$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.mft File: NhbgHaMxfwnuypjnvHVMvJkNfWg.mft (raw, json) Hash identifier: qAIGmZHUwtbE0mfkVJMUhsxdmS/64jOYJ3Eu40qifYg= Subject key identifier: 41:71:55:A9:8F:2C:E5:43:60:9C:CD:B8:AD:07:39:9E:AB:2D:74:A5 Authority key identifier: 36:16:E0:1D:A3:31:7F:09:EE:CA:98:E7:BC:75:4C:BC:99:0D:7D:68 Certificate issuer: /CN=A9192C72/serialNumber=3616E01DA3317F09EECA98E7BC754CBC990D7D68 Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NhbgHaMxfwnuypjnvHVMvJkNfWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.mft Manifest number: 24 Signing time: Fri 25 Apr 2025 06:47:42 +0000 Manifest this update: Fri 25 Apr 2025 06:47:42 +0000 Manifest next update: Fri 02 May 2025 06:47:42 +0000 Files and hashes: 1: NhbgHaMxfwnuypjnvHVMvJkNfWg.crl (hash: 2Xil+t+4IqxcUeoEf9jIX1QX0CE6Lqd/BJxfNMpRnFc=) 2: C2E1583EECFA11EFA881E216C4F9AE02.roa (hash: Yu5htw9gFwcLd352zvwoy0u2xmOJCVCXwCzZ+nX1BhI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.crl rsync://rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NhbgHaMxfwnuypjnvHVMvJkNfWg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:47:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9192C72, serialNumber=3616E01DA3317F09EECA98E7BC754CBC990D7D68 Validity Not Before: Apr 25 06:47:42 2025 GMT Not After : May 2 06:47:42 2025 GMT Subject: CN=680b300e-8d7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:37:98:e0:8e:3a:e6:da:45:1a:1c:c1:37:c1: 94:66:49:32:f7:53:37:f6:5a:cf:c8:69:4e:ef:45: e2:fc:a1:87:be:03:ee:cd:6b:40:2d:e9:64:ef:ec: 57:75:0b:43:53:01:11:69:85:59:ed:30:10:c4:13: 96:83:ab:84:94:61:cd:fb:fc:4a:a3:bc:ba:e2:55: fb:10:e1:83:b1:3d:51:05:67:57:40:ec:49:fd:85: af:59:c7:de:01:58:44:d5:10:e7:58:cd:b1:12:d7: 55:9e:38:eb:aa:3b:b9:ba:4a:be:a0:b2:30:75:4e: bd:52:09:95:0e:6c:73:b0:56:bb:ff:47:13:07:06: 42:ea:e2:da:84:fc:cc:b4:93:33:39:b1:c2:81:80: 0c:66:95:1e:f4:98:2f:a0:f3:29:8c:ed:e9:c7:b6: 13:41:87:e7:2f:7f:87:d2:28:31:4a:5b:0a:3b:6b: df:86:a6:b8:47:20:09:15:96:0f:1a:cb:3b:2f:5f: 70:8c:d7:6e:d9:9f:8a:e1:75:ca:67:c9:72:85:f7: dc:67:8f:67:e9:66:55:1d:69:ef:3b:1d:ad:e9:e0: 94:c1:4c:4d:4c:db:02:2f:29:0b:37:24:28:b9:a1: b3:88:af:63:43:df:8e:16:8f:7c:17:ae:70:b0:b2: 8a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:71:55:A9:8F:2C:E5:43:60:9C:CD:B8:AD:07:39:9E:AB:2D:74:A5 X509v3 Authority Key Identifier: