$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft File: NNz0cp9FgmKIjvB6K9RnX24xE4A.mft (raw, json) Hash identifier: qd2ZXz8FUGdNynnI9rjLX7I9hik8/GeldXz43y9+S58= Subject key identifier: DF:8B:66:60:08:BD:E5:A5:06:3B:B7:76:01:01:BF:21:BF:B1:50:0A Authority key identifier: 34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 Certificate issuer: /CN=A9157B7F/serialNumber=34DCF4729F458262888EF07A2BD4675F6E311380 Certificate serial: 068A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft Manifest number: 0683 Signing time: Sat 10 May 2025 21:54:01 +0000 Manifest this update: Sat 10 May 2025 21:54:00 +0000 Manifest next update: Sat 17 May 2025 21:54:00 +0000 Files and hashes: 1: NNz0cp9FgmKIjvB6K9RnX24xE4A.crl (hash: QfMKF0TNIUyZx5OTS16tUlQO0wS/2jIV4RBEefvpGr8=) 2: AE27A8A671B311EBB90BB364C4F9AE02.roa (hash: zKqUOk2enQVo+KwTKKBvY1Ib1LdBjKOEZObmTpDLQzs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 21:54:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1674 (0x68a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B7F, serialNumber=34DCF4729F458262888EF07A2BD4675F6E311380 Validity Not Before: May 10 21:54:00 2025 GMT Not After : May 17 21:54:00 2025 GMT Subject: CN=681fcaf9-cac1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:fe:2c:a8:b3:e3:be:60:c1:f1:a1:34:7f:0d: dc:10:7c:69:86:fc:34:82:12:65:c9:7d:fd:de:df: 68:c2:d4:ad:27:d7:2e:65:f0:56:92:6f:a0:f0:7e: 21:90:1e:d7:f2:ee:6b:3b:da:ff:ed:55:de:c0:a5: b7:ab:0d:8b:c4:60:d1:f0:28:7b:3c:d1:ec:64:f9: 21:e5:ae:70:2f:3f:18:2a:f8:01:53:44:6e:07:cf: 96:a3:9b:88:c2:49:9d:fc:00:6e:a7:11:6e:68:09: 1e:ca:23:c2:1e:1b:18:92:5f:26:35:0c:d2:80:a6: 3d:25:3d:57:6a:26:ee:2f:71:17:a3:64:fe:db:0b: 5a:ee:ab:7b:7e:aa:70:88:99:17:be:6a:08:0e:2b: aa:f4:bb:e0:b4:df:4d:27:e8:df:27:24:36:5e:04: ec:02:63:a5:3e:fa:15:8c:62:d2:55:bc:e7:33:45: ba:10:bd:ca:2f:97:e1:23:24:fd:b4:2d:54:de:1e: 20:34:1f:85:13:71:fa:e6:8c:9b:24:41:a4:dd:0d: 97:ee:0b:77:e3:77:ec:c6:f0:c0:2b:08:23:89:4e: 7f:2e:0f:51:c4:d9:86:23:29:48:8d:c5:76:89:0c: f1:5c:f1:ef:52:af:df:b3:fb:a6:73:81:b4:f5:3d: 45:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:8B:66:60:08:BD:E5:A5:06:3B:B7:76:01:01:BF:21:BF:B1:50:0A X509v3 Authority Key Identifier: keyid:34:DC:F4:72:9F:45:82:62:88:8E:F0:7A:2B:D4:67:5F:6E:31:13:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNz0cp9FgmKIjvB6K9RnX24xE4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B7F/37B82C5071B211EBB44A8463C4F9AE02/NNz0cp9FgmKIjvB6K9RnX24xE4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:8d:fd:a9:09:4f:2a:92:a0:c9:a3:3d:af:6c:6b:42:10:09: