$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: IQA3b1u8DSWCtDnrLIwQ/UnXhTRwOcOZQCSc9HklUvY= Subject key identifier: 8C:DB:2B:AF:AF:77:75:DA:5E:89:D3:F6:03:D6:EA:0D:A6:59:B5:FD Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: F5 Signing time: Sun 29 Jun 2025 04:21:25 +0000 Manifest this update: Sun 29 Jun 2025 04:21:25 +0000 Manifest next update: Sun 06 Jul 2025 04:21:25 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: FEXjXpvmzXzddZGqCVQPNd7cN8/kS2OUzDbb2sYFukA=) 2: 5605B7643B8D11F09517A40BC4F9AE02.roa (hash: kL+wl3X9lpPDAyc9VPoNCoIe2pFYCq0K/SEYMKMr+fs=) 3: 2D392D483B8D11F09468CF7BC4F9AE02.roa (hash: 3qGGrVLcHGyNXBjBxC/2DsjdY0M5cfUd+RZIo9JRQog=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 04:21:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 252 (0xfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Jun 29 04:21:25 2025 GMT Not After : Jul 6 04:21:25 2025 GMT Subject: CN=6860bf45-5b44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:55:d5:ae:bd:8a:eb:7f:2a:04:ed:0f:1e:0f: 70:f8:f1:06:0f:e8:83:cf:8c:e6:81:5d:3e:21:fa: 76:39:4a:7f:9b:44:f4:5a:d0:ee:cb:f1:58:86:ce: 54:5a:60:0f:c3:5a:4c:5f:8f:e1:46:83:4e:ae:b5: 19:3a:4b:cd:d7:2b:9c:e5:2d:48:ef:70:c4:c9:06: fd:53:e2:d6:fe:72:81:be:e3:87:ed:41:42:7c:81: 6a:bc:25:e8:04:c7:07:a8:48:c6:76:37:9d:26:2c: 49:51:1c:e1:7d:d5:7e:0b:ce:fb:a3:2c:ad:9f:0c: 02:bb:c1:6c:28:e9:20:aa:89:b6:0e:c6:ce:88:f5: 3d:ce:90:cf:3c:b2:dc:b9:1c:d3:4e:47:47:dc:ed: a4:7a:b4:1a:c2:da:b1:cf:83:a0:15:cc:03:c6:59: 3b:b2:1a:b6:3e:d5:9a:5d:b3:f0:d5:25:32:37:95: 7c:d3:40:ee:ae:b1:dd:fc:33:e0:d1:3a:de:ba:2e: 8e:7e:7f:b8:f1:f8:81:ae:57:10:eb:3f:52:83:1c: c9:14:81:c9:c6:a4:8f:22:c4:06:5a:94:70:fa:0e: 66:b2:b7:86:88:c8:09:69:ff:df:84:05:27:d2:12: 3d:80:a4:37:ef:cd:25:dc:cb:7b:d2:e6:bd:93:7c: eb:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:DB:2B:AF:AF:77:75:DA:5E:89:D3:F6:03:D6:EA:0D:A6:59:B5:FD X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:b1:07:b5:46:f3:18:4d:9f:ef:42:89:8b:19:80:da:1b:ab: c4:d0:80:cf:b6:80:e1:94:68:12:61:ff:d5:21:ea:82:39:f9: 15:63:d8:dd:ca:6f:27:50:5a:5c:61:b2:30:2f:1c:5f:7e:70: db:0f:aa:d7:d8:57:fd:0a:5e:c1:5c:78:a2:d4:6c:b8:8f:28: 3e:9d:3b:2e:5c:80:bf:46:98:b9:12:8f:55:56:68:99:d2:6e: ef:d2:0e:6d:21:c9:ea:48:f6:36:45:4d:fc:11:53:1c:c6:dd: 49:59:78:12:4d:0f:08:c8:b5:c8:75:86:4e:27:25:71:62:5d: 90:c2:34:e4:c7:07:ca:8c:10:a7:f7:be:e4:45:e2:4e:24:45: 20:72:3b:49:bc:a6:b4:bf:45:59:d9:d1:8d:cf:22:df:ab:ab: 8d:3f:6e:e7:aa:d4:da:e1:82:b5:17:da:b3:19:20:19:09:a3: 1c:64:ee:f1:6b:3c:f8:d0:5d:0d:69:36:1e:84:6b:c1:4a:ce: e0:85:88:ec:c1:43:d4:02:ab:14:e6:e9:e4:64:a2:a6:9d:4e: 59:6a:73:ed:9f:50:ff:07:b0:5a:48:a5:83:e6:71:c8:9a:f6: da:24:e3:dc:1e:98:53:82:ea:4d:73:cf:b8:89:7f:3f:a0:7a: 8c:36:4c:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwNjI5MDQyMTI1WhcNMjUwNzA2MDQyMTI1WjAYMRYwFAYD VQQDEw02ODYwYmY0NS01YjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFXVrr2K638qBO0PHg9w+PEGD+iDz4zmgV0+Ifp2OUp/m0T0WtDuy/FYhs5U WmAPw1pMX4/hRoNOrrUZOkvN1yuc5S1I73DEyQb9U+LW/nKBvuOH7UFCfIFqvCXo BMcHqEjGdjedJixJURzhfdV+C877oyytnwwCu8FsKOkgqom2DsbOiPU9zpDPPLLc uRzTTkdH3O2kerQawtqxz4OgFcwDxlk7shq2PtWaXbPw1SUyN5V800DurrHd/DPg 0Treui6Ofn+48fiBrlcQ6z9SgxzJFIHJxqSPIsQGWpRw+g5msreGiMgJaf/fhAUn 0hI9gKQ3780l3Mt70ua9k3zrWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIzbK6+v d3XaXonT9gPW6g2mWbX9MB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8sQe1RvMYTZ/vQomLGYDaG6vE0IDPtoDhlGgSYf/VIeqCOfkVY9jd ym8nUFpcYbIwLxxffnDbD6rX2Ff9Cl7BXHii1Gy4jyg+nTsuXIC/Rpi5Eo9VVmiZ 0m7v0g5tIcnqSPY2RU38EVMcxt1JWXgSTQ8IyLXIdYZOJyVxYl2QwjTkxwfKjBCn 977kReJOJEUgcjtJvKa0v0VZ2dGNzyLfq6uNP27nqtTa4YK1F9qzGSAZCaMcZO7x azz40F0NaTYehGvBSs7ghYjswUPUAqsU5unkZKKmnU5ZanPtn1D/B7BaSKWD5nHI mvbaJOPcHphTgupNc8+4iX8/oHqMNkxr -----END CERTIFICATE-----Generated at Mon Jun 30 06:10:27 2025 by rpki-client