$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: AhhUVSwnGr8SEfJjgDOmXtXUJtqxYsEhKNdtTBgsdFo= Subject key identifier: 95:EB:7F:25:B6:B0:38:BB:FB:DF:0C:57:EB:E1:1E:6A:F7:03:D1:69 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 0140 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 0135 Signing time: Sun 19 Oct 2025 07:27:04 +0000 Manifest this update: Sun 19 Oct 2025 07:27:03 +0000 Manifest next update: Sun 26 Oct 2025 07:27:03 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: 0qX4OnJjkrTvFU1h6hijTtsOIb/ZdOUTtOZKazAdXsE=) 2: 8109B4CA9DF211F0B1ED220FC4F9AE02.roa (hash: /KMShVz7xPQb/IFHjv8WLpc7f7w5sCo+1tbPQq7vaKs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 07:27:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 320 (0x140) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Oct 19 07:27:03 2025 GMT Not After : Oct 26 07:27:03 2025 GMT Subject: CN=68f492c8-b8e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:09:f1:c9:41:b4:f7:d4:84:85:6f:66:14:0f: d9:ca:8e:a7:c9:da:5f:55:48:66:4d:17:a4:6f:06: c6:38:ed:78:4c:14:e3:49:cd:de:04:25:bb:21:5c: 65:36:39:56:44:3d:4d:5b:02:fa:17:e9:7e:d7:06: be:62:6c:ad:a6:47:6a:73:a9:ef:52:f3:09:91:ae: c8:75:29:22:a1:42:e3:46:87:40:16:67:2c:f8:e2: 35:78:6d:a3:13:b8:14:13:6c:65:49:fb:e4:8b:3f: 65:0c:06:6a:e1:09:02:2d:ac:aa:ca:98:2d:63:db: ba:25:8f:c2:d5:e6:4a:ae:50:53:08:db:65:dd:c2: 50:1a:39:4c:49:87:d1:8a:72:ff:e7:ba:6a:0d:98: 8c:0b:3d:e5:56:42:84:71:08:c5:13:19:ac:cc:18: e6:53:bc:47:52:9e:36:bb:cc:5e:e3:58:68:f6:d9: d8:b7:c3:55:55:70:a2:62:03:5f:fc:22:a6:e6:15: 20:14:0f:17:56:3c:77:6d:e6:08:e9:da:11:16:78: b5:36:6f:16:bb:69:96:77:ff:fb:0a:07:4a:e6:9c: 4c:f1:c4:5d:a9:7c:f9:cd:c3:7a:ba:c5:39:4e:eb: fb:e2:c9:c3:f2:81:a0:34:e9:67:8a:6f:6b:95:89: 7b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:EB:7F:25:B6:B0:38:BB:FB:DF:0C:57:EB:E1:1E:6A:F7:03:D1:69 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:05:da:62:dd:a1:2a:e3:b3:53:50:d7:39:ac:ae:ba:f8:bc: b0:d0:68:30:f1:5c:25:f3:40:e7:9b:32:78:4d:76:90:04:8e: 3f:dc:f9:6e:04:e1:f1:72:cb:3d:56:1a:63:71:a3:a3:cc:ba: a3:10:81:7b:29:aa:ae:55:3a:29:03:eb:b5:a6:f6:fd:f7:ad: 80:f7:fb:8a:25:df:7f:a5:50:f5:8b:77:a3:93:af:d2:8c:f7: 28:93:d7:ef:7b:b0:ba:0b:e7:7a:1f:9e:06:19:3d:5e:6b:94: fe:55:03:8d:87:87:b6:6d:c1:09:c4:94:79:30:61:41:ac:83: e3:b5:a1:68:96:b8:7f:79:f9:10:3f:2c:03:d9:57:35:dc:2a: fb:44:69:02:e3:af:22:d1:ad:f2:f4:00:f9:32:11:1f:95:80: d5:f9:66:bf:52:4c:cf:e2:88:ad:f5:b7:fa:04:bc:3c:9b:c3: 28:25:48:19:95:e9:9e:f7:bc:10:e7:9d:64:4a:f8:64:2c:45: 9c:6a:06:64:d1:38:0c:83:6b:6a:3b:b2:28:66:6a:49:da:73: 72:ff:40:4d:11:b1:b7:6d:67:07:e3:82:2b:d5:c7:04:dd:a2: a9:43:09:c6:33:64:38:ad:cd:27:2d:f8:1c:1d:34:5d:57:f5: 3e:e0:81:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUxMDE5MDcyNzAzWhcNMjUxMDI2MDcyNzAzWjAYMRYwFAYD VQQDEw02OGY0OTJjOC1iOGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtgnxyUG099SEhW9mFA/Zyo6nydpfVUhmTRekbwbGOO14TBTjSc3eBCW7IVxl NjlWRD1NWwL6F+l+1wa+Ymytpkdqc6nvUvMJka7IdSkioULjRodAFmcs+OI1eG2j E7gUE2xlSfvkiz9lDAZq4QkCLayqypgtY9u6JY/C1eZKrlBTCNtl3cJQGjlMSYfR inL/57pqDZiMCz3lVkKEcQjFExmszBjmU7xHUp42u8xe41ho9tnYt8NVVXCiYgNf /CKm5hUgFA8XVjx3beYI6doRFni1Nm8Wu2mWd//7CgdK5pxM8cRdqXz5zcN6usU5 Tuv74snD8oGgNOlnim9rlYl7JQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJXrfyW2 sDi7+98MV+vhHmr3A9FpMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeBdpi3aEq47NTUNc5rK66+Lyw0Ggw8Vwl80DnmzJ4TXaQBI4/3Plu BOHxcss9VhpjcaOjzLqjEIF7KaquVTopA+u1pvb9962A9/uKJd9/pVD1i3ejk6/S jPcok9fve7C6C+d6H54GGT1ea5T+VQONh4e2bcEJxJR5MGFBrIPjtaFolrh/efkQ PywD2Vc13Cr7RGkC468i0a3y9AD5MhEflYDV+Wa/UkzP4oit9bf6BLw8m8MoJUgZ leme97wQ551kSvhkLEWcagZk0TgMg2tqO7IoZmpJ2nNy/0BNEbG3bWcH44Ir1ccE 3aKpQwnGM2Q4rc0nLfgcHTRdV/U+4IE5 -----END CERTIFICATE-----Generated at Mon Oct 20 15:01:35 2025 by rpki-client