$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: hOziYo7rQMw1X6i2gtaKkfXAdu52agPvxyRDXgfkwDw= Subject key identifier: B0:29:25:25:3F:8E:95:58:0F:7A:A6:D6:8D:D1:A7:49:FC:D2:DF:BB Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 02FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 02FA Signing time: Sun 19 Oct 2025 03:20:07 +0000 Manifest this update: Sun 19 Oct 2025 03:20:06 +0000 Manifest next update: Sun 26 Oct 2025 03:20:06 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: BxOdiinvm+xH8RKfH2zkV4RVbU5Z7gZzR+iyeTJykMk=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:20:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 767 (0x2ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: Oct 19 03:20:06 2025 GMT Not After : Oct 26 03:20:06 2025 GMT Subject: CN=68f458e7-bd56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e6:e7:78:fe:dc:26:7b:e0:dd:26:52:85:62: 27:5f:47:16:ba:fd:43:61:d8:25:7e:c4:20:d4:bc: a4:25:81:22:a0:fa:50:46:b1:73:8d:35:c5:1c:46: ce:d7:44:07:22:0e:dd:0d:94:d9:58:53:a9:ce:d0: 99:8d:14:e2:af:54:9b:97:61:50:e4:c6:86:d9:f5: c5:ef:f7:e5:d6:bc:3e:81:0a:07:71:ca:11:88:51: 89:f4:a9:11:2f:94:95:5f:80:5b:69:73:9f:6c:50: 39:c7:c2:85:a4:a3:4b:f7:69:0e:62:b0:07:4d:24: 08:67:dd:d2:93:8c:41:09:d5:28:86:c3:ba:a5:44: f9:89:44:0c:bd:ae:85:e4:a1:1c:48:20:51:96:7f: af:20:d4:27:ac:ea:bf:8d:4d:2e:df:1d:12:25:7a: df:7c:70:6e:fb:d9:b8:c6:62:40:2e:ec:66:1f:c3: 57:4b:a4:47:1c:fc:05:9a:11:ec:d1:d9:83:ad:c1: c2:90:3f:15:6d:bf:73:c3:e9:ca:16:68:c4:d0:7a: 5a:be:df:f9:0d:d2:4a:8d:26:9e:36:07:fe:54:28: d1:77:0d:ce:03:e1:9e:38:f0:d7:34:12:e3:d7:54: 07:17:d4:5b:11:13:e1:18:8e:4b:c6:0c:3e:60:d7: 76:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:29:25:25:3F:8E:95:58:0F:7A:A6:D6:8D:D1:A7:49:FC:D2:DF:BB X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:7e:0d:c0:2f:74:a9:7e:d1:41:cc:9f:ed:dc:28:fb:15:42: ff:2b:c5:86:80:fd:c6:31:43:4e:1d:58:a1:74:2a:ae:5d:0b: ea:34:bc:56:ad:63:74:fe:8e:e2:2a:7d:2c:8f:b7:48:3e:f9: 72:09:94:58:70:8a:4b:06:82:a5:1d:4d:f4:59:9d:77:6c:41: 92:7e:44:da:fc:00:62:49:61:f1:6f:45:65:05:9c:b3:9b:b6: 3f:6f:39:3e:c5:54:95:e1:7b:0c:16:8a:bc:d7:10:08:1c:e7: 0d:b0:c2:cc:47:45:47:28:a9:ad:38:56:f6:d8:61:ae:50:2b: 63:b7:7b:9d:b4:32:75:f7:09:f2:cc:d9:c6:0e:cc:e0:7f:2c: 39:f5:09:bd:2a:33:a4:d0:d6:41:9e:f7:47:33:1c:95:65:5d: 03:bc:82:d2:1e:c1:64:36:d4:3c:11:0a:d0:2e:f9:a2:61:3b: 3c:30:b5:2d:47:39:31:25:a7:41:f3:9a:97:9a:fd:19:f3:74: 2d:0a:c7:da:24:d0:9e:48:55:3a:99:8a:7c:80:db:10:fb:59: f8:ec:ca:d9:6e:8a:b7:cf:dc:9d:26:43:17:bb:21:d4:2b:3d: 77:5d:80:e4:74:4d:82:79:cd:88:7e:13:38:57:0a:c7:e6:08: fb:8b:f1:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjUxMDE5MDMyMDA2WhcNMjUxMDI2MDMyMDA2WjAYMRYwFAYD VQQDEw02OGY0NThlNy1iZDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArebneP7cJnvg3SZShWInX0cWuv1DYdglfsQg1LykJYEioPpQRrFzjTXFHEbO 10QHIg7dDZTZWFOpztCZjRTir1Sbl2FQ5MaG2fXF7/fl1rw+gQoHccoRiFGJ9KkR L5SVX4BbaXOfbFA5x8KFpKNL92kOYrAHTSQIZ93Sk4xBCdUohsO6pUT5iUQMva6F 5KEcSCBRln+vINQnrOq/jU0u3x0SJXrffHBu+9m4xmJALuxmH8NXS6RHHPwFmhHs 0dmDrcHCkD8Vbb9zw+nKFmjE0Hpavt/5DdJKjSaeNgf+VCjRdw3OA+GeOPDXNBLj 11QHF9RbERPhGI5Lxgw+YNd2UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLApJSU/ jpVYD3qm1o3Rp0n80t+7MB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUfg3AL3SpftFBzJ/t3Cj7FUL/K8WGgP3GMUNOHVihdCquXQvqNLxW rWN0/o7iKn0sj7dIPvlyCZRYcIpLBoKlHU30WZ13bEGSfkTa/ABiSWHxb0VlBZyz m7Y/bzk+xVSV4XsMFoq81xAIHOcNsMLMR0VHKKmtOFb22GGuUCtjt3udtDJ19wny zNnGDszgfyw59Qm9KjOk0NZBnvdHMxyVZV0DvILSHsFkNtQ8EQrQLvmiYTs8MLUt RzkxJadB85qXmv0Z83QtCsfaJNCeSFU6mYp8gNsQ+1n47MrZboq3z9ydJkMXuyHU Kz13XYDkdE2Cec2IfhM4VwrH5gj7i/HW -----END CERTIFICATE-----Generated at Tue Oct 21 01:01:21 2025 by rpki-client