$ rpki-client -vvf rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.mft File: nxMMOdAwdvSok0-jNJXO2TfiMKs.mft (raw, json) Hash identifier: LWxyexDPvaWPH4gj6xkbWpyXblz0OITe8LVCqpzru+Q= Subject key identifier: FC:B2:D5:91:B0:FF:6A:A9:DC:8D:9E:45:78:D3:0E:20:0B:94:9C:1E Authority key identifier: 9F:13:0C:39:D0:30:76:F4:A8:93:4F:A3:34:95:CE:D9:37:E2:30:AB Certificate issuer: /CN=A91430D6/serialNumber=9F130C39D03076F4A8934FA33495CED937E230AB Certificate serial: 17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nxMMOdAwdvSok0-jNJXO2TfiMKs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.mft Manifest number: 17 Signing time: Sat 23 Aug 2025 08:12:44 +0000 Manifest this update: Sat 23 Aug 2025 08:12:43 +0000 Manifest next update: Sat 30 Aug 2025 08:12:43 +0000 Files and hashes: 1: nxMMOdAwdvSok0-jNJXO2TfiMKs.crl (hash: Ewm7Tavo27Ik+PU+J0w9qfps9MhpYt0HnNjH74WiKoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.crl rsync://rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nxMMOdAwdvSok0-jNJXO2TfiMKs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:12:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91430D6, serialNumber=9F130C39D03076F4A8934FA33495CED937E230AB Validity Not Before: Aug 23 08:12:43 2025 GMT Not After : Aug 30 08:12:43 2025 GMT Subject: CN=68a977fc-e8a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a0:a1:18:bd:d5:9c:73:3e:f0:d3:bb:3e:c6: 20:2d:58:cc:a8:0d:fe:9c:3d:30:a6:20:2d:01:12: 92:5c:59:d0:51:84:6a:ec:b1:cc:9e:40:0f:36:ed: 25:6e:5f:77:f8:f2:5d:fb:84:d7:65:1c:d2:91:83: fe:8b:7c:87:bf:f7:5c:d1:53:c8:53:50:56:ad:bb: 82:02:5d:45:e9:b5:6c:d6:5f:ee:9d:6c:13:3d:4f: 88:2a:97:85:ac:9d:af:0a:dc:aa:30:2f:4c:2d:c0: 8c:f4:af:fa:0f:2b:50:a8:5c:45:b7:86:a0:ab:16: 73:b3:b0:87:f5:b9:73:3d:83:3d:6a:f8:6a:59:36: b7:3b:35:03:6b:a1:6b:43:d2:ce:27:48:db:42:a0: c2:ae:0f:bc:14:fc:dd:7e:b0:46:3d:1f:6c:a6:f0: 15:05:43:78:fb:b9:68:74:a1:80:f3:20:e1:fe:17: 35:05:e3:6c:f6:da:5a:89:60:65:c5:ea:48:09:42: 65:db:2e:0a:40:b3:63:be:77:e5:db:b3:ee:14:62: 20:be:79:dc:f6:00:10:cd:1c:93:2c:58:0a:3c:31: a1:9e:26:03:90:8e:a4:74:c7:e9:db:95:75:be:ef: 8d:50:19:91:50:cb:e7:c0:72:11:48:be:1c:7c:f5: 9e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:B2:D5:91:B0:FF:6A:A9:DC:8D:9E:45:78:D3:0E:20:0B:94:9C:1E X509v3 Authority Key Identifier: keyid:9F:13:0C:39:D0:30:76:F4:A8:93:4F:A3:34:95:CE:D9:37:E2:30:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nxMMOdAwdvSok0-jNJXO2TfiMKs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91430D6/20F9F3B05FE011F0B2FD8F57C4F9AE02/nxMMOdAwdvSok0-jNJXO2TfiMKs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:02:77:db:90:41:af:e2:32:ce:89:d8:51:52:9e:21:50:95: