$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft File: nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft (raw, json) Hash identifier: 9ol7cxwf2fmHfLIDrLwwzyaNci+jXgsLnu718ihUfV0= Subject key identifier: E9:5D:16:94:85:59:C0:6D:0F:BD:68:F3:EE:E4:B6:15:E6:2F:20:1D Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32 Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32 Certificate serial: FA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft Manifest number: E4 Signing time: Tue 17 Jun 2025 04:41:27 +0000 Manifest this update: Tue 17 Jun 2025 04:41:27 +0000 Manifest next update: Tue 24 Jun 2025 04:41:27 +0000 Files and hashes: 1: nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl (hash: +mxRm5/+QFKeJGWi+kJg2aWJRXBUtSkVp3pu+45z4oY=) 2: FF233C70E62111EFACA87766C4F9AE02.roa (hash: J5BMXPUW8m7K2bOF3471IMNvup3jPF22uZ9URvu627E=) 3: 77E54B78C45111EF9D399128C4F9AE02.roa (hash: kZrd3mAtaTduvChHj54cupYMhDS7pTsrXNeCRQqiQrc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 04:41:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 250 (0xfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEAE0, serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32 Validity Not Before: Jun 17 04:41:27 2025 GMT Not After : Jun 24 04:41:27 2025 GMT Subject: CN=6850f1f7-9823 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:f9:d5:c9:9b:3c:2f:5c:69:39:7f:62:be:f3: d0:46:35:5a:25:63:01:21:68:01:ef:30:b6:f7:b3: f2:14:c0:6a:c5:25:12:05:e5:e9:fd:54:95:91:4b: c9:c8:54:a0:9d:d4:1e:df:76:95:18:21:2f:87:32: 23:4c:17:65:bc:79:ab:1b:f2:8b:36:52:a6:89:57: 7f:67:20:ad:94:75:60:c3:d3:1b:e2:c5:3e:da:7b: e3:92:5a:2e:3a:bb:7f:1e:b8:1a:0f:7c:83:44:3a: 4f:0c:46:14:95:5d:9c:02:9c:9b:51:fa:28:78:84: 6f:71:7a:c7:b6:68:92:c6:b4:e3:7d:5f:1d:cf:78: cf:ec:7b:7c:c1:de:d5:35:a8:06:b7:98:af:bf:73: 6c:df:f6:78:e6:1c:03:07:c8:28:6f:b3:a7:df:63: df:16:58:4a:c5:4e:c8:17:c5:f8:76:90:32:bd:83: a4:18:6b:7a:62:ae:ac:aa:a6:db:7c:ca:61:9a:ab: dc:3c:49:02:b4:fc:68:2a:f2:31:3c:ae:06:d7:0e: ec:5c:79:87:3d:19:2e:42:d7:28:20:69:8e:1a:3d: 0b:a2:58:50:20:9a:07:14:46:fa:f8:27:c0:09:28: 8f:7d:e0:15:d9:3f:df:78:e1:01:89:17:6c:05:34: 8c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:5D:16:94:85:59:C0:6D:0F:BD:68:F3:EE:E4:B6:15:E6:2F:20:1D X509v3 Authority Key Identifier: keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:14:a8:5f:b4:97:19:b2:b7:d5:4d:37:b6:ce:16:f4:5b:5f: dc:66:93:94:87:1c:34:94:47:e8:e7:95:cb:9b:de:c9:b7:63: b1:a2:49:99:21:5d:81:f1:5e:87:18:70:67:70:d7:bc:02:7c: 19:a0:ab:c8:78:b0:8f:86:50:12:e4:b9:f1:4d:b7:80:16:cc: 94:12:d1:cc:84:db:ba:9b:f6:15:94:a6:de:80:c5:52:19:7c: 50:78:4c:a1:2b:bd:68:d4:5c:32:cd:d4:a5:bc:e8:58:5c:b4: 8d:f2:b2:ab:75:20:be:0b:11:3c:72:19:c9:a4:a9:9c:6b:6e: a7:a5:fa:dc:55:7a:c8:c6:a4:0d:a0:e6:ed:02:bd:8d:54:b5: 66:fc:74:b1:27:55:62:c8:d5:3d:c9:ca:37:d7:47:0d:f1:24: 56:e8:f2:ff:c8:af:d2:fb:17:0d:91:0f:51:a7:6c:13:c0:85: d8:ab:be:45:cb:7e:fc:5d:6e:62:cd:18:5b:6a:1c:a5:01:43: a4:8b:e1:a9:33:55:3f:e8:b4:0d:c6:1d:42:9d:a5:3d:3d:ad: 17:bf:2a:e6:a0:d9:5a:ee:60:53:60:73:97:24:d2:d0:d4:60: 0b:c5:da:66:aa:b9:c0:df:18:cb:a1:c9:b2:ee:43:ca:7b:d4: 1b:d5:88:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBRTAxMTAvBgNVBAUTKDlERjRGRURGRjkyQTlFN0Y2RTAyQkZDMDU0QUQzMzk4 NTNEOUREMzIwHhcNMjUwNjE3MDQ0MTI3WhcNMjUwNjI0MDQ0MTI3WjAYMRYwFAYD VQQDEw02ODUwZjFmNy05ODIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2fnVyZs8L1xpOX9ivvPQRjVaJWMBIWgB7zC297PyFMBqxSUSBeXp/VSVkUvJ yFSgndQe33aVGCEvhzIjTBdlvHmrG/KLNlKmiVd/ZyCtlHVgw9Mb4sU+2nvjklou Ort/HrgaD3yDRDpPDEYUlV2cApybUfooeIRvcXrHtmiSxrTjfV8dz3jP7Ht8wd7V NagGt5ivv3Ns3/Z45hwDB8gob7On32PfFlhKxU7IF8X4dpAyvYOkGGt6Yq6sqqbb fMphmqvcPEkCtPxoKvIxPK4G1w7sXHmHPRkuQtcoIGmOGj0LolhQIJoHFEb6+CfA CSiPfeAV2T/feOEBiRdsBTSMNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOldFpSF WcBtD71o8+7kthXmLyAdMB8GA1UdIwQYMBaAFJ30/t/5Kp5/bgK/wFStM5hT2d0y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUFFMC9BRUY2Mzc2MDE5 NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9uZlQtM19rcW5uOXVBcl9BVkswem1GUFoz VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNUSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9uZlQtM19rcW5u OXVBcl9BVkswem1GUFozVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+FKhftJcZsrfVTTe2zhb0W1/cZpOUhxw0lEfo55XLm97Jt2OxokmZ IV2B8V6HGHBncNe8AnwZoKvIeLCPhlAS5LnxTbeAFsyUEtHMhNu6m/YVlKbegMVS GXxQeEyhK71o1FwyzdSlvOhYXLSN8rKrdSC+CxE8chnJpKmca26npfrcVXrIxqQN oObtAr2NVLVm/HSxJ1ViyNU9yco310cN8SRW6PL/yK/S+xcNkQ9Rp2wTwIXYq75F y378XW5izRhbahylAUOki+GpM1U/6LQNxh1CnaU9Pa0XvyrmoNla7mBTYHOXJNLQ 1GALxdpmqrnA3xjLocmy7kPKe9Qb1YjS -----END CERTIFICATE-----Generated at Wed Jun 18 23:04:13 2025 by rpki-client