$ rpki-client -vvf rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft File: NHTJTDbo-aDToNIuHdoQjNNAqyg.mft (raw, json) Hash identifier: +Lkk7OJgWLM269OluegXEu4becfdpVOvxr7zqDO7xP4= Subject key identifier: E1:EC:27:94:7F:7D:83:84:4C:CB:9B:93:3B:9F:39:6B:46:70:53:8F Authority key identifier: 34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28 Certificate issuer: /CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28 Certificate serial: 0F9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft Manifest number: 0F71 Signing time: Mon 12 May 2025 17:28:44 +0000 Manifest this update: Mon 12 May 2025 17:28:43 +0000 Manifest next update: Mon 19 May 2025 17:28:43 +0000 Files and hashes: 1: NHTJTDbo-aDToNIuHdoQjNNAqyg.crl (hash: Vwuhfjuzt9RF0X6ncCYZ4KgWtclecM/WZPB5AzBDOqY=) 2: B2B24A4221D711EB9CFAC46EC4F9AE02.roa (hash: WopX8EPUj9ND6qcXFWft9CyuoZSX2+UxPu40b2aj+pc=) 3: B3682FEC21D711EB9CFAC46EC4F9AE02.roa (hash: 77t9c6veUMOt4XPOFIwWe8FztnDBdg3DuRHonRmM4pA=) 4: A7BDC50C7A4811EBA907BB5BC4F9AE02.roa (hash: 0RWvLgLQMfYKcMt6aIpCTG3MXhhitrR5pPiP2zQ4NcY=) 5: B47C278021D711EB9CFAC46EC4F9AE02.roa (hash: kt6+dcMSnt8HtFoNHoxve7SwNMn6XsQ5fmhhFuEOZOM=) 6: 5E0253B6232111EB9896B783C4F9AE02.roa (hash: S7XAN9hoPkMQD1dwIo9UheEK0CbHpWptDyxJHPNt49g=) 7: 08CD1510027011EB98FEC44BC4F9AE02.roa (hash: KmlW5cxQJtlnajXFs7j5PHn6wJjQG7ZZKRzUGo5l5KM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3994 (0xf9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131690, serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28 Validity Not Before: May 12 17:28:43 2025 GMT Not After : May 19 17:28:43 2025 GMT Subject: CN=68222fcb-0cfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:83:66:2e:b2:7a:04:1e:f1:5c:d0:d4:5f:c4: c9:5a:fe:77:ca:61:ad:a8:67:e7:a9:40:0f:09:c2: d1:b4:6c:ef:72:3e:21:45:bf:9f:fc:17:88:eb:84: ac:e0:09:e3:ef:28:da:3c:66:92:ae:4f:e1:ce:e5: 33:5a:0e:54:89:3d:dd:95:62:3a:be:1b:a4:c1:34: 12:86:d3:f8:a6:b6:91:e6:cc:3d:10:c1:f7:23:6b: a1:d4:1d:83:c0:c6:8d:f0:6d:ca:c8:de:10:14:15: f2:69:89:f0:43:58:79:f5:2c:6d:fa:75:60:24:d2: 05:d8:81:30:68:97:f4:e8:8a:a7:bd:c3:ed:a1:cd: 1c:30:48:3d:77:e9:39:2a:4b:e1:3a:00:db:52:b3: 41:bb:ec:c0:8f:38:e7:3a:78:11:83:4c:5b:b1:cc: c6:27:ff:89:27:71:a0:2d:25:91:48:e7:be:5c:47: c6:e1:81:43:7e:c1:49:8e:71:2b:6d:64:70:22:a7: 11:c7:53:d8:d9:f5:d4:a2:69:1b:17:59:1f:59:c0: 1e:8c:fb:88:1d:d4:62:65:1b:d9:24:57:42:e2:fe: ab:75:cb:9c:9e:7a:1e:0c:4b:45:cf:aa:62:1f:1b: 2b:dd:f5:b4:a6:2c:1c:8c:a3:49:e3:29:b0:ff:d8: 47:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:EC:27:94:7F:7D:83:84:4C:CB:9B:93:3B:9F:39:6B:46:70:53:8F