$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft File: nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft (raw, json) Hash identifier: hx2FU2I7Et/onahluxaZklgzORaXSSMSxBYKZbSG3tc= Subject key identifier: 1F:B2:5B:86:7B:9C:5F:E8:00:D8:A4:78:AF:D1:06:37:45:3B:AA:E9 Authority key identifier: 9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD Certificate issuer: /CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Certificate serial: 07FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft Manifest number: 07F1 Signing time: Thu 24 Apr 2025 20:50:33 +0000 Manifest this update: Thu 24 Apr 2025 20:50:33 +0000 Manifest next update: Thu 01 May 2025 20:50:33 +0000 Files and hashes: 1: nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl (hash: yCcP+i4PlVW9go1vzao8cQz+E1Bkq+FPPbCfq8pIFoM=) 2: C1171FCAB1B111ECBA7F614FC4F9AE02.roa (hash: 5pc4Fgf96yhJHg1dXqyOkvTiTCFOmyYqtcguriQDwlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:50:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2046 (0x7fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D34, serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Validity Not Before: Apr 24 20:50:33 2025 GMT Not After : May 1 20:50:33 2025 GMT Subject: CN=680aa419-2759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:65:fc:ac:f7:9e:20:ea:4c:26:8b:21:88:79: af:34:d5:5e:4e:71:1c:34:61:15:20:fd:f8:08:51: 3c:82:2b:bb:86:2f:23:47:52:a6:ae:99:74:56:ea: 73:0a:31:e7:bb:56:d2:70:0a:d8:41:4c:2a:d9:00: 8f:eb:f3:27:1d:37:e7:c3:b3:df:7b:4d:c3:8d:94: 6c:17:37:1c:0b:04:f5:33:44:e6:c3:7d:4d:13:a8: 60:94:6f:e8:21:f5:d3:9d:74:73:a6:34:af:86:2a: cc:a6:9f:34:ad:34:b5:7c:77:08:b0:3a:ad:52:e0: a4:97:f3:f8:f6:7f:4a:14:d6:28:89:22:ce:d1:e5: 90:58:6d:96:d9:90:89:38:98:68:f1:90:b7:d4:91: 88:a1:e1:56:4c:3f:0a:a2:84:d4:e6:2a:a0:01:37: 8a:84:60:a3:bf:74:71:e8:79:b9:e5:7c:2c:7a:dd: 95:b2:eb:d9:5b:91:01:eb:2e:60:79:c0:cd:43:e4: 23:3e:ac:78:fb:51:f9:73:82:fd:8d:c4:19:6b:8b: cc:d3:7e:47:c5:37:e2:c3:d7:12:e2:71:23:b4:09: 59:35:eb:03:99:ab:32:00:79:7f:d0:dd:c1:0e:dc: 11:a7:7b:3d:6f:a9:bb:bc:db:03:d4:75:6d:e5:2e: a8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:B2:5B:86:7B:9C:5F:E8:00:D8:A4:78:AF:D1:06:37:45:3B:AA:E9 X509v3 Authority Key Identifier: keyid:9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:88:21:52:ee:4a:cc:0d:58:72:76:a6:69:1c:7a:97:c7:17: 91:89:1c:02:e4:fd:c0:f4:dd:71:1f:c8:c2:78:f0:39:f3:e9: 9e:55:e5:93:17:e8:cb:0e:b3:cd:19:d5:b2:a3:e9:91:1e:e1: 86:7a:1d:80:c8:50:4f:f3:97:d1:78:32:d3:72:d4:8f:19:7d: ba:3b:50:13:84:db:f2:f6:fa:5a:82:52:41:65:f4:ab:18:a1: ac:43:33:10:77:93:3d:79:8e:d6:82:c7:ad:46:25:33:1b:88: 17:b4:f6:9b:3e:d5:b7:ca:c7:eb:75:d1:90:f1:04:90:4f:a6: 73:08:6d:f9:65:75:6f:e8:58:6f:09:d9:63:ea:5e:59:44:cf: a4:ca:4b:4c:79:fe:87:81:24:8f:ed:41:62:42:1c:a5:83:10: 1f:fd:3d:09:05:8c:cb:0b:89:66:6d:a5:fd:43:3b:66:d2:1f: 5c:6d:34:14:cc:c8:d2:a3:8e:ec:fe:d6:e3:f3:76:05:ed:d9: 77:d2:47:d2:9e:19:56:94:f3:fa:07:23:a4:eb:2f:65:18:f1: d7:ac:0a:a5:4a:45:93:2f:38:bc:fb:f5:b3:90:d7:c9:f6:ed: 19:0f:07:93:e6:c3:2e:12:c5:cc:30:f6:89:af:b0:2f:6c:a0: cf:8d:43:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVEMzQxMTAvBgNVBAUTKDlFQzEyMTZEMjU2NDE2NDAzQ0I1QzUzRTczNDU1MzBG ODMyNzJDREQwHhcNMjUwNDI0MjA1MDMzWhcNMjUwNTAxMjA1MDMzWjAYMRYwFAYD VQQDEw02ODBhYTQxOS0yNzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx2X8rPeeIOpMJoshiHmvNNVeTnEcNGEVIP34CFE8giu7hi8jR1Kmrpl0Vupz CjHnu1bScArYQUwq2QCP6/MnHTfnw7Pfe03DjZRsFzccCwT1M0Tmw31NE6hglG/o IfXTnXRzpjSvhirMpp80rTS1fHcIsDqtUuCkl/P49n9KFNYoiSLO0eWQWG2W2ZCJ OJho8ZC31JGIoeFWTD8KooTU5iqgATeKhGCjv3Rx6Hm55Xwset2VsuvZW5EB6y5g ecDNQ+QjPqx4+1H5c4L9jcQZa4vM035HxTfiw9cS4nEjtAlZNesDmasyAHl/0N3B DtwRp3s9b6m7vNsD1HVt5S6oMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB+yW4Z7 nF/oANikeK/RBjdFO6rpMB8GA1UdIwQYMBaAFJ7BIW0lZBZAPLXFPnNFUw+DJyzd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQzNC9EQkE4Nzg1OEU2 QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0ZrQTh0Y1UtYzBWVEQ0TW5M TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25zRWhiU1ZrRmtBOHRjVS1jMFZURDRNbkxOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUQzNC9EQkE4Nzg1OEU2QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0Zr QTh0Y1UtYzBWVEQ0TW5MTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaiCFS7krMDVhydqZpHHqXxxeRiRwC5P3A9N1xH8jCePA58+meVeWT F+jLDrPNGdWyo+mRHuGGeh2AyFBP85fReDLTctSPGX26O1AThNvy9vpaglJBZfSr GKGsQzMQd5M9eY7WgsetRiUzG4gXtPabPtW3ysfrddGQ8QSQT6ZzCG35ZXVv6Fhv Cdlj6l5ZRM+kyktMef6HgSSP7UFiQhylgxAf/T0JBYzLC4lmbaX9Qztm0h9cbTQU zMjSo47s/tbj83YF7dl30kfSnhlWlPP6ByOk6y9lGPHXrAqlSkWTLzi8+/WzkNfJ 9u0ZDweT5sMuEsXMMPaJr7AvbKDPjUP7 -----END CERTIFICATE-----Generated at Sat Apr 26 05:14:29 2025 by rpki-client