$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: KKfQ8sVEaJldbXE2QAFt3w9DtbtWX1JHgF9fsy2KnY4= Subject key identifier: 9A:E6:2F:09:DA:67:A5:8C:E0:2C:0B:85:23:55:F6:19:0D:82:B8:3E Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 015F Signing time: Fri 25 Apr 2025 03:10:02 +0000 Manifest this update: Fri 25 Apr 2025 03:10:01 +0000 Manifest next update: Fri 02 May 2025 03:10:01 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: xrxNIQrYyyUAkhmz0SoiF+FKoCCIc79/wZaygMaZc/o=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: 4YQPxlb6PsWiAtpK43YsiLFyCkQjvUYNK7OStoBKN5I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:10:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: Apr 25 03:10:01 2025 GMT Not After : May 2 03:10:01 2025 GMT Subject: CN=680afd0a-6347 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:25:57:4c:cb:53:d7:52:82:3c:32:bf:20:88: 40:3a:85:1f:aa:4a:27:0b:50:95:14:f1:ff:59:c7: 37:e0:b5:81:3d:02:65:65:77:cd:79:09:a6:43:9b: eb:a3:a1:ff:02:4d:9f:c9:8f:19:f1:a6:91:df:52: 22:6a:92:b6:0a:5f:9e:0b:27:32:e9:12:38:69:37: 15:52:80:ce:d9:23:33:75:a2:f5:3c:fe:91:6e:18: 4a:dc:e0:50:8c:cc:39:0e:39:9b:a2:3b:12:a4:18: 67:da:50:01:f5:23:ce:73:84:4a:f2:4f:0a:a3:53: e2:8b:67:e2:f0:d6:ed:20:c2:71:3a:6e:82:d0:da: 8d:0b:df:85:61:ff:66:5d:22:22:89:ac:fb:6d:b7: 7d:ab:0f:0b:93:49:84:bb:5f:6d:33:20:9f:22:ab: 76:78:63:db:cb:14:2b:6d:8c:5c:5f:19:97:61:f4: 98:93:ba:19:99:78:0a:0f:6b:d7:06:bc:4f:68:ec: a1:c7:2b:c4:87:b5:fb:e4:78:2e:88:9c:b6:00:95: 0c:4e:3e:f8:b3:29:7e:6c:f4:cc:d5:69:85:cb:fd: c4:f3:02:52:82:bb:fa:be:fc:45:98:b6:71:93:84: c7:5e:24:f6:a1:06:79:94:a0:9d:bd:5b:79:12:33: 6c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:E6:2F:09:DA:67:A5:8C:E0:2C:0B:85:23:55:F6:19:0D:82:B8:3E X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:f0:75:58:6c:57:36:e5:73:95:fd:7a:bd:0b:e3:e8:83:d7: 1f:ec:5c:9f:22:dd:69:00:95:b3:95:62:7c:f8:49:89:e1:54: 66:2e:ac:ad:2d:0c:f7:fd:82:7e:7b:85:30:5c:56:e6:a3:ac: 41:27:9d:4b:d4:d2:13:ca:54:5c:66:0e:6a:9d:d4:47:18:35: 38:57:1d:f0:09:a0:8d:3f:ca:7a:39:e0:5a:50:80:dc:74:1b: ac:14:3c:d5:a8:e3:f1:e3:00:e0:ec:80:2c:23:6d:ba:48:9b: c8:23:b3:38:42:f7:ea:52:8c:69:68:8e:4a:01:e8:31:af:78: 2b:8f:ba:35:ca:20:e8:98:2e:3c:26:0b:8d:c1:a0:64:04:19: 93:f5:eb:6f:96:69:0b:72:01:f0:95:cf:91:1d:ba:31:33:27: ce:99:3c:72:48:2a:2a:76:27:f3:b6:f2:7f:19:cf:45:1f:e9: 22:e4:6a:38:95:0d:96:17:03:80:12:91:d9:60:0b:d4:c3:90: 96:da:ec:89:af:fc:78:e9:c4:4b:4e:5c:80:dc:fe:d9:11:35: dc:16:44:ef:a4:88:5e:23:b8:28:67:1c:ec:eb:05:28:a2:99: dd:f4:31:19:d6:18:dc:0c:29:b0:53:96:e3:89:27:2e:ce:e9: e9:58:44:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUwNDI1MDMxMDAxWhcNMjUwNTAyMDMxMDAxWjAYMRYwFAYD VQQDEw02ODBhZmQwYS02MzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsyVXTMtT11KCPDK/IIhAOoUfqkonC1CVFPH/Wcc34LWBPQJlZXfNeQmmQ5vr o6H/Ak2fyY8Z8aaR31IiapK2Cl+eCycy6RI4aTcVUoDO2SMzdaL1PP6RbhhK3OBQ jMw5DjmbojsSpBhn2lAB9SPOc4RK8k8Ko1Pii2fi8NbtIMJxOm6C0NqNC9+FYf9m XSIiiaz7bbd9qw8Lk0mEu19tMyCfIqt2eGPbyxQrbYxcXxmXYfSYk7oZmXgKD2vX BrxPaOyhxyvEh7X75HguiJy2AJUMTj74syl+bPTM1WmFy/3E8wJSgrv6vvxFmLZx k4THXiT2oQZ5lKCdvVt5EjNswwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJrmLwna Z6WM4CwLhSNV9hkNgrg+MB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB18HVYbFc25XOV/Xq9C+Pog9cf7FyfIt1pAJWzlWJ8+EmJ4VRmLqyt LQz3/YJ+e4UwXFbmo6xBJ51L1NITylRcZg5qndRHGDU4Vx3wCaCNP8p6OeBaUIDc dBusFDzVqOPx4wDg7IAsI226SJvII7M4QvfqUoxpaI5KAegxr3grj7o1yiDomC48 JguNwaBkBBmT9etvlmkLcgHwlc+RHboxMyfOmTxySCoqdifztvJ/Gc9FH+ki5Go4 lQ2WFwOAEpHZYAvUw5CW2uyJr/x46cRLTlyA3P7ZETXcFkTvpIheI7goZxzs6wUo opnd9DEZ1hjcDCmwU5bjiScuzunpWETv -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:53 2025 by rpki-client