$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: nAzoDnIfaITC6r0frLkW31Bt2eP/lVI4wxLuOHaIEoU= Subject key identifier: 38:D6:67:FB:A2:2F:26:88:B4:7D:8A:7F:38:69:C5:01:76:B4:2B:27 Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 025F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 025B Signing time: Mon 11 Aug 2025 02:08:53 +0000 Manifest this update: Mon 11 Aug 2025 02:08:53 +0000 Manifest next update: Mon 18 Aug 2025 02:08:53 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: sVc/uy/MwayFWNyg1RUyu6vu6zHLk7SjUZb4knR/SBE=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: EUxX4jfQlcU/1uY0IOylmxYMPcoOQVgae213RHQG1Xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 18 Aug 2025 02:08:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 607 (0x25f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Aug 11 02:08:53 2025 GMT Not After : Aug 18 02:08:53 2025 GMT Subject: CN=689950b5-00a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:78:ed:2e:69:55:a4:5a:48:37:0c:e4:21:e1: 54:b7:2f:50:2a:fd:13:e3:87:76:59:51:3b:f2:18: 0d:9b:07:5b:1a:13:0b:a5:d8:1d:e2:dd:1c:c1:4d: 33:8c:88:63:73:62:35:ad:7c:7f:cb:95:d2:f2:67: 8b:9f:07:00:f3:65:a4:89:38:d8:7f:7c:e1:8f:99: 88:ca:04:e1:fe:c7:ab:3e:52:5f:d8:61:bd:23:07: 76:13:9b:e0:93:b8:88:94:13:a7:76:ba:8e:d9:78: fe:a5:23:a4:b0:b7:94:d8:fb:35:73:8d:c2:91:97: 55:35:4a:a2:93:c2:88:31:da:7d:00:8c:a0:85:75: ce:82:7f:23:43:c6:c7:fd:99:4c:10:3c:2e:a1:35: 2e:52:8a:5a:1e:e7:c7:34:26:5a:31:82:da:60:42: 1f:f4:6b:38:54:49:6e:0a:88:ea:81:5d:7e:95:3f: c1:c0:7b:3d:27:64:da:5e:6a:5c:b6:e0:bd:a2:28: cb:66:83:bd:ad:51:01:28:19:5c:2d:0e:9a:a8:0c: 3c:bd:95:9d:a7:bb:3f:f9:68:e8:d4:88:be:58:8f: 8f:83:3d:5b:c6:c7:64:0d:77:4f:dc:e1:2a:af:36: ff:7d:22:d2:52:27:f7:66:44:d3:38:0f:4d:be:ae: 2c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:D6:67:FB:A2:2F:26:88:B4:7D:8A:7F:38:69:C5:01:76:B4:2B:27 X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:b3:03:2c:1c:46:99:54:81:b0:dd:0e:13:4e:eb:ed:e9:69: f6:33:f4:1b:9f:03:6a:13:4d:d9:b0:b2:7a:82:87:f9:ef:31: 97:64:e0:2d:83:8e:dc:35:43:8f:c9:62:35:66:da:a3:39:d0: 29:56:09:cf:88:59:2c:2f:73:30:d9:b8:ee:3f:d7:17:82:1f: 4e:69:58:0f:d4:e9:38:76:4b:53:34:b1:97:ed:dc:8b:b4:ab: 3b:cc:fc:ec:4d:2f:00:90:65:85:af:3a:f0:1b:f7:5b:4e:52: cc:0c:1e:46:02:ba:62:1f:25:65:04:ba:49:db:7b:dd:f9:96: f7:1a:c1:5c:5d:35:e9:e7:e6:80:d0:e0:2b:9f:cb:69:96:f7: fe:e1:e2:a8:bd:d6:3d:a2:a5:b8:03:9c:3c:f2:8d:9f:83:f7: 4f:61:6c:48:89:d7:72:36:5f:39:b0:74:bc:fc:13:32:48:05: e9:f2:30:39:3b:22:ee:cf:84:e6:5e:c2:aa:2c:f4:24:de:88: 9d:20:ba:a6:97:b5:ea:7b:ca:66:0a:55:e0:24:aa:e6:a2:3f: b0:bf:6d:50:4d:66:b3:78:f3:b8:8c:1b:f5:2c:02:e1:c0:11: 41:72:a1:1e:79:cf:06:6f:af:98:2a:10:b9:e2:36:83:a3:dd: 77:7b:10:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUwODExMDIwODUzWhcNMjUwODE4MDIwODUzWjAYMRYwFAYD VQQDEw02ODk5NTBiNS0wMGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvnjtLmlVpFpINwzkIeFUty9QKv0T44d2WVE78hgNmwdbGhMLpdgd4t0cwU0z jIhjc2I1rXx/y5XS8meLnwcA82WkiTjYf3zhj5mIygTh/serPlJf2GG9Iwd2E5vg k7iIlBOndrqO2Xj+pSOksLeU2Ps1c43CkZdVNUqik8KIMdp9AIyghXXOgn8jQ8bH /ZlMEDwuoTUuUopaHufHNCZaMYLaYEIf9Gs4VEluCojqgV1+lT/BwHs9J2TaXmpc tuC9oijLZoO9rVEBKBlcLQ6aqAw8vZWdp7s/+Wjo1Ii+WI+Pgz1bxsdkDXdP3OEq rzb/fSLSUif3ZkTTOA9Nvq4shwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDjWZ/ui LyaItH2KfzhpxQF2tCsnMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGswMsHEaZVIGw3Q4TTuvt6Wn2M/QbnwNqE03ZsLJ6gof57zGXZOAt g47cNUOPyWI1ZtqjOdApVgnPiFksL3Mw2bjuP9cXgh9OaVgP1Ok4dktTNLGX7dyL tKs7zPzsTS8AkGWFrzrwG/dbTlLMDB5GArpiHyVlBLpJ23vd+Zb3GsFcXTXp5+aA 0OArn8tplvf+4eKovdY9oqW4A5w88o2fg/dPYWxIiddyNl85sHS8/BMySAXp8jA5 OyLuz4TmXsKqLPQk3oidILqml7Xqe8pmClXgJKrmoj+wv21QTWazePO4jBv1LALh wBFBcqEeec8Gb6+YKhC54jaDo913exAF -----END CERTIFICATE-----Generated at Wed Aug 13 00:27:41 2025 by rpki-client