$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft File: NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft (raw, json) Hash identifier: /12d31PdOuSCfboQwK+ICQ513yzdKrxzWkAeKHry8+M= Subject key identifier: 9C:42:A3:1B:AF:AA:D8:B4:EE:57:71:7B:B5:D4:40:71:E0:21:F6:E8 Authority key identifier: 34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD Certificate issuer: /CN=A91E8F36/serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Certificate serial: 01C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft Manifest number: 01C0 Signing time: Fri 25 Apr 2025 02:16:00 +0000 Manifest this update: Fri 25 Apr 2025 02:15:59 +0000 Manifest next update: Fri 02 May 2025 02:15:59 +0000 Files and hashes: 1: NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl (hash: e2D0mV1KvTtdCpedH3QrvoKCvFs9/QVOXFx60gubiyg=) 2: AC270A727D0711ED8181DA7FC4F9AE02.roa (hash: iIeWWLVIFJDjrG1ibZP/xl+WAjIK44IJWqOkBlQGCcU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:15:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 455 (0x1c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8F36, serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Validity Not Before: Apr 25 02:15:59 2025 GMT Not After : May 2 02:15:59 2025 GMT Subject: CN=680af05f-e963 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:da:e0:02:f5:13:6a:5a:b5:fc:db:81:ca:70: 97:67:b8:e3:be:c5:03:77:e2:04:4a:39:ef:b3:8a: 5e:ed:dc:b8:e0:45:4d:53:e1:8a:98:41:45:b4:7a: 4d:b2:39:57:c5:0b:8b:90:9e:eb:03:f7:aa:e4:b6: 6d:83:9c:ca:50:a1:52:60:1b:33:cf:c8:1e:f4:ce: 0b:db:65:2c:32:cb:1f:33:72:d8:4e:f0:75:f2:87: 8e:8a:41:3b:be:83:aa:83:db:e1:85:21:0c:80:b0: 29:ca:f8:30:ad:cf:ee:bf:25:8b:33:03:1f:ec:2d: 70:97:5d:00:c1:2d:d9:2c:69:d9:90:77:02:0d:30: 61:f6:30:23:03:8b:af:b6:4e:e5:9c:fa:d7:fc:fc: 15:2a:8e:ed:90:c7:ff:8e:de:fc:fe:fc:b2:fe:84: 9d:8d:7f:ee:66:f8:02:6b:cb:eb:46:08:ea:85:6f: cd:b1:c2:fb:b8:79:f3:ae:0f:f0:91:57:b5:c5:4c: 3d:b1:20:69:cb:85:ba:af:f7:41:b3:00:fa:aa:1a: c3:f4:92:7f:a4:c3:8c:08:57:d3:59:2c:66:f2:b2: 15:3e:cf:48:fd:06:39:6a:2a:6a:d9:ae:31:56:ef: 7f:06:79:4e:2f:8c:a2:dc:e7:22:41:6e:91:b6:96: 33:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:42:A3:1B:AF:AA:D8:B4:EE:57:71:7B:B5:D4:40:71:E0:21:F6:E8 X509v3 Authority Key Identifier: keyid:34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:c2:eb:ea:b6:7a:0f:25:92:3d:ce:05:1e:f3:c1:bf:d4:9c: fe:3e:b8:47:27:e2:82:33:5c:c6:d9:04:f7:82:81:4f:fe:79: ea:29:19:9d:73:d4:9c:02:de:9f:01:1b:dc:0c:69:57:7a:c2: 00:e8:f2:67:60:38:30:5b:5a:25:82:8c:c1:18:6f:b2:ee:a0: a3:56:6a:6b:57:cc:5f:78:74:ca:8b:68:39:d6:5e:7c:6a:99: e4:db:f5:66:a8:9c:bc:74:dc:81:ab:85:a4:59:a7:22:e2:d7: 3f:70:8f:8e:bf:a8:da:4c:eb:f9:a2:9c:3d:a0:a4:94:52:d5: 18:e8:75:05:9f:c4:42:b4:2b:12:9a:75:80:9b:f0:27:a9:fb: 14:53:65:99:73:c8:96:3d:61:b7:9c:e6:68:cd:37:ca:38:0a: 51:8a:74:90:8f:f8:3a:3a:57:ee:ab:01:9f:57:79:60:3e:2d: 20:c3:b6:57:d2:a7:55:c2:83:0f:c2:87:e5:c0:89:34:ff:15: b0:5e:a9:97:92:dc:15:e3:64:45:e7:b4:0c:1c:e7:3b:b6:f6: e4:2d:5d:6f:1e:30:89:14:ae:09:56:ba:4e:6b:85:29:c5:eb: 55:0d:71:98:48:5e:db:ef:47:96:67:3f:26:d8:22:63:c3:70: c6:08:4b:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThGMzYxMTAvBgNVBAUTKDM0RDdENkQ0NDFDMzJEN0M4NzE0MkU5RkU1QzdFQkM0 RjQ3OUIwQ0QwHhcNMjUwNDI1MDIxNTU5WhcNMjUwNTAyMDIxNTU5WjAYMRYwFAYD VQQDEw02ODBhZjA1Zi1lOTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0trgAvUTalq1/NuBynCXZ7jjvsUDd+IESjnvs4pe7dy44EVNU+GKmEFFtHpN sjlXxQuLkJ7rA/eq5LZtg5zKUKFSYBszz8ge9M4L22UsMssfM3LYTvB18oeOikE7 voOqg9vhhSEMgLApyvgwrc/uvyWLMwMf7C1wl10AwS3ZLGnZkHcCDTBh9jAjA4uv tk7lnPrX/PwVKo7tkMf/jt78/vyy/oSdjX/uZvgCa8vrRgjqhW/NscL7uHnzrg/w kVe1xUw9sSBpy4W6r/dBswD6qhrD9JJ/pMOMCFfTWSxm8rIVPs9I/QY5aipq2a4x Vu9/BnlOL4yi3OciQW6RtpYzYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJxCoxuv qti07ldxe7XUQHHgIfboMB8GA1UdIwQYMBaAFDTX1tRBwy18hxQun+XH68T0ebDN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEYzNi8yNDlGNDE0NjdE MDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExYeUhGQzZmNWNmcnhQUjVz TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OZlcxRUhETFh5SEZDNmY1Y2ZyeFBSNXNNMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEYzNi8yNDlGNDE0NjdEMDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExY eUhGQzZmNWNmcnhQUjVzTTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDAwuvqtnoPJZI9zgUe88G/1Jz+PrhHJ+KCM1zG2QT3goFP/nnqKRmd c9ScAt6fARvcDGlXesIA6PJnYDgwW1olgozBGG+y7qCjVmprV8xfeHTKi2g51l58 apnk2/VmqJy8dNyBq4WkWaci4tc/cI+Ov6jaTOv5opw9oKSUUtUY6HUFn8RCtCsS mnWAm/AnqfsUU2WZc8iWPWG3nOZozTfKOApRinSQj/g6OlfuqwGfV3lgPi0gw7ZX 0qdVwoMPwoflwIk0/xWwXqmXktwV42RF57QMHOc7tvbkLV1vHjCJFK4JVrpOa4Up xetVDXGYSF7b70eWZz8m2CJjw3DGCEsq -----END CERTIFICATE-----Generated at Sat Apr 26 16:40:39 2025 by rpki-client