$ rpki-client -vvf rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.mft File: Ngx8e1xsaakGnYJb8ccK8gjaM3s.mft (raw, json) Hash identifier: 9J5Or5LxSTWpzUJ6AwEPF+cYrjOQC7H/L0nJpeuIU5E= Subject key identifier: 04:1B:49:7E:0F:FF:6E:7F:C2:12:40:C7:1B:12:54:72:F8:C9:9A:2C Authority key identifier: 36:0C:7C:7B:5C:6C:69:A9:06:9D:82:5B:F1:C7:0A:F2:08:DA:33:7B Certificate issuer: /CN=A9146251/serialNumber=360C7C7B5C6C69A9069D825BF1C70AF208DA337B Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Ngx8e1xsaakGnYJb8ccK8gjaM3s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.mft Manifest number: 3B Signing time: Tue 13 May 2025 06:45:26 +0000 Manifest this update: Tue 13 May 2025 06:45:26 +0000 Manifest next update: Tue 20 May 2025 06:45:26 +0000 Files and hashes: 1: Ngx8e1xsaakGnYJb8ccK8gjaM3s.crl (hash: QkSuViX4PHvslcMSC8G6GQyUPyXOh75uhzD8Phi/+/g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.crl rsync://rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Ngx8e1xsaakGnYJb8ccK8gjaM3s.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 06:45:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146251, serialNumber=360C7C7B5C6C69A9069D825BF1C70AF208DA337B Validity Not Before: May 13 06:45:26 2025 GMT Not After : May 20 06:45:26 2025 GMT Subject: CN=6822ea86-69f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:00:95:1b:38:35:a0:62:bf:3e:3d:39:bf:81: f8:40:86:96:ab:a0:73:ec:a5:60:bb:cd:54:44:21: d1:77:34:59:71:bb:77:6e:34:26:65:ef:a4:ec:52: 88:34:11:43:0a:ec:6a:8e:6e:d4:15:ea:60:15:2d: fc:de:fb:e8:8b:f7:de:d2:19:bf:e7:76:eb:e9:99: a0:63:f7:cb:0a:d4:9e:02:33:8f:19:ba:51:d0:1a: 24:f8:7c:0a:8f:4d:e4:60:45:98:00:f6:ac:d0:81: 16:59:2c:f9:49:d8:18:ab:0c:7f:03:e4:bb:5f:6d: bb:7d:31:0b:03:2f:c6:28:92:28:07:67:28:dc:d7: f4:8a:b2:6a:3e:35:56:83:c1:d5:9f:25:ad:6d:ff: 3b:ac:6c:b9:63:98:3b:ba:db:2a:d6:62:1c:4a:eb: 11:d9:25:73:1c:0c:3c:36:62:70:86:f8:65:88:f0: 14:ac:36:dd:d0:ef:c5:a8:46:e5:91:a2:60:b2:60: c3:17:cd:49:0c:89:be:b9:24:0d:c0:aa:37:d0:08: e1:93:96:eb:b6:79:2c:de:1d:67:54:1d:cc:ba:e5: dc:2b:9a:24:84:9c:db:af:1c:b9:c9:d2:cb:19:2a: 20:21:ee:0b:3b:0c:c4:51:79:3e:da:e0:20:55:9a: 38:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:1B:49:7E:0F:FF:6E:7F:C2:12:40:C7:1B:12:54:72:F8:C9:9A:2C X509v3 Authority Key Identifier: keyid:36:0C:7C:7B:5C:6C:69:A9:06:9D:82:5B:F1:C7:0A:F2:08:DA:33:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Ngx8e1xsaakGnYJb8ccK8gjaM3s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146251/0B16EAA4D87111EF98C26075C4F9AE02/Ngx8e1xsaakGnYJb8ccK8gjaM3s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:cd:eb:23:90:31:b6:b5:d4:12:27:75:17:64:5c:4e:9e:a7: