$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: DPybqr+26g8S8zOOCyXaEVRW0RQvymTWv3nFToBkykQ= Subject key identifier: 8B:37:0B:3D:93:01:31:64:5E:50:CD:AC:0F:E8:61:D2:A9:27:D9:2F Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: 7C Signing time: Fri 25 Apr 2025 05:55:52 +0000 Manifest this update: Fri 25 Apr 2025 05:55:51 +0000 Manifest next update: Fri 02 May 2025 05:55:51 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: raeAEP6ijLFeUsnTwtq7ZnqL3tVPv9EGPsERX4+t9Lc=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: 4Ilw9gY/NOcFcq0qbuj1smp6o0+TRpgSf2CHUKcnvWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:55:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: Apr 25 05:55:51 2025 GMT Not After : May 2 05:55:51 2025 GMT Subject: CN=680b23e7-822e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e4:42:51:b5:9c:73:28:21:ca:da:ca:d3:43: 25:45:f2:0c:31:87:dc:01:a4:76:ce:9d:7d:72:dc: ed:fe:9c:49:f8:f8:f6:6f:82:35:fc:26:af:8b:71: 59:09:65:12:a4:b6:4c:7b:33:6b:7d:3c:2b:d2:9a: 79:0d:0f:0f:d8:34:00:86:ec:3e:5c:e7:61:6e:35: 33:9d:ab:32:86:34:e9:f6:22:90:4b:39:43:b4:8f: 22:99:5e:76:b4:01:bb:33:15:b3:70:d5:d1:59:84: 17:40:29:9f:84:c8:8e:74:6b:fc:ff:0b:47:ee:4d: ba:ac:c8:80:02:a3:3f:86:df:22:97:08:d5:53:f9: 0d:97:b3:76:f7:b6:10:97:e3:59:1e:6d:43:2f:b3: 17:9e:3a:f2:b4:cf:73:89:ea:96:76:4c:69:ee:25: c7:68:c9:0a:7e:b5:40:43:5f:d7:37:e6:f1:44:0c: e0:2c:d7:f7:25:cb:f6:95:90:96:76:15:20:8c:e3: 55:bc:ce:36:17:04:15:bb:29:21:64:54:54:47:e1: cc:7b:81:93:54:75:ec:01:33:88:91:4b:10:73:e5: 5d:ca:f2:c2:dc:4b:d4:81:4a:d3:89:fe:35:9d:bd: 4e:c5:0f:29:f9:c2:f7:6c:36:00:c1:57:52:7e:f9: 27:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:37:0B:3D:93:01:31:64:5E:50:CD:AC:0F:E8:61:D2:A9:27:D9:2F X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:28:f4:80:ef:ea:91:84:c7:97:de:eb:ca:5a:23:af:47:7e: 79:6e:7f:a3:26:b3:ed:e6:9f:62:1a:3a:93:95:0b:f0:88:01: 31:ee:b4:c2:65:d7:aa:b9:1d:d4:b3:38:39:f0:86:93:5d:b7: 58:27:a1:02:30:37:e4:11:63:b4:be:85:dc:78:96:7f:6b:68: 04:a7:68:a8:08:e5:96:f7:be:96:c3:1b:02:1b:fb:a3:2e:b5: 23:9d:f4:19:52:a5:f4:47:0b:85:fa:f9:e8:be:d1:e0:bd:86: c1:0f:a2:5a:ce:0a:06:a4:bd:db:27:9a:f0:5f:53:b3:1c:93: 66:a5:34:48:66:d6:21:de:7a:b7:6e:12:71:6b:4c:e7:db:a8: 89:b4:4f:aa:2f:d2:1c:14:f0:18:70:44:49:b9:9a:8d:75:04: 9e:47:61:28:fd:97:1a:de:62:da:f5:0f:dc:0a:83:aa:59:ae: e2:11:e6:bf:a0:f1:7d:d7:69:3a:41:24:67:f8:ea:11:bf:ca: b6:e4:97:de:d0:05:41:93:6f:c4:70:cc:14:d3:c2:1c:9f:bd: cb:db:6e:51:f5:98:b1:b5:43:ae:3b:db:73:a4:50:40:96:64: d6:73:db:14:f3:10:8e:d0:ee:86:3c:c8:08:e7:3a:1e:10:c9: 52:9b:60:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDM1NzQ3OTBEOERGODJCM0I1NTFFM0I3MDI1NzFCQUY1 NUE5RTk5NjEwHhcNMjUwNDI1MDU1NTUxWhcNMjUwNTAyMDU1NTUxWjAYMRYwFAYD VQQDEw02ODBiMjNlNy04MjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+RCUbWccyghytrK00MlRfIMMYfcAaR2zp19ctzt/pxJ+Pj2b4I1/Cavi3FZ CWUSpLZMezNrfTwr0pp5DQ8P2DQAhuw+XOdhbjUznasyhjTp9iKQSzlDtI8imV52 tAG7MxWzcNXRWYQXQCmfhMiOdGv8/wtH7k26rMiAAqM/ht8ilwjVU/kNl7N297YQ l+NZHm1DL7MXnjrytM9zieqWdkxp7iXHaMkKfrVAQ1/XN+bxRAzgLNf3Jcv2lZCW dhUgjONVvM42FwQVuykhZFRUR+HMe4GTVHXsATOIkUsQc+VdyvLC3EvUgUrTif41 nb1OxQ8p+cL3bDYAwVdSfvkn2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIs3Cz2T ATFkXlDNrA/oYdKpJ9kvMB8GA1UdIwQYMBaAFDV0eQ2N+Cs7VR47cCVxuvVanplh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi82QjVEMkE3Qzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6dFZIanR3SlhHNjlWcWVt V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1XRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6 dFZIanR3SlhHNjlWcWVtV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6KPSA7+qRhMeX3uvKWiOvR355bn+jJrPt5p9iGjqTlQvwiAEx7rTC ZdequR3Uszg58IaTXbdYJ6ECMDfkEWO0voXceJZ/a2gEp2ioCOWW976WwxsCG/uj LrUjnfQZUqX0RwuF+vnovtHgvYbBD6JazgoGpL3bJ5rwX1OzHJNmpTRIZtYh3nq3 bhJxa0zn26iJtE+qL9IcFPAYcERJuZqNdQSeR2Eo/Zca3mLa9Q/cCoOqWa7iEea/ oPF912k6QSRn+OoRv8q25Jfe0AVBk2/EcMwU08Icn73L225R9ZixtUOuO9tzpFBA lmTWc9sU8xCO0O6GPMgI5zoeEMlSm2BH -----END CERTIFICATE-----Generated at Sat Apr 26 12:19:59 2025 by rpki-client