$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: 6/8VP1URfU8DDlOIaCALq84iHtuSRFuUouZGdcCBsoY= Subject key identifier: B6:A4:8E:25:17:F3:C3:51:F5:0D:0D:EF:90:82:3C:EF:D5:63:3F:70 Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 023E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 023B Signing time: Fri 13 Jun 2025 01:22:56 +0000 Manifest this update: Fri 13 Jun 2025 01:22:55 +0000 Manifest next update: Fri 20 Jun 2025 01:22:55 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: NyMPpWYhDPvcRY4PX5UdSZ3FnOmem0Utxx1nWGmu7+g=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: Tnx2Z5nAikiyTdOaTCX/ncL6S79XtcR6l/WD0Ni24yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 01:22:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 574 (0x23e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Jun 13 01:22:55 2025 GMT Not After : Jun 20 01:22:55 2025 GMT Subject: CN=684b7d6f-02a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e4:8e:37:30:64:c5:41:fd:9e:d6:02:56:9e: fe:bc:01:ed:f1:22:40:d5:b3:d4:51:68:5b:7f:ea: 94:19:12:0c:4f:cf:c6:03:10:ca:c9:6b:fb:b8:ff: 56:3b:f4:12:e0:be:0e:cb:bb:7d:4b:e8:dd:d3:a7: 51:be:1c:66:7b:09:6a:52:27:4d:4c:9c:e4:65:cc: b4:13:dd:5c:ce:bb:57:4c:44:bb:d6:d6:90:9f:ab: 2d:e0:6f:a5:44:4e:8f:f1:a3:ce:9c:e7:e3:c0:31: 6e:bc:1d:93:94:5b:08:bf:33:60:ab:63:f3:a5:5d: dd:6a:a8:94:8e:cb:7e:87:31:a2:72:55:4a:38:6c: 92:52:57:21:cc:ea:a3:a6:ee:4e:93:de:aa:af:83: 12:c8:41:ee:39:bc:93:1b:20:a1:6d:bc:bf:60:63: 8d:27:2b:21:e4:af:29:e1:2f:ca:39:cb:0d:4e:dc: 2b:4f:44:a2:b7:5f:d2:da:26:08:57:ba:0d:b4:ce: ef:63:e7:85:f7:c3:5c:cb:cf:14:ab:7b:d0:8f:36: 9b:58:7b:02:ff:c1:7a:31:1c:0e:05:cf:0f:d9:14: e0:5c:e0:6d:d7:1f:cc:35:a1:8d:ec:cc:f9:53:d7: 25:c7:b8:9c:7e:bb:b5:8a:34:d0:f3:46:a3:fb:5b: 9d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:A4:8E:25:17:F3:C3:51:F5:0D:0D:EF:90:82:3C:EF:D5:63:3F:70 X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:86:4b:75:92:f1:04:0f:58:77:de:ce:f2:00:26:2f:e2:1e: f9:a0:f5:a7:42:72:4c:e4:73:48:ba:ce:e0:02:ac:e4:be:c9: d7:65:66:9f:c4:8c:0c:88:20:bc:23:08:63:a0:1b:83:81:58: 19:07:4c:43:c4:5f:71:ce:f5:e5:00:ef:0e:5f:19:a4:8e:d8: bc:fb:04:bb:76:6c:f3:33:94:51:85:00:f0:6e:38:7c:31:9a: 08:69:0a:73:13:da:d2:d1:5c:89:44:17:f3:4d:ec:21:82:59: 21:14:8d:e3:40:ff:37:1f:8a:91:1e:e4:89:28:fd:12:ab:ad: 8d:bc:9d:21:84:ea:82:1e:24:fc:a6:cb:92:cf:cd:38:82:15: 98:fe:8d:31:70:b0:53:5c:00:0f:48:8b:3f:73:1c:e2:f0:86: b4:28:86:7c:61:02:41:ba:e1:01:68:ae:b8:b6:34:ea:11:6f: d4:c9:dd:01:34:fa:2f:e2:5f:a3:95:5b:9f:4a:61:57:07:51: fd:55:42:01:a4:cb:4f:ed:d8:af:26:24:b2:48:dd:44:d8:6a: 09:c4:4e:82:05:dc:13:69:00:2f:56:9d:c0:26:31:e8:ca:d2: fa:dc:c4:64:50:f8:16:37:5e:69:80:d7:a4:f4:99:a0:74:0a: 84:0d:3e:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAj4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUwNjEzMDEyMjU1WhcNMjUwNjIwMDEyMjU1WjAYMRYwFAYD VQQDEw02ODRiN2Q2Zi0wMmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAseSONzBkxUH9ntYCVp7+vAHt8SJA1bPUUWhbf+qUGRIMT8/GAxDKyWv7uP9W O/QS4L4Oy7t9S+jd06dRvhxmewlqUidNTJzkZcy0E91czrtXTES71taQn6st4G+l RE6P8aPOnOfjwDFuvB2TlFsIvzNgq2PzpV3daqiUjst+hzGiclVKOGySUlchzOqj pu5Ok96qr4MSyEHuObyTGyChbby/YGONJysh5K8p4S/KOcsNTtwrT0Sit1/S2iYI V7oNtM7vY+eF98Ncy88Uq3vQjzabWHsC/8F6MRwOBc8P2RTgXOBt1x/MNaGN7Mz5 U9clx7icfru1ijTQ80aj+1udXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLakjiUX 88NR9Q0N75CCPO/VYz9wMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA5hkt1kvEED1h33s7yACYv4h75oPWnQnJM5HNIus7gAqzkvsnXZWaf xIwMiCC8IwhjoBuDgVgZB0xDxF9xzvXlAO8OXxmkjti8+wS7dmzzM5RRhQDwbjh8 MZoIaQpzE9rS0VyJRBfzTewhglkhFI3jQP83H4qRHuSJKP0Sq62NvJ0hhOqCHiT8 psuSz804ghWY/o0xcLBTXAAPSIs/cxzi8Ia0KIZ8YQJBuuEBaK64tjTqEW/Uyd0B NPov4l+jlVufSmFXB1H9VUIBpMtP7divJiSySN1E2GoJxE6CBdwTaQAvVp3AJjHo ytL63MRkUPgWN15pgNek9JmgdAqEDT7D -----END CERTIFICATE-----Generated at Sat Jun 14 19:20:58 2025 by rpki-client