$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: S5yHuSqn3hymySa3WWpL52rPnQoBrpoOHWC9A/I7Zug= Subject key identifier: 19:AB:D4:9A:AF:56:4B:BE:3E:55:C2:3F:D0:0E:75:32:1B:44:A9:7E Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 0118 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 0111 Signing time: Sat 23 Aug 2025 05:06:38 +0000 Manifest this update: Sat 23 Aug 2025 05:06:38 +0000 Manifest next update: Sat 30 Aug 2025 05:06:37 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: Nv1Hxqcbf2RWRDAb19JwXxj77/vXNx/ah2bpljnftvs=) 2: 5605B7643B8D11F09517A40BC4F9AE02.roa (hash: kL+wl3X9lpPDAyc9VPoNCoIe2pFYCq0K/SEYMKMr+fs=) 3: 2D392D483B8D11F09468CF7BC4F9AE02.roa (hash: 3qGGrVLcHGyNXBjBxC/2DsjdY0M5cfUd+RZIo9JRQog=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:06:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 280 (0x118) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Aug 23 05:06:38 2025 GMT Not After : Aug 30 05:06:37 2025 GMT Subject: CN=68a94c5e-2abb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c8:07:32:dd:ca:d3:a8:37:d2:0b:62:9b:39: df:77:62:6d:b5:ca:35:8b:83:2d:4e:ab:18:14:be: d5:d7:a3:cd:30:9b:12:e1:4c:f8:04:68:d3:f4:25: d6:2a:06:dd:a0:1e:8c:44:8a:83:2f:a7:d6:e1:9e: 8b:c1:83:43:fe:db:b6:4b:cf:4e:ca:3e:4a:02:68: 83:55:b6:73:7b:e5:79:8f:d4:64:3f:03:58:ca:40: ac:66:b3:a6:0c:7a:47:b7:18:4b:6f:05:93:22:c3: bf:22:d3:fc:2f:05:83:f4:86:86:7f:14:ea:6d:0f: 52:b3:fd:af:e6:9f:0e:07:ee:eb:c8:12:8b:3b:e4: 14:56:9a:30:56:78:f6:8c:a4:8a:ab:66:9e:05:53: f7:d3:29:a4:b1:b0:26:f2:94:f7:f7:f8:51:e2:bd: 49:56:9e:a7:ad:db:f3:d2:a5:e5:da:7a:00:aa:c7: 41:92:06:62:6b:93:1d:fb:ab:11:7f:c5:81:8d:17: 3e:76:3b:bf:dd:14:f2:4a:97:3f:73:5b:68:38:b1: d0:2f:d2:6e:90:44:77:82:52:1d:18:eb:89:8e:98: a6:92:8b:be:78:8a:13:98:5c:e2:fb:2a:88:1c:a1: 1a:7b:40:57:17:a3:76:1e:ea:ad:16:26:4f:08:88: de:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:AB:D4:9A:AF:56:4B:BE:3E:55:C2:3F:D0:0E:75:32:1B:44:A9:7E X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:d9:5e:a0:4a:cc:39:b4:dc:1a:f5:d3:78:7b:ca:be:bf:46: 45:f0:2e:b2:7f:90:26:6d:2e:1d:9d:d4:51:ff:7d:55:ad:f0: 54:de:7f:8e:a5:96:88:dd:5f:26:a5:8e:a5:73:54:2e:a0:53: 9d:88:e9:80:be:e2:9e:11:8b:f0:b0:f8:98:40:58:75:a6:36: ae:03:38:79:26:a4:61:03:c7:54:e9:58:93:94:d4:6c:4a:b1: a1:02:8a:01:d3:60:ce:8b:e0:33:0a:a1:d7:fe:23:71:49:9c: ab:14:08:42:98:ac:2d:c1:e5:b6:10:bf:dc:e9:89:83:43:70: ef:2f:48:da:52:84:b1:f6:b4:4f:7b:65:ab:d2:62:ab:30:0b: ac:c5:fa:a5:1d:0e:3d:50:d6:fa:f3:b7:9f:18:05:1f:cd:87: d4:8d:e5:f1:d3:4d:b2:73:20:43:e4:43:b9:2b:96:1a:ed:cb: 2b:73:ea:30:9e:2a:70:31:18:78:bb:18:52:01:19:27:16:6c: 2a:83:b9:27:40:da:d3:61:dc:c4:97:82:88:f1:f6:90:c0:4b: 1d:a1:47:38:c8:0a:4e:99:bb:32:40:8b:2d:7d:b5:fd:0a:d9: 0c:e7:7c:7a:ab:25:0b:ca:65:1e:d4:8c:40:45:16:0e:67:6b: 54:d2:cd:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwODIzMDUwNjM4WhcNMjUwODMwMDUwNjM3WjAYMRYwFAYD VQQDEw02OGE5NGM1ZS0yYWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx8gHMt3K06g30gtimznfd2Jttco1i4MtTqsYFL7V16PNMJsS4Uz4BGjT9CXW KgbdoB6MRIqDL6fW4Z6LwYND/tu2S89Oyj5KAmiDVbZze+V5j9RkPwNYykCsZrOm DHpHtxhLbwWTIsO/ItP8LwWD9IaGfxTqbQ9Ss/2v5p8OB+7ryBKLO+QUVpowVnj2 jKSKq2aeBVP30ymksbAm8pT39/hR4r1JVp6nrdvz0qXl2noAqsdBkgZia5Md+6sR f8WBjRc+dju/3RTySpc/c1toOLHQL9JukER3glIdGOuJjpimkou+eIoTmFzi+yqI HKEae0BXF6N2HuqtFiZPCIje/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBmr1Jqv Vku+PlXCP9AOdTIbRKl+MB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA42V6gSsw5tNwa9dN4e8q+v0ZF8C6yf5AmbS4dndRR/31VrfBU3n+O pZaI3V8mpY6lc1QuoFOdiOmAvuKeEYvwsPiYQFh1pjauAzh5JqRhA8dU6ViTlNRs SrGhAooB02DOi+AzCqHX/iNxSZyrFAhCmKwtweW2EL/c6YmDQ3DvL0jaUoSx9rRP e2Wr0mKrMAusxfqlHQ49UNb687efGAUfzYfUjeXx002ycyBD5EO5K5Ya7csrc+ow nipwMRh4uxhSARknFmwqg7knQNrTYdzEl4KI8faQwEsdoUc4yApOmbsyQIstfbX9 CtkM53x6qyULymUe1IxARRYOZ2tU0s0F -----END CERTIFICATE-----Generated at Sat Aug 23 15:46:54 2025 by rpki-client