bb:c8:0e:ac:81:f2:19:95:3a:92:f5:a1:bb:a3:4f:9b:b9:c0: cf:6a:19:1f:27:44:c1:26:ea:9b:45:cd:ca:db:9f:44:81:ba: 2c:13:25:bc:71:37:4e:46:ff:dd:02:b7:e2:1c:72:45:ae:92: 9c:84:56:2d:06:db:aa:e5:84:4d:5e:a5:9f:08:e3:cc:11:74: 2f:03:6d:cc:e5:b3:8c:ab:2e:a4:46:31:98:7b:84:ab:38:72: ea:b4:61:b3:98:ac:9f:a7:e5:51:59:54:69:b2:3c:58:e6:cf: 75:58:2b:07:f1:35:cf:eb:b2:ff:d5:05:a9:48:10:81:dc:83: 5c:e7:63:b3:1e:41:bc:79:e5:df:f5:26:56:8e:e3:1f:99:41: df:c7:55:0f:14:5a:3a:15:78:d2:31:ce:c5:ea:1f:63:c2:77: 0b:c6:ae:07:ba:f9:69:e5:6d:65:02:79:06:ad:9d:31:a6:15: 9b:ff:ec:7e:ef:1b:95:ce:23:fe:a1:49:7a:75:19:d8:3f:53: ab:33:35:e5:3b:dd:71:a4:36:73:ef:b5:70:2e:8a:52:ad:d7: 40:14:00:b1:6d:d9:21:4c:9e:c8:97:4b:3b:bb:27:e7:05:01: 91:34:9d:bd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NjI1MTExMC8GA1UEBRMoMzYwQzdDN0I1QzZDNjlBOTA2OUQ4MjVCRjFDNzBBRjIw OERBMzM3QjAeFw0yNTA1MTMwNjQ1MjZaFw0yNTA1MjAwNjQ1MjZaMBgxFjAUBgNV BAMTDTY4MjJlYTg2LTY5ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD1AJUbODWgYr8+PTm/gfhAhparoHPspWC7zVREIdF3NFlxu3duNCZl76TsUog0 EUMK7GqObtQV6mAVLfze++iL997SGb/nduvpmaBj98sK1J4CM48ZulHQGiT4fAqP TeRgRZgA9qzQgRZZLPlJ2BirDH8D5Ltfbbt9MQsDL8YokigHZyjc1/SKsmo+NVaD wdWfJa1t/zusbLljmDu62yrWYhxK6xHZJXMcDDw2YnCG+GWI8BSsNt3Q78WoRuWR omCyYMMXzUkMib65JA3AqjfQCOGTluu2eSzeHWdUHcy65dwrmiSEnNuvHLnJ0ssZ KiAh7gs7DMRReT7a4CBVmjh7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBBtJfg// bn/CEkDHGxJUcvjJmiwwHwYDVR0jBBgwFoAUNgx8e1xsaakGnYJb8ccK8gjaM3sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2MjUxLzBCMTZFQUE0RDg3 MTExRUY5OEMyNjA3NUM0RjlBRTAyL05neDhlMXhzYWFrR25ZSmI4Y2NLOGdqYU0z cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvTmd4OGUxeHNhYWtHbllKYjhjY0s4Z2phTTNzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2 MjUxLzBCMTZFQUE0RDg3MTExRUY5OEMyNjA3NUM0RjlBRTAyL05neDhlMXhzYWFr R25ZSmI4Y2NLOGdqYU0zcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHXN6yOQMba11BIndRdkXE6ep7vIDqyB8hmVOpL1obujT5u5wM9qGR8n RMEm6ptFzcrbn0SBuiwTJbxxN05G/90Ct+IcckWukpyEVi0G26rlhE1epZ8I48wR dC8Dbczls4yrLqRGMZh7hKs4cuq0YbOYrJ+n5VFZVGmyPFjmz3VYKwfxNc/rsv/V BalIEIHcg1znY7MeQbx55d/1JlaO4x+ZQd/HVQ8UWjoVeNIxzsXqH2PCdwvGrge6 +WnlbWUCeQatnTGmFZv/7H7vG5XOI/6hSXp1Gdg/U6szNeU73XGkNnPvtXAuilKt 10AUALFt2SFMnsiXSzu7J+cFAZE0nb0= -----END CERTIFICATE-----Generated at Wed May 14 23:02:50 2025 by rpki-client