$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: 6QOqgPd23RsRRw4cXBKBrN8UOocnboNQHxDnGhM3t7Y= Subject key identifier: D4:5C:FE:D6:16:56:0A:09:96:EE:E1:0C:AA:6A:6F:9C:A2:45:61:8C Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 0893 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 088D Signing time: Fri 08 Aug 2025 21:02:08 +0000 Manifest this update: Fri 08 Aug 2025 21:02:08 +0000 Manifest next update: Fri 15 Aug 2025 21:02:08 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: 4t/XpwAHgGLuye7jCZVFqQOntV+UQvm1J8f2feOl5zQ=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: iVH3rhTgtUSo/JF63FQElE1NqUIp2qYoI3iOuK+LB04=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2195 (0x893) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Aug 8 21:02:08 2025 GMT Not After : Aug 15 21:02:08 2025 GMT Subject: CN=689665d0-aa89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:cc:96:7a:97:18:4e:72:36:a9:94:4a:11:1b: 73:f1:96:2d:2e:19:a0:69:5b:19:5f:86:32:ee:b7: 3c:20:04:62:ae:6f:8d:4d:3e:2e:38:12:dd:20:94: c6:96:10:94:22:58:65:c9:48:42:64:47:f5:bb:7c: 3b:ad:8d:c1:70:f9:2e:ac:d7:1a:71:ae:ce:08:23: 88:74:b5:2b:8e:e7:85:90:6c:60:52:b0:de:02:5f: c5:16:bb:19:6a:89:c5:40:f7:41:03:82:9c:f9:5d: e8:26:e4:25:d7:7b:3e:05:0a:82:ef:cd:a2:46:67: 07:8b:08:a5:a2:47:de:5a:af:40:93:f8:c9:c1:2d: ba:74:e9:ef:f1:69:3b:57:f8:8e:2e:83:93:86:35: f6:2e:ab:b1:8c:ec:f4:2a:23:0b:89:b9:61:7f:18: 29:48:76:24:1e:ca:db:94:72:23:b9:b8:d6:ea:b0: 49:05:0e:0e:ae:3c:43:23:dd:93:80:57:49:00:15: a6:f4:04:7a:aa:a3:2b:bc:64:a3:48:fd:38:94:d1: eb:ba:08:02:6c:b8:17:36:03:0b:a3:a6:49:d0:a6: 95:c5:d8:59:27:56:d4:d4:05:c0:dc:ff:0b:8e:79: 4f:3c:6b:4a:e9:13:a4:10:d7:81:1f:56:43:79:42: e3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:5C:FE:D6:16:56:0A:09:96:EE:E1:0C:AA:6A:6F:9C:A2:45:61:8C X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:3c:19:fc:ca:b4:58:e4:51:ce:3e:d5:d9:f9:dc:95:17:ca: 2d:73:4b:6b:12:e8:bf:fc:0a:9f:bc:b0:dc:d8:da:3c:a2:07: d5:5d:33:63:aa:dd:1f:9f:69:d4:11:e0:38:58:2d:71:6d:d5: 71:70:21:2d:2a:d7:a2:f4:aa:2a:70:58:b4:cb:3b:4e:8c:c7: fe:d5:2e:fa:c7:70:49:2b:17:9a:85:c0:ff:9e:f3:1e:1c:7a: c9:85:03:77:b9:28:07:2d:3d:71:85:b1:99:92:2a:9f:35:a5: 7f:8a:d5:29:a0:46:cd:53:51:41:3f:a3:14:16:be:3f:12:67: 71:52:c5:dc:6e:61:d0:46:05:fd:7c:90:2e:9a:bc:4c:51:df: e8:6c:6e:2e:58:e4:06:af:87:24:44:81:52:ea:11:c9:f5:81: 43:46:ae:5e:c4:e4:05:90:f5:b6:67:aa:a2:f2:71:33:f5:92: 22:ee:31:30:69:39:eb:da:46:e4:d9:e4:cf:d7:05:84:1f:3d: b8:9e:e6:a7:ae:65:ac:f6:5f:ec:37:22:b5:7a:f5:5a:4b:c7: b6:bf:76:79:61:ef:30:c2:00:69:77:73:40:72:33:5d:4e:78: 66:79:c0:03:ff:64:aa:b8:8e:5f:46:d3:e1:7e:89:c3:68:7e: 2f:8e:de:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUwODA4MjEwMjA4WhcNMjUwODE1MjEwMjA4WjAYMRYwFAYD VQQDEw02ODk2NjVkMC1hYTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx8yWepcYTnI2qZRKERtz8ZYtLhmgaVsZX4Yy7rc8IARirm+NTT4uOBLdIJTG lhCUIlhlyUhCZEf1u3w7rY3BcPkurNcaca7OCCOIdLUrjueFkGxgUrDeAl/FFrsZ aonFQPdBA4Kc+V3oJuQl13s+BQqC782iRmcHiwilokfeWq9Ak/jJwS26dOnv8Wk7 V/iOLoOThjX2LquxjOz0KiMLiblhfxgpSHYkHsrblHIjubjW6rBJBQ4OrjxDI92T gFdJABWm9AR6qqMrvGSjSP04lNHruggCbLgXNgMLo6ZJ0KaVxdhZJ1bU1AXA3P8L jnlPPGtK6ROkENeBH1ZDeULjDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNRc/tYW VgoJlu7hDKpqb5yiRWGMMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJPBn8yrRY5FHOPtXZ+dyVF8otc0trEui//AqfvLDc2No8ogfVXTNj qt0fn2nUEeA4WC1xbdVxcCEtKtei9KoqcFi0yztOjMf+1S76x3BJKxeahcD/nvMe HHrJhQN3uSgHLT1xhbGZkiqfNaV/itUpoEbNU1FBP6MUFr4/EmdxUsXcbmHQRgX9 fJAumrxMUd/obG4uWOQGr4ckRIFS6hHJ9YFDRq5exOQFkPW2Z6qi8nEz9ZIi7jEw aTnr2kbk2eTP1wWEHz24nuanrmWs9l/sNyK1evVaS8e2v3Z5Ye8wwgBpd3NAcjNd TnhmecAD/2SquI5fRtPhfonDaH4vjt4G -----END CERTIFICATE-----Generated at Sat Aug 9 02:58:00 2025 by rpki-client