$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: fzoZC5JUr89oiujwJt+YwTn8VznolUR3QUJHui3siao= Subject key identifier: DB:2E:4D:EF:5F:96:A8:43:95:19:B9:3B:E1:92:63:9B:7E:9F:C9:32 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 02C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 02C2 Signing time: Tue 01 Jul 2025 02:06:08 +0000 Manifest this update: Tue 01 Jul 2025 02:06:08 +0000 Manifest next update: Tue 08 Jul 2025 02:06:08 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: V4QO+ald/BT3cifljqrXYAPKo5dYJlqo/wqQMg+jIUw=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:06:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 711 (0x2c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: Jul 1 02:06:08 2025 GMT Not After : Jul 8 02:06:08 2025 GMT Subject: CN=68634290-d2e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:eb:02:4f:25:97:49:13:b4:3e:f6:6f:c5:f3: 2c:3e:e5:fd:e1:3b:a6:c7:97:52:80:34:d8:1f:ef: 69:71:c6:12:89:71:ab:5f:45:dd:61:fe:70:59:33: a4:56:37:fc:99:80:8e:fd:60:8a:36:39:1d:48:c0: 19:62:cc:7f:2f:95:83:ae:9f:0f:87:7f:6b:97:a7: fb:ea:71:95:44:5c:ea:e2:e5:cd:87:e9:d2:db:d3: 49:85:64:de:ab:2b:2b:c3:c5:f9:66:c2:32:3e:80: 93:f4:6c:55:b1:df:06:57:e9:49:e7:b2:c0:74:d9: 86:4f:b7:02:2d:20:c0:8a:93:3d:73:fd:bd:ac:0f: b7:fb:52:a0:ef:f4:89:e9:2e:95:3a:b4:57:8c:92: 5e:6e:e5:79:4d:3d:e4:bc:36:8e:af:39:ed:51:e6: aa:0b:04:c0:61:9a:d3:c2:70:f8:e8:77:33:cc:80: bc:33:85:9a:42:85:2e:49:94:1a:e6:d4:65:b3:b4: 2a:66:03:94:bb:ee:a8:88:51:b8:d8:25:da:8d:3e: 41:db:c7:60:0d:e3:87:59:4d:10:1e:e1:45:02:31: c2:58:3b:bf:ce:9e:11:82:0e:ff:1e:98:84:07:de: 57:b6:02:3d:95:3b:4f:b2:6c:9b:77:33:92:e1:c1: b1:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:2E:4D:EF:5F:96:A8:43:95:19:B9:3B:E1:92:63:9B:7E:9F:C9:32 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:58:ad:36:09:49:a2:d5:dd:8c:13:ba:29:7b:28:d7:f8:08: f1:44:2a:64:f8:70:86:c6:d7:f0:a0:5f:64:86:5d:42:f4:84: 53:62:9d:92:0c:8c:68:01:e4:53:05:41:6e:e2:3c:e4:40:ed: 31:00:5a:6b:00:6e:15:9f:71:e8:9b:cc:65:db:ac:c2:85:69: f3:6a:74:e0:80:81:ec:df:2e:db:1e:e5:5e:8d:de:fa:9c:e8: b3:d5:12:99:5d:b7:6a:8d:0c:22:d1:f2:c3:e4:50:ca:5b:93: 39:5d:13:6d:26:cb:69:10:9f:6e:03:3b:b7:29:24:51:a5:cb: b9:ac:93:05:b8:df:d0:6a:be:11:7c:c4:da:ca:93:cc:50:cf: 65:4a:7d:ad:20:56:0e:fe:8e:7b:db:15:71:b2:62:7e:f9:5b: 71:5d:a7:48:c8:43:74:0b:71:e6:b7:86:22:00:fb:0e:71:61: 11:31:3f:87:04:10:08:e8:ac:a4:64:eb:a2:2c:01:c3:63:c2: 42:5d:17:54:ea:ad:f8:54:18:6b:bd:39:c4:65:48:2c:88:40: 60:67:c2:a8:9c:32:b7:6a:dc:e5:87:a7:f4:c9:82:63:5f:df: 79:ea:e7:67:78:97:b8:6b:51:f5:e4:12:60:f3:7f:3b:39:01: 01:a1:ff:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjUwNzAxMDIwNjA4WhcNMjUwNzA4MDIwNjA4WjAYMRYwFAYD VQQDEw02ODYzNDI5MC1kMmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvusCTyWXSRO0PvZvxfMsPuX94Tumx5dSgDTYH+9pccYSiXGrX0XdYf5wWTOk Vjf8mYCO/WCKNjkdSMAZYsx/L5WDrp8Ph39rl6f76nGVRFzq4uXNh+nS29NJhWTe qysrw8X5ZsIyPoCT9GxVsd8GV+lJ57LAdNmGT7cCLSDAipM9c/29rA+3+1Kg7/SJ 6S6VOrRXjJJebuV5TT3kvDaOrzntUeaqCwTAYZrTwnD46HczzIC8M4WaQoUuSZQa 5tRls7QqZgOUu+6oiFG42CXajT5B28dgDeOHWU0QHuFFAjHCWDu/zp4Rgg7/HpiE B95XtgI9lTtPsmybdzOS4cGxsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNsuTe9f lqhDlRm5O+GSY5t+n8kyMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEWK02CUmi1d2ME7opeyjX+AjxRCpk+HCGxtfwoF9khl1C9IRTYp2S DIxoAeRTBUFu4jzkQO0xAFprAG4Vn3Hom8xl26zChWnzanTggIHs3y7bHuVejd76 nOiz1RKZXbdqjQwi0fLD5FDKW5M5XRNtJstpEJ9uAzu3KSRRpcu5rJMFuN/Qar4R fMTaypPMUM9lSn2tIFYO/o572xVxsmJ++VtxXadIyEN0C3Hmt4YiAPsOcWERMT+H BBAI6KykZOuiLAHDY8JCXRdU6q34VBhrvTnEZUgsiEBgZ8KonDK3atzlh6f0yYJj X9956udneJe4a1H15BJg8387OQEBof80 -----END CERTIFICATE-----Generated at Wed Jul 2 13:22:20 2025 by rpki-client