$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: kRyaJAESPn1NvMd7lRUKlCUUCTzU1QfkyVvwe90legc= Subject key identifier: 75:BB:17:66:F7:44:6B:83:FA:28:EC:6E:A2:E4:7C:F6:94:DE:6E:80 Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 0226 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 0223 Signing time: Fri 25 Apr 2025 01:43:36 +0000 Manifest this update: Fri 25 Apr 2025 01:43:36 +0000 Manifest next update: Fri 02 May 2025 01:43:36 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: SOdhpdVU3njXQd26kS4sks/ProAMy7agh7KqI366lRU=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: Tnx2Z5nAikiyTdOaTCX/ncL6S79XtcR6l/WD0Ni24yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:43:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 550 (0x226) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Apr 25 01:43:36 2025 GMT Not After : May 2 01:43:36 2025 GMT Subject: CN=680ae8c8-f270 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0c:80:10:b7:77:da:89:40:23:3d:bc:5f:3a: ab:08:de:2b:32:e8:0b:ab:9d:26:c7:81:6a:1b:c5: b0:b3:79:a7:df:68:82:f0:80:ca:cf:20:b2:e3:87: 95:f2:00:32:61:34:14:69:0f:a6:e0:77:d4:a9:d5: 8d:30:c1:5e:f1:89:4c:56:7a:36:dd:5c:50:6c:c6: 17:6a:dc:44:5a:5c:b4:5c:96:34:a4:8a:dc:e0:7a: ae:4a:95:d6:0a:7a:05:b8:fd:da:52:ed:29:64:4e: 8d:50:fa:78:6c:52:4a:a8:63:1b:e6:b5:6d:24:ef: fa:1c:8d:0a:b9:56:b8:62:a5:08:91:f0:d6:fc:d8: d3:79:93:dd:41:6f:12:09:64:af:1b:06:d0:ec:e0: 12:14:ee:98:d8:e3:78:7a:df:41:35:0b:f8:f1:fb: 42:03:b8:f0:67:47:33:2d:e1:65:b4:2c:a7:24:60: da:1f:40:0a:f0:b1:a9:68:b6:d0:ac:20:d6:40:69: d9:f4:03:69:bd:67:7e:bc:f4:0d:e5:c5:fc:7a:fb: e5:ca:71:16:fd:d0:bf:fc:89:bf:d6:de:b4:6c:52: ff:b7:74:89:ae:5f:c1:98:06:be:4b:42:4e:a3:ae: c7:eb:0e:84:dc:57:bd:25:2b:5a:d4:1e:b5:12:68: d2:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:BB:17:66:F7:44:6B:83:FA:28:EC:6E:A2:E4:7C:F6:94:DE:6E:80 X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:b7:f3:9f:e6:49:77:a6:6a:c8:41:62:cf:0c:85:15:ea:6e: 0b:ea:1b:08:f3:82:bc:21:f6:cd:a7:af:33:47:27:2f:1d:24: 7a:ff:93:56:e1:ea:e2:c4:c7:ab:cb:9b:9f:08:d9:38:71:c3: 97:89:89:a9:24:72:6e:95:dd:a0:78:1d:13:35:73:84:f9:27: ae:7f:d2:59:23:66:09:c2:98:a2:02:c3:cc:39:38:0f:43:82: 36:47:24:e5:f2:8a:44:e1:25:64:b7:6c:b0:f8:9e:43:37:5c: 91:54:c8:1f:41:f4:11:28:a6:ff:9a:39:85:5b:bb:a0:3d:ce: 2c:99:bf:b9:b0:17:5d:cf:78:ca:00:74:6f:f9:61:cc:99:85: fb:98:fc:fc:45:fb:fc:9a:c3:85:25:86:19:9f:1d:1d:17:c0: a4:f3:28:9a:44:cb:5f:8b:0c:18:b4:1c:d3:83:60:5e:a5:38: 24:c0:0b:b5:64:e1:d6:20:16:b7:73:01:b9:52:17:ca:ed:e2: 1b:e9:31:d1:e9:c2:42:29:4f:9f:51:38:dd:2c:5f:8a:5f:dc: fc:19:75:a3:f9:f0:17:65:a0:60:8c:fc:3a:18:26:2a:28:95: 3b:ff:a1:3f:42:e6:64:73:03:01:ff:7e:b7:0c:ec:cc:29:c8: e8:95:e3:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUwNDI1MDE0MzM2WhcNMjUwNTAyMDE0MzM2WjAYMRYwFAYD VQQDEw02ODBhZThjOC1mMjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuAyAELd32olAIz28XzqrCN4rMugLq50mx4FqG8Wws3mn32iC8IDKzyCy44eV 8gAyYTQUaQ+m4HfUqdWNMMFe8YlMVno23VxQbMYXatxEWly0XJY0pIrc4HquSpXW CnoFuP3aUu0pZE6NUPp4bFJKqGMb5rVtJO/6HI0KuVa4YqUIkfDW/NjTeZPdQW8S CWSvGwbQ7OASFO6Y2ON4et9BNQv48ftCA7jwZ0czLeFltCynJGDaH0AK8LGpaLbQ rCDWQGnZ9ANpvWd+vPQN5cX8evvlynEW/dC//Im/1t60bFL/t3SJrl/BmAa+S0JO o67H6w6E3Fe9JSta1B61EmjSSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHW7F2b3 RGuD+ijsbqLkfPaU3m6AMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLt/Of5kl3pmrIQWLPDIUV6m4L6hsI84K8IfbNp68zRycvHSR6/5NW 4erixMery5ufCNk4ccOXiYmpJHJuld2geB0TNXOE+Seuf9JZI2YJwpiiAsPMOTgP Q4I2RyTl8opE4SVkt2yw+J5DN1yRVMgfQfQRKKb/mjmFW7ugPc4smb+5sBddz3jK AHRv+WHMmYX7mPz8Rfv8msOFJYYZnx0dF8Ck8yiaRMtfiwwYtBzTg2BepTgkwAu1 ZOHWIBa3cwG5UhfK7eIb6THR6cJCKU+fUTjdLF+KX9z8GXWj+fAXZaBgjPw6GCYq KJU7/6E/QuZkcwMB/363DOzMKcjoleNp -----END CERTIFICATE-----Generated at Sat Apr 26 12:34:02 2025 by rpki-client