$ rpki-client -vvf rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.mft File: nTQUKDsie49RLzBfKs20PN6eTRI.mft (raw, json) Hash identifier: I4mDP8R9PexuwUh/hPEFB/TWIr9IRylQa/BEC/eL91c= Subject key identifier: 6D:35:BA:93:5F:4D:CE:1D:35:D8:CB:AE:1C:0B:FB:21:9C:57:86:8B Authority key identifier: 9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12 Certificate issuer: /CN=A911ED2C/serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12 Certificate serial: 014D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.mft Manifest number: 0129 Signing time: Sun 11 May 2025 03:53:14 +0000 Manifest this update: Sun 11 May 2025 03:53:14 +0000 Manifest next update: Sun 18 May 2025 03:53:14 +0000 Files and hashes: 1: nTQUKDsie49RLzBfKs20PN6eTRI.crl (hash: ZBiBYbVsgFBtfdpXI9grHoTll1qmnwbnlmO4wXNY4LY=) 2: CA364B681A1711F0A1D93523C4F9AE02.roa (hash: H7vVzWCwUc4gHrSDyxvt/Abb/5bSd+LGYG3bv6YBZ6Q=) 3: C75B642268F211EFB7A6A06EC4F9AE02.roa (hash: kOYdujebZuJtzPQYq/KrU4LAvGLUwAviwH7iInIzQIw=) 4: 908E69B20D4311F0B83AB36BC4F9AE02.roa (hash: T3LJotaESWHFF09iX5g1WTlmIxWJcjLGAaC0q00LC9A=) 5: 551036FCF1CA11EFA1495230C4F9AE02.roa (hash: arzezzJwAi/t7BgHje9UcAsQE7JCDVVYoepFJmOQbF8=) 6: EDAA86E4AD6D11EE83DA6253C4F9AE02.roa (hash: lAFnFIzcRDVgDsSYcjZRPgQLtWezbOK+1/I57oP5hYQ=) 7: 3C880EBABEEF11EF9178186BC4F9AE02.roa (hash: iJAvuEQuZJZzuKlMozj/voZPn9Nd6pZK++lpcpudEMw=) 8: EC985F92AD6D11EE83DA6253C4F9AE02.roa (hash: w8uUD+FE/qLP77HxuP2e7CVi5lI4nhNhSCuDldSdTWM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:53:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 333 (0x14d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911ED2C, serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12 Validity Not Before: May 11 03:53:14 2025 GMT Not After : May 18 03:53:14 2025 GMT Subject: CN=68201f2a-ff1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:58:f3:ce:2d:36:0d:47:a7:20:45:5b:fb:12: 1f:64:cf:d0:6a:b6:63:2b:75:3e:72:00:9d:0d:0e: f4:2f:9b:2b:9d:f9:ae:89:b1:ce:28:a4:1b:d0:6d: 7a:18:17:e6:cb:81:f1:a1:29:ee:7f:f5:c2:b5:45: 26:56:8e:94:8e:78:8b:e1:0d:3a:17:09:d7:d5:21: 7e:be:e6:4f:ca:b6:d7:58:3d:24:ea:77:7c:e2:62: 57:f3:13:03:4e:92:5b:ea:0a:39:e1:96:cf:86:31: 0e:9e:e3:3f:6c:64:c0:0e:6a:db:d9:fd:0d:10:6b: 95:b2:ab:d3:51:a2:de:bb:28:dd:d9:fa:dd:7b:a3: cf:26:b5:65:2c:e0:da:49:9a:d1:e3:59:0e:a6:55: 0b:e8:ea:6d:28:4a:a9:c8:52:6a:85:44:39:63:d0: 9e:1d:57:11:b6:0f:84:2f:14:a5:c0:c5:c3:8c:16: 61:3f:fb:5e:75:5e:57:6f:e3:c6:24:9a:16:6d:7d: be:fe:e1:81:7a:e1:f1:4e:95:e5:9d:2b:df:b7:b2: a3:85:2d:74:1e:71:ce:1b:66:6e:79:fe:8d:f5:eb: 7a:f2:1a:55:50:d6:31:7a:86:34:7a:26:f0:aa:cb: 