keyid:36:16:E0:1D:A3:31:7F:09:EE:CA:98:E7:BC:75:4C:BC:99:0D:7D:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NhbgHaMxfwnuypjnvHVMvJkNfWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C72/9D5B5156ECF911EF93A2A213C4F9AE02/NhbgHaMxfwnuypjnvHVMvJkNfWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:28:3a:79:f4:72:0d:1c:90:c9:3d:94:40:61:18:80:b1:1f: ed:0c:d6:77:0e:48:49:74:5d:d1:fd:c8:74:19:1b:34:67:18: 4b:f6:a9:a0:1d:cd:38:ce:98:5a:e8:b0:88:27:98:d0:82:0e: 74:46:cf:32:0b:e6:7d:c9:55:15:cb:d5:5e:79:b5:29:67:6b: 43:b1:cc:99:bf:db:05:d1:98:8f:bc:18:71:16:b6:d0:98:96: 25:1a:3a:5b:7d:71:2b:21:de:c6:90:fa:f2:b6:c5:d1:3f:4c: 67:88:10:e3:00:e4:1d:d7:4e:21:cc:b6:4a:cc:1f:d7:fa:81: 35:1a:d4:ee:07:c5:b4:0b:a3:c9:d5:56:c3:b5:f3:4d:6b:d7: 79:74:33:fb:b1:9c:a9:e3:6f:86:8a:6b:42:66:38:9d:56:78: 7f:ec:70:9b:a1:5a:80:a9:92:fb:17:a5:61:39:8c:b8:a1:3d: 47:89:51:7f:6c:50:99:a8:44:e4:30:07:d2:db:f3:64:46:b6: b5:c4:87:11:5f:93:95:a7:20:a0:01:77:89:49:da:c3:6b:b2: 00:15:ab:13:bf:44:77:59:da:fc:b3:27:70:dc:6e:30:bb:34: d3:f7:32:05:c0:d4:c8:04:b3:21:e8:85:b9:57:4d:91:f7:f8: 48:49:1b:90 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 MkM3MjExMC8GA1UEBRMoMzYxNkUwMURBMzMxN0YwOUVFQ0E5OEU3QkM3NTRDQkM5 OTBEN0Q2ODAeFw0yNTA0MjUwNjQ3NDJaFw0yNTA1MDIwNjQ3NDJaMBgxFjAUBgNV BAMTDTY4MGIzMDBlLThkN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDNN5jgjjrm2kUaHME3wZRmSTL3Uzf2Ws/IaU7vReL8oYe+A+7Na0At6WTv7Fd1 C0NTARFphVntMBDEE5aDq4SUYc37/EqjvLriVfsQ4YOxPVEFZ1dA7En9ha9Zx94B WETVEOdYzbES11WeOOuqO7m6Sr6gsjB1Tr1SCZUObHOwVrv/RxMHBkLq4tqE/My0 kzM5scKBgAxmlR70mC+g8ymM7enHthNBh+cvf4fSKDFKWwo7a9+GprhHIAkVlg8a yzsvX3CM127Zn4rhdcpnyXKF99xnj2fpZlUdae87Ha3p4JTBTE1M2wIvKQs3JCi5 obOIr2ND344Wj3wXrnCwsorBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQXFVqY8s 5UNgnM24rQc5nqstdKUwHwYDVR0jBBgwFoAUNhbgHaMxfwnuypjnvHVMvJkNfWgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkyQzcyLzlENUI1MTU2RUNG OTExRUY5M0EyQTIxM0M0RjlBRTAyL05oYmdIYU14ZndudXlwam52SFZNdkprTmZX Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTmhiZ0hhTXhmd251eXBqbnZIVk12SmtOZldnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTky QzcyLzlENUI1MTU2RUNGOTExRUY5M0EyQTIxM0M0RjlBRTAyL05oYmdIYU14Zndu dXlwam52SFZNdkprTmZXZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALMoOnn0cg0ckMk9lEBhGICxH+0M1ncOSEl0XdH9yHQZGzRnGEv2qaAd zTjOmFrosIgnmNCCDnRGzzIL5n3JVRXL1V55tSlna0OxzJm/2wXRmI+8GHEWttCY liUaOlt9cSsh3saQ+vK2xdE/TGeIEOMA5B3XTiHMtkrMH9f6gTUa1O4HxbQLo8nV VsO1801r13l0M/uxnKnjb4aKa0JmOJ1WeH/scJuhWoCpkvsXpWE5jLihPUeJUX9s UJmoROQwB9Lb82RGtrXEhxFfk5WnIKABd4lJ2sNrsgAVqxO/RHdZ2vyzJ3DcbjC7 NNP3MgXA1MgEsyHohblXTZH3+EhJG5A= -----END CERTIFICATE-----Generated at Sat Apr 26 04:31:34 2025 by rpki-client