$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: li5HaOQWus0avaGOpNH3ZZHC93f+du1NHGLLc7Y7lXQ= Subject key identifier: 55:83:6A:6A:FB:F8:AC:65:C2:E0:79:96:D2:A0:F7:10:3F:33:D5:81 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: DB Signing time: Tue 13 May 2025 04:46:04 +0000 Manifest this update: Tue 13 May 2025 04:46:04 +0000 Manifest next update: Tue 20 May 2025 04:46:03 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: Xese671MhlFxxNcERUXR4U7EOuqBX3BFQX8HT9c6/OI=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: /HAKekx3oGLhAH29x46oJ6hTdPMrFSJIAAVT8YfqHU0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: May 13 04:46:04 2025 GMT Not After : May 20 04:46:03 2025 GMT Subject: CN=6822ce8c-fda1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:0a:28:02:0f:b1:57:7a:d9:16:32:13:07:24: 39:9e:2f:e1:4e:41:3b:a8:a0:5b:df:f2:45:f9:6b: 3f:2a:a6:ac:10:84:8c:13:1a:a4:29:84:18:4f:b2: 15:fc:04:4b:87:d3:ff:27:38:12:39:1a:d3:91:61: 75:8b:61:fd:b0:4c:a0:66:2f:f4:f4:ca:d0:ab:e1: 5b:44:a4:e0:fb:da:9c:65:95:b2:18:df:11:2c:5e: 23:f7:99:5b:9f:c2:c5:e6:5b:ad:b2:7c:3c:d9:b1: 62:54:3f:1f:20:0e:b9:cd:04:06:80:bd:57:85:b8: d4:00:d4:c9:5f:75:25:28:8e:6a:87:01:06:80:af: dc:62:61:23:f0:ab:88:f8:f1:ee:cc:a9:82:15:de: 36:65:bd:75:77:5e:8f:e9:6a:5e:cd:62:4d:dd:c0: ef:d4:71:5d:4a:45:ec:8e:4b:29:ed:c0:e1:bb:fc: 44:5d:44:ef:bc:07:cc:1b:82:0c:d1:f2:58:32:85: 3d:0e:81:0f:2c:15:cd:a4:c7:10:bc:90:06:11:a7: 02:0f:f3:53:a2:ac:cb:13:cc:d2:88:25:88:44:25: 17:08:b4:75:71:4f:b6:cc:90:29:f9:45:b4:9a:9a: 9a:dc:95:ad:7e:3d:77:76:f8:7d:29:cf:d2:70:df: 60:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:83:6A:6A:FB:F8:AC:65:C2:E0:79:96:D2:A0:F7:10:3F:33:D5:81 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:15:be:20:d9:fd:4c:b6:e3:f8:bb:ba:73:18:7d:d7:67:75: 71:e2:2e:0f:70:d2:ea:66:4f:0f:81:1e:5f:67:8c:20:0d:13: cb:b8:48:29:fa:7b:03:79:c1:a4:b1:aa:e4:f4:ea:ad:ab:44: 64:0f:83:b9:4b:2c:27:a0:04:7e:8a:65:32:35:c1:6c:20:2c: d9:37:34:b0:93:85:e5:53:0d:21:ad:4e:45:19:7a:21:a0:4e: 9e:3a:d1:bb:39:a1:20:a0:55:7e:22:ba:6b:9e:7e:ab:61:17: 23:c1:92:44:4c:f5:e1:a5:07:f7:bf:94:5d:18:59:13:12:17: a1:92:c9:38:45:cc:1a:4c:e7:d2:b6:a9:4f:08:8a:5f:2e:d2: bc:7e:2a:e6:42:e4:37:d4:ac:47:64:f4:a8:f2:ee:02:67:7c: d0:db:cf:bb:eb:e2:b2:0b:c1:c6:26:10:bc:76:94:ec:5c:30: f6:b9:63:08:2c:4e:a5:d6:56:9c:4e:0f:30:74:38:ac:a8:14: de:bf:3d:f1:1e:df:67:5f:c4:be:df:ed:66:10:58:06:b3:1e: 70:d7:17:ce:9f:c3:a7:e0:07:b2:58:71:99:59:3d:72:8c:f9: e7:e8:da:94:4e:68:86:df:30:1a:68:24:ff:3e:f6:e8:d1:09: 6a:c1:c8:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUwNTEzMDQ0NjA0WhcNMjUwNTIwMDQ0NjAzWjAYMRYwFAYD VQQDEw02ODIyY2U4Yy1mZGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsAooAg+xV3rZFjITByQ5ni/hTkE7qKBb3/JF+Ws/KqasEISMExqkKYQYT7IV /ARLh9P/JzgSORrTkWF1i2H9sEygZi/09