d0:1d:4d:3c:a6:36:20:9c:d6:d0:2c:65:66:bf:05:30:0d:f6: 2f:ce:75:16:5f:42:d3:1b:f4:94:ca:62:d6:55:1a:f7:9a:ff: c8:b8:0c:7c:5e:c0:b0:db:e1:2f:68:e3:6b:a5:e7:99:b0:11: 51:1d:6b:b6:15:5e:f7:a9:8b:9e:64:97:a3:15:62:1b:8a:a4: d8:a8:d6:21:c8:ca:b5:44:13:e0:d9:72:4a:f6:92:14:03:04: 70:2a:76:05:bf:05:da:06:cd:d7:bf:45:4d:01:4b:f9:ad:74: fa:ee:f9:b5:49:ee:99:8d:75:ef:fc:49:d7:8e:3e:3e:c7:ef: 0e:28:23:20:8c:a3:b5:ff:63:a2:82:b6:d9:a8:dd:ee:59:08: b7:76:0e:e1:f2:90:2f:9f:a2:37:c6:65:3d:52:f7:05:5b:e6: db:06:7d:91:de:f6:ae:a9:e7:8b:70:4c:b9:2a:60:55:5f:d6: ed:b0:56:50:d3:60:38:6a:23:03:d1:01:d3:d7:fc:52:33:e0: dd:e8:38:29:77:21:47:89:75:c4:7b:e4:95:ea:97:30:c1:e9: cb:ac:68:95:1b:9f:ac:94:3b:70:1d:4f:e5:f5:15:70:04:de: ee:68:b2:87 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MzBENjExMC8GA1UEBRMoOUYxMzBDMzlEMDMwNzZGNEE4OTM0RkEzMzQ5NUNFRDkz N0UyMzBBQjAeFw0yNTA4MjMwODEyNDNaFw0yNTA4MzAwODEyNDNaMBgxFjAUBgNV BAMTDTY4YTk3N2ZjLWU4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOoKEYvdWccz7w07s+xiAtWMyoDf6cPTCmIC0BEpJcWdBRhGrsscyeQA827SVu X3f48l37hNdlHNKRg/6LfIe/91zRU8hTUFatu4ICXUXptWzWX+6dbBM9T4gql4Ws na8K3KowL0wtwIz0r/oPK1CoXEW3hqCrFnOzsIf1uXM9gz1q+GpZNrc7NQNroWtD 0s4nSNtCoMKuD7wU/N1+sEY9H2ym8BUFQ3j7uWh0oYDzIOH+FzUF42z22lqJYGXF 6kgJQmXbLgpAs2O+d+Xbs+4UYiC+edz2ABDNHJMsWAo8MaGeJgOQjqR0x+nblXW+ 741QGZFQy+fAchFIvhx89Z7vAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/LLVkbD/ aqncjZ5FeNMOIAuUnB4wHwYDVR0jBBgwFoAUnxMMOdAwdvSok0+jNJXO2TfiMKsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQzMEQ2LzIwRjlGM0IwNUZF MDExRjBCMkZEOEY1N0M0RjlBRTAyL254TU1PZEF3ZHZTb2swLWpOSlhPMlRmaU1L cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbnhNTU9kQXdkdlNvazAtak5KWE8yVGZpTUtzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQz MEQ2LzIwRjlGM0IwNUZFMDExRjBCMkZEOEY1N0M0RjlBRTAyL254TU1PZEF3ZHZT b2swLWpOSlhPMlRmaU1Lcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEgCd9uQQa/iMs6J2FFSniFQldAdTTymNiCc1tAsZWa/BTAN9i/OdRZf QtMb9JTKYtZVGvea/8i4DHxewLDb4S9o42ul55mwEVEda7YVXvepi55kl6MVYhuK pNio1iHIyrVEE+DZckr2khQDBHAqdgW/BdoGzde/RU0BS/mtdPru+bVJ7pmNde/8 SdeOPj7H7w4oIyCMo7X/Y6KCttmo3e5ZCLd2DuHykC+fojfGZT1S9wVb5tsGfZHe 9q6p54twTLkqYFVf1u2wVlDTYDhqIwPRAdPX/FIz4N3oOCl3IUeJdcR75JXqlzDB 6cusaJUbn6yUO3AdT+X1FXAE3u5osoc= -----END CERTIFICATE-----Generated at Sat Aug 23 13:52:52 2025 by rpki-client