68:b7:5c:dc:65:4b:e3:6c:6d:cb:cf:f0:98:1c:38: eb:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:35:BA:93:5F:4D:CE:1D:35:D8:CB:AE:1C:0B:FB:21:9C:57:86:8B X509v3 Authority Key Identifier: keyid:9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:a9:d6:13:07:cb:59:3d:51:76:dd:c2:da:08:76:fe:61:84: eb:74:2e:59:f3:50:c2:02:7f:4f:74:ea:5c:f9:4a:c8:49:d5: a6:1a:6d:5e:e8:45:77:41:a7:b0:8f:8f:33:f4:84:b4:14:a6: 02:20:48:2f:9c:18:76:98:b0:d6:31:f4:cc:49:03:d9:5a:94: b6:e8:81:63:4b:77:97:25:cb:0b:49:61:31:c0:8b:df:04:d4: b3:2d:9a:ee:11:88:17:0a:1a:f4:82:6a:38:64:a1:d0:b8:16: b7:e2:1d:7c:68:5a:f5:32:b4:59:d0:69:0c:af:b8:46:0c:fc: af:dc:af:21:77:e0:12:c2:2f:d7:87:7c:de:30:21:0d:28:43: ff:00:27:11:94:d2:27:04:c2:f6:bb:72:a6:59:c5:a5:41:8f: 7f:5e:b4:e3:39:1c:7c:34:b9:78:e7:d3:69:ff:a5:4a:23:3d: c0:4e:1c:c2:68:8b:37:4f:0d:24:c2:a5:db:42:20:97:36:19: 65:66:12:5c:71:6c:5d:b1:68:e1:b2:a5:43:1a:01:74:95:e0: 96:8c:72:b2:0f:09:9a:3f:fc:f5:bb:7c:0d:b5:fe:55:aa:f7: 70:44:9d:9a:f9:a5:03:41:1c:0f:bb:32:17:95:b4:d6:2c:ff: 53:3f:98:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUVEMkMxMTAvBgNVBAUTKDlEMzQxNDI4M0IyMjdCOEY1MTJGMzA1RjJBQ0RCNDND REU5RTREMTIwHhcNMjUwNTExMDM1MzE0WhcNMjUwNTE4MDM1MzE0WjAYMRYwFAYD VQQDEw02ODIwMWYyYS1mZjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwljzzi02DUenIEVb+xIfZM/QarZjK3U+cgCdDQ70L5srnfmuibHOKKQb0G16 GBfmy4HxoSnuf/XCtUUmVo6UjniL4Q06FwnX1SF+vuZPyrbXWD0k6nd84mJX8xMD TpJb6go54ZbPhjEOnuM/bGTADmrb2f0NEGuVsqvTUaLeuyjd2frde6PPJrVlLODa SZrR41kOplUL6OptKEqpyFJqhUQ5Y9CeHVcRtg+ELxSlwMXDjBZhP/tedV5Xb+PG JJoWbX2+/uGBeuHxTpXlnSvft7KjhS10HnHOG2Zuef6N9et68hpVUNYxeoY0eibw qstot1zcZUvjbG3Lz/CYHDjrhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG01upNf Tc4dNdjLrhwL+yGcV4aLMB8GA1UdIwQYMBaAFJ00FCg7InuPUS8wXyrNtDzenk0S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUQyQy8wMDM3M0M2QzlC QkMxMUVFODUxQURENTBDNEY5QUUwMi9uVFFVS0RzaWU0OVJMekJmS3MyMFBONmVU UkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25UUVVLRHNpZTQ5Ukx6QmZLczIwUE42ZVRSSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RUQyQy8wMDM3M0M2QzlCQkMxMUVFODUxQURENTBDNEY5QUUwMi9uVFFVS0RzaWU0 OVJMekJmS3MyMFBONmVUUkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCyqdYTB8tZPVF23cLaCHb+YYTrdC5Z81DCAn9PdOpc+UrISdWmGm1e 6EV3Qaewj48z9IS0FKYCIEgvnBh2mLDWMfTMSQPZWpS26IFjS3eXJcsLSWExwIvf BNSzLZruEYgXChr0gmo4ZKHQuBa34h18aFr1MrRZ0GkMr7hGDPyv3K8hd+ASwi/X h3zeMCENKEP/ACcRlNInBML2u3KmWcWlQY9/XrTjORx8NLl459Np/6VKIz3AThzC aIs3Tw0kwqXbQiCXNhllZhJccWxdsWjhsqVDGgF0leCWjHKyDwmaP/z1u3wNtf5V qvdwRJ2a+aUDQRwPuzIXlbTWLP9TP5gz -----END CERTIFICATE-----Generated at Sun May 11 22:25:03 2025 by rpki-client