X509v3 Authority Key Identifier: keyid:34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:a6:2e:97:3d:d5:14:43:7f:fc:7e:e4:45:ef:70:1b:39:04: 00:b4:c4:9f:2e:6e:13:55:ca:33:24:b1:06:b9:6c:ef:10:a3: 10:8a:de:17:34:d8:92:58:5b:46:ae:ef:0e:78:3e:e6:d4:7a: dd:e6:b3:24:3c:54:7b:52:6b:4c:7c:d8:d9:d7:40:4c:7a:0b: 76:80:5c:6c:26:bc:d3:97:40:a3:50:fa:f9:71:d2:2c:eb:ec: 83:e4:9b:ec:2a:6a:62:3f:59:20:02:83:f1:b3:cd:c6:d4:ae: 63:71:d6:f7:89:f1:65:b7:32:67:9d:cd:85:5d:aa:c6:f7:d4: a7:7e:bc:50:c9:05:eb:dc:0f:f2:a1:c9:1e:57:13:43:d7:10: 8e:75:31:24:20:c1:03:0e:4d:67:c9:97:06:db:34:2c:e2:f3: 20:3e:6a:43:dd:67:86:58:f1:84:c3:b5:98:ee:0e:8b:66:ef: 93:ad:da:b1:77:ea:4c:e3:5d:b9:9e:3a:e2:7f:cf:a0:d8:75: a1:5b:36:6b:58:f3:53:b0:73:26:06:04:b9:0e:61:8f:cc:fe: 94:1d:57:17:3b:a2:49:b1:e9:a6:f1:d4:16:08:33:0b:ae:b5: 7e:93:cd:63:eb:90:ac:69:0f:08:f1:23:17:1f:61:2f:e4:86: 27:56:c3:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD5owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE2OTAxMTAvBgNVBAUTKDM0NzRDOTRDMzZFOEY5QTBEM0EwRDIyRTFEREExMDhD RDM0MEFCMjgwHhcNMjUwNTEyMTcyODQzWhcNMjUwNTE5MTcyODQzWjAYMRYwFAYD VQQDEw02ODIyMmZjYi0wY2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4YNmLrJ6BB7xXNDUX8TJWv53ymGtqGfnqUAPCcLRtGzvcj4hRb+f/BeI64Ss 4Anj7yjaPGaSrk/hzuUzWg5UiT3dlWI6vhukwTQShtP4praR5sw9EMH3I2uh1B2D wMaN8G3KyN4QFBXyaYnwQ1h59Sxt+nVgJNIF2IEwaJf06IqnvcPtoc0cMEg9d+k5 KkvhOgDbUrNBu+zAjzjnOngRg0xbsczGJ/+JJ3GgLSWRSOe+XEfG4YFDfsFJjnEr bWRwIqcRx1PY2fXUomkbF1kfWcAejPuIHdRiZRvZJFdC4v6rdcucnnoeDEtFz6pi Hxsr3fW0piwcjKNJ4ymw/9hHUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOHsJ5R/ fYOETMubkzufOWtGcFOPMB8GA1UdIwQYMBaAFDR0yUw26Pmg06DSLh3aEIzTQKso MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTY5MC8xNUI0MUI4ODYz RjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1hRFRvTkl1SGRvUWpOTkFx eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05IVEpURGJvLWFEVG9OSXVIZG9Rak5OQXF5Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTY5MC8xNUI0MUI4ODYzRjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1h RFRvTkl1SGRvUWpOTkFxeWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+pi6XPdUUQ3/8fuRF73AbOQQAtMSfLm4TVcozJLEGuWzvEKMQit4X NNiSWFtGru8OeD7m1Hrd5rMkPFR7UmtMfNjZ10BMegt2gFxsJrzTl0CjUPr5cdIs 6+yD5JvsKmpiP1kgAoPxs83G1K5jcdb3ifFltzJnnc2FXarG99SnfrxQyQXr3A/y ockeVxND1xCOdTEkIMEDDk1nyZcG2zQs4vMgPmpD3WeGWPGEw7WY7g6LZu+Trdqx d+pM4125njrif8+g2HWhWzZrWPNTsHMmBgS5DmGPzP6UHVcXO6JJsemm8dQWCDML rrV+k81j65CsaQ8I8SMXH2Ev5IYnVsPm -----END CERTIFICATE-----Generated at Wed May 14 17:52:48 2025 by rpki-client