79:52:20:ef:87:a0:fc: db:b0:44:f5:5e:db:96:ec:f5:55:84:68:df:6b:23:a7:52:42: 73:d8:00:37:b2:f2:79:a7:e7:8d:5d:46:69:a4:6e:66:b0:40: 26:bc:da:36:fb:c9:ca:65:a7:81:ca:a0:b2:8c:f0:21:fb:9a: c2:e6:e6:dc:46:87:ed:26:21:b8:a5:c9:94:8b:d2:d4:6d:fd: 6f:9c:08:0b:71:12:19:58:a8:42:a9:a6:93:27:dc:3c:ca:53: 96:19:b7:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwNjE1MDQzMTA0WhcNMjUwNjIyMDQzMTA0WjAYMRYwFAYD VQQDEw02ODRlNGM4OC00M2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7/b/x0yxtcvCdcIEGFyoC1oAVniQzH5REG1s2o3UvryWnp8IR6BWI2gjq5I 5cqQo3HGdXj63EXLZmCIkCnegDd0I0QU3K8ysMbDqf5lb+tlO8J753bv8iMOmXY0 +ELpvrNJ5VUdSL1rIl7FChaIW+DC8ZcGKay8UiGr1uJKKPDvudk/rRdSaQGSd6v2 zFdZ+Or5QZPOd1F9VkdEEsliWl0vtaZctqCNlugRKzcO1GyghH/k4Zxims8+Fg2y UFfWQsJeJgRVNUv855bl9pS2SoG+llybVR7bBeaIjXFRsWHgq+SpmUpW9YqN5Dvg KA4ApHOpr9fd8tiQ/K68+DxGlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEgqsqKS 5iDU9bhfLLeQBjRAoCOFMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcnbfk0GUthKFTZWxRTwh5epawOdGkiXX5kzcqcUlI1nGN0REKwuLR yCZlKQQaO0t1S0C0KHgi927HRA6Hwgk2jPYvm1iBOR0jak89HTnM5sOzeLLXxdf5 Hv21j/hOTF7idq9ve5sS3e29iniMYEAJX0sqMEbIvJ8o0EbHGCbn6J4LTvZNPaVD t8Haps264zqkSgI81O3nfVSoE3lSIO+HoPzbsET1XtuW7PVVhGjfayOnUkJz2AA3 svJ5p+eNXUZppG5msEAmvNo2+8nKZaeByqCyjPAh+5rC5ubcRoftJiG4pcmUi9LU bf1vnAgLcRIZWKhCqaaTJ9w8ylOWGbd5 -----END CERTIFICATE-----Generated at Sun Jun 15 19:14:57 2025 by rpki-client