$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft File: nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft (raw, json) Hash identifier: jooKNgYgm7CGHiEbI41K86B4JT6qif8gqNyf3D4Hfwo= Subject key identifier: 75:86:CC:41:92:A8:B3:5B:88:56:AD:3B:31:4E:7E:81:74:39:43:7A Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32 Certificate issuer: /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32 Certificate serial: E0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft Manifest number: CA Signing time: Fri 25 Apr 2025 05:04:02 +0000 Manifest this update: Fri 25 Apr 2025 05:04:01 +0000 Manifest next update: Fri 02 May 2025 05:04:01 +0000 Files and hashes: 1: nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl (hash: 5eGli6X/6quJqDzpsSgjjoOONmnqMGK0c0cwEI5rL24=) 2: FF233C70E62111EFACA87766C4F9AE02.roa (hash: J5BMXPUW8m7K2bOF3471IMNvup3jPF22uZ9URvu627E=) 3: 77E54B78C45111EF9D399128C4F9AE02.roa (hash: kZrd3mAtaTduvChHj54cupYMhDS7pTsrXNeCRQqiQrc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:04:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 224 (0xe0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEAE0, serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32 Validity Not Before: Apr 25 05:04:01 2025 GMT Not After : May 2 05:04:01 2025 GMT Subject: CN=680b17c2-0283 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:80:94:21:32:65:4a:f9:cb:a0:c1:55:23:ee: 1e:9d:4e:88:e3:f0:c2:6c:f5:03:a2:af:46:ee:02: 54:79:42:bf:18:e1:aa:8e:f1:01:95:ff:b2:3d:d0: cd:a1:fd:7d:c3:4f:e0:94:7b:2c:34:97:e1:b7:6e: be:29:56:82:a7:6a:ce:8c:92:62:d2:84:0d:c0:ea: 24:dd:e6:bc:f7:ef:31:cf:af:a4:5c:62:a2:ca:27: c8:7e:9e:f7:91:a3:c5:41:e6:8b:cb:cb:65:31:58: ab:9f:8f:38:b3:4a:b2:2d:83:c4:0b:d2:f0:1f:50: 3c:a1:5e:e8:5a:3c:65:d4:5b:7f:ec:d7:c3:cd:3d: 08:72:5a:b4:28:2b:cc:8b:1e:e1:76:62:ff:c5:40: 1f:d6:dc:36:1e:da:13:aa:05:b5:a5:d0:c2:af:e7: f0:23:a6:d1:2f:7a:b3:53:15:5a:9b:20:9f:28:d7: d6:67:7c:86:53:09:02:ad:56:3d:55:38:9e:22:36: 0b:c6:aa:a2:a4:d1:6f:71:50:07:52:50:f0:69:be: 1b:92:35:9d:8f:b5:0a:e1:d5:c6:b0:da:76:4b:44: 71:8e:83:bb:b4:14:de:8d:d6:bb:9a:71:08:d5:42: 05:03:94:32:fc:02:9d:30:6a:53:d1:ae:0f:77:8c: cc:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:86:CC:41:92:A8:B3:5B:88:56:AD:3B:31:4E:7E:81:74:39:43:7A X509v3 Authority Key Identifier: keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:78:fd:23:53:e6:c6:34:04:7b:03:68:6c:2d:3d:a1:e3:87: 61:55:1e:6e:d6:8c:de:35:0d:d2:5b:5b:c8:74:a5:8b:5b:a6: 67:b9:b7:98:af:48:0f:5d:60:9d:06:70:fd:34:89:9d:40:bb: 10:af:2d:96:3b:eb:f1:98:09:49:0c:6a:8c:69:05:86:f9:d6: 57:dc:88:4e:15:15:cb:00:ee:f3:ef:d0:9e:da:c0:58:2b:08: 48:10:57:b2:e9:a0:05:34:c8:39:0c:3d:96:4b:d4:84:d3:b6: 19:63:ad:a1:c4:e5:fd:18:91:99:b1:7c:61:e2:3e:b8:05:87: 98:af:cc:43:85:91:dc:17:e0:e2:71:07:49:c0:d9:0f:e7:b1: 79:ef:a6:e9:ca:89:04:09:ca:05:79:b4:29:de:9f:c1:7c:32: 29:b1:17:b5:6c:04:26:6f:a4:bd:b0:8d:6a:8d:e4:58:a8:50: 26:31:ae:4d:c1:c1:0b:65:bb:8d:5f:d4:98:4b:8f:10:ff:80: 96:1f:41:08:1d:2f:82:35:be:c1:ae:6f:92:1f:8d:96:0d:b7: 99:99:29:e4:2d:27:5c:a3:3e:4a:84:30:39:57:13:72:85:78: 2e:f4:5d:c1:2b:b3:66:cc:30:8e:10:1d:2b:20:c8:41:29:c5: da:c3:3d:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBRTAxMTAvBgNVBAUTKDlERjRGRURGRjkyQTlFN0Y2RTAyQkZDMDU0QUQzMzk4 NTNEOUREMzIwHhcNMjUwNDI1MDUwNDAxWhcNMjUwNTAyMDUwNDAxWjAYMRYwFAYD VQQDEw02ODBiMTdjMi0wMjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl4CUITJlSvnLoMFVI+4enU6I4/DCbPUDoq9G7gJUeUK/GOGqjvEBlf+yPdDN of19w0/glHssNJfht26+KVaCp2rOjJJi0oQNwOok3ea89+8xz6+kXGKiyifIfp73 kaPFQeaLy8tlMVirn484s0qyLYPEC9LwH1A8oV7oWjxl1Ft/7NfDzT0Iclq0KCvM ix7hdmL/xUAf1tw2HtoTqgW1pdDCr+fwI6bRL3qzUxVamyCfKNfWZ3yGUwkCrVY9 VTieIjYLxqqipNFvcVAHUlDwab4bkjWdj7UK4dXGsNp2S0RxjoO7tBTejda7mnEI 1UIFA5Qy/AKdMGpT0a4Pd4zMuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHWGzEGS qLNbiFatOzFOfoF0OUN6MB8GA1UdIwQYMBaAFJ30/t/5Kp5/bgK/wFStM5hT2d0y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUFFMC9BRUY2Mzc2MDE5 NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9uZlQtM19rcW5uOXVBcl9BVkswem1GUFoz VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNUSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9uZlQtM19rcW5u OXVBcl9BVkswem1GUFozVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMeP0jU+bGNAR7A2hsLT2h44dhVR5u1ozeNQ3SW1vIdKWLW6ZnubeY r0gPXWCdBnD9NImdQLsQry2WO+vxmAlJDGqMaQWG+dZX3IhOFRXLAO7z79Ce2sBY KwhIEFey6aAFNMg5DD2WS9SE07YZY62hxOX9GJGZsXxh4j64BYeYr8xDhZHcF+Di cQdJwNkP57F576bpyokECcoFebQp3p/BfDIpsRe1bAQmb6S9sI1qjeRYqFAmMa5N wcELZbuNX9SYS48Q/4CWH0EIHS+CNb7Brm+SH42WDbeZmSnkLSdcoz5KhDA5VxNy hXgu9F3BK7NmzDCOEB0rIMhBKcXawz28 -----END CERTIFICATE-----Generated at Sat Apr 26 14:59:10 2025 by rpki-client