$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: 2HKMLj2QeCs4yBu9etYj7IZL3XzlXgph3Zw7O7sjcD4= Subject key identifier: 36:AD:21:BD:60:5D:14:D6:4E:E8:8D:F8:05:12:0F:55:D7:6F:A7:49 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: D2 Signing time: Fri 25 Apr 2025 04:42:41 +0000 Manifest this update: Fri 25 Apr 2025 04:42:41 +0000 Manifest next update: Fri 02 May 2025 04:42:41 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: RYI0NE2kNHxi9qFjfo5BPiBmXaLgUQygIxZoPljt2CE=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: /HAKekx3oGLhAH29x46oJ6hTdPMrFSJIAAVT8YfqHU0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:42:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Apr 25 04:42:41 2025 GMT Not After : May 2 04:42:41 2025 GMT Subject: CN=680b12c1-1d1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b6:ce:fa:f5:6e:a3:49:2f:c0:4d:dd:4a:34: d0:d0:68:ce:87:c5:21:aa:b0:f7:3d:f4:a5:5b:ae: 2e:f4:da:c3:7f:0b:3f:f3:fe:ec:d5:6e:90:b0:c8: 7e:52:06:45:6e:b4:7e:17:d7:97:0b:66:b4:52:63: d6:a5:0f:e3:28:26:ee:41:26:19:71:b7:15:d3:0c: 5b:11:d8:bd:a7:3e:c6:24:bf:09:0d:e7:b6:0c:f5: 40:9c:c6:68:7f:ad:7e:23:0c:2f:8a:25:f1:71:fc: 25:7c:f8:f6:67:b7:dd:9d:9c:c6:b8:28:0b:73:31: b9:71:a1:fb:4f:87:31:ec:3a:f6:74:b2:30:15:39: c0:01:c5:88:ac:90:46:6e:b5:12:d5:96:af:d3:a4: fa:a5:fb:3c:b1:8e:ec:91:8c:88:01:3f:79:49:73: 1c:7f:37:74:0f:c7:26:36:6a:ac:4d:d2:42:eb:c6: 78:14:a0:2d:16:47:9d:7d:19:2b:2b:d9:18:65:40: 5c:ab:0c:6e:ed:12:8c:27:ae:5f:c5:ab:18:bc:2b: a2:c7:90:77:bb:72:e0:fb:74:06:ec:a0:a6:27:b6: f9:ef:0a:d0:f9:9c:8d:e1:17:1a:ef:31:68:aa:3e: dd:1f:68:8c:7d:d8:75:2d:d2:f6:fc:38:0b:87:b5: de:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:AD:21:BD:60:5D:14:D6:4E:E8:8D:F8:05:12:0F:55:D7:6F:A7:49 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:82:69:7b:b1:a8:07:52:95:4d:66:2e:be:6d:ea:7c:49:ba: 81:0e:e1:44:28:a1:52:77:7a:7d:16:d5:71:76:aa:d0:a5:40: 3e:fe:90:98:8a:a9:08:66:3c:41:96:bb:4c:d4:06:02:7b:cf: dd:5d:4a:dc:0d:f9:8f:d5:88:e8:85:6c:0b:30:32:c9:a8:fc: 26:32:1e:7b:9b:39:ae:50:b8:b0:97:5f:35:3d:63:5e:f7:a7: 13:6b:a9:3d:c8:42:c1:06:43:33:dd:86:0c:19:63:46:0e:a6: 32:d5:2b:c1:1b:30:a4:31:5c:05:ec:30:6d:69:7a:75:21:0d: bd:f5:e4:98:e6:cb:0a:52:1a:62:ae:e5:a4:6e:d2:0e:06:fd: ba:a8:1c:c0:ce:54:b9:6a:a7:8f:8c:9a:65:5a:89:b2:af:1d: c0:c0:4c:2f:fd:d5:a2:98:90:10:72:61:c3:99:bf:5f:39:b6: 2d:7c:11:9b:10:b3:2e:ff:12:ce:62:d2:04:96:bc:f7:59:5e: 6a:d3:b7:b5:9d:98:cf:3a:9d:8d:ff:c4:97:a6:89:b6:cf:e1: e6:13:94:3f:87:06:a0:c9:4c:7f:87:6d:f3:8b:66:be:6b:76: 06:1a:0e:64:ae:8c:f2:39:ff:49:7d:89:d7:c9:fe:ad:44:42: 6e:a3:8c:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwNDI1MDQ0MjQxWhcNMjUwNTAyMDQ0MjQxWjAYMRYwFAYD VQQDEw02ODBiMTJjMS0xZDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLbO+vVuo0kvwE3dSjTQ0GjOh8UhqrD3PfSlW64u9NrDfws/8/7s1W6QsMh+ UgZFbrR+F9eXC2a0UmPWpQ/jKCbuQSYZcbcV0wxbEdi9pz7GJL8JDee2DPVAnMZo f61+IwwviiXxcfwlfPj2Z7fdnZzGuCgLczG5caH7T4cx7Dr2dLIwFTnAAcWIrJBG brUS1Zav06T6pfs8sY7skYyIAT95SXMcfzd0D8cmNmqsTdJC68Z4FKAtFkedfRkr K9kYZUBcqwxu7RKMJ65fxasYvCuix5B3u3Lg+3QG7KCmJ7b57wrQ+ZyN4Rca7zFo qj7dH2iMfdh1LdL2/DgLh7XeGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDatIb1g XRTWTuiN+AUSD1XXb6dJMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARgml7sagHUpVNZi6+bep8SbqBDuFEKKFSd3p9FtVxdqrQpUA+/pCY iqkIZjxBlrtM1AYCe8/dXUrcDfmP1YjohWwLMDLJqPwmMh57mzmuULiwl181PWNe 96cTa6k9yELBBkMz3YYMGWNGDqYy1SvBGzCkMVwF7DBtaXp1IQ299eSY5ssKUhpi ruWkbtIOBv26qBzAzlS5aqePjJplWomyrx3AwEwv/dWimJAQcmHDmb9fObYtfBGb ELMu/xLOYtIElrz3WV5q07e1nZjPOp2N/8SXpom2z+HmE5Q/hwagyUx/h23zi2a+ a3YGGg5krozyOf9JfYnXyf6tREJuo4zy -----END CERTIFICATE-----Generated at Sat Apr 26 04:19:58 2025 by rpki-client