d0:d9:15:9f:e8:61:06:4b:49:f7:ec:cf:c6:2e:e9:e9:4a:63: fa:bd:db:86:35:2d:7a:df:f4:52:31:06:e3:05:5e:62:a2:cb: 8b:88:3b:c9:aa:f9:3f:2b:e6:50:13:ce:e7:67:63:7c:74:76: 3c:93:c3:08:80:2d:02:fe:af:a4:d2:88:5f:c8:e0:d1:71:2d: 3a:c6:cb:8f:07:7f:72:ea:ab:9c:57:85:f6:48:55:88:cd:62: bf:47:ce:a7:8f:a3:16:3b:1a:b3:38:fe:f1:18:01:10:b1:fb: 1c:29:75:dc:a4:ff:a6:c8:d8:dc:79:7d:63:8e:5a:d1:ac:e5: 6f:c8:18:66:6b:9e:e0:b1:b4:e6:3c:a4:a3:3d:94:d5:c5:4e: 6e:27:86:56:fd:d4:3a:a5:1a:81:cb:8d:42:09:a9:5c:67:76: 26:3b:61:42:6f:c0:b9:1b:00:56:8b:ee:7a:07:26:e9:4f:06: cb:03:61:1b:6e:c7:62:07:f3:bf:8c:d0:94:74:32:92:70:ee: bd:0e:2e:85:4e:96:22:b6:2c:f8:70:e6:f2:11:3b:78:c5:2a: b2:ef:e9:3d:e0:c7:66:65:d3:2b:ab:0d:4b:00:24:52:cd:c7: 7d:af:c0:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCN0YxMTAvBgNVBAUTKDM0RENGNDcyOUY0NTgyNjI4ODhFRjA3QTJCRDQ2NzVG NkUzMTEzODAwHhcNMjUwNTEwMjE1NDAwWhcNMjUwNTE3MjE1NDAwWjAYMRYwFAYD VQQDEw02ODFmY2FmOS1jYWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2f4sqLPjvmDB8aE0fw3cEHxphvw0ghJlyX393t9owtStJ9cuZfBWkm+g8H4h kB7X8u5rO9r/7VXewKW3qw2LxGDR8Ch7PNHsZPkh5a5wLz8YKvgBU0RuB8+Wo5uI wkmd/ABupxFuaAkeyiPCHhsYkl8mNQzSgKY9JT1XaibuL3EXo2T+2wta7qt7fqpw iJkXvmoIDiuq9LvgtN9NJ+jfJyQ2XgTsAmOlPvoVjGLSVbznM0W6EL3KL5fhIyT9 tC1U3h4gNB+FE3H65oybJEGk3Q2X7gt343fsxvDAKwgjiU5/Lg9RxNmGIylIjcV2 iQzxXPHvUq/fs/umc4G09T1F2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN+LZmAI veWlBju3dgEBvyG/sVAKMB8GA1UdIwQYMBaAFDTc9HKfRYJiiI7weivUZ19uMROA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0I3Ri8zN0I4MkM1MDcx QjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5RmdtS0lqdkI2SzlSblgyNHhF NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OejBjcDlGZ21LSWp2QjZLOVJuWDI0eEU0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0I3Ri8zN0I4MkM1MDcxQjIxMUVCQjQ0QTg0NjNDNEY5QUUwMi9OTnowY3A5Rmdt S0lqdkI2SzlSblgyNHhFNEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0jf2pCU8qkqDJoz2vbGtCEAnQ2RWf6GEGS0n37M/GLunpSmP6vduG NS163/RSMQbjBV5iosuLiDvJqvk/K+ZQE87nZ2N8dHY8k8MIgC0C/q+k0ohfyODR cS06xsuPB39y6qucV4X2SFWIzWK/R86nj6MWOxqzOP7xGAEQsfscKXXcpP+myNjc eX1jjlrRrOVvyBhma57gsbTmPKSjPZTVxU5uJ4ZW/dQ6pRqBy41CCalcZ3YmO2FC b8C5GwBWi+56BybpTwbLA2EbbsdiB/O/jNCUdDKScO69Di6FTpYitiz4cObyETt4 xSqy7+k94MdmZdMrqw1LACRSzcd9r8AM -----END CERTIFICATE-----Generated at Mon May 12 18:39:33 2025 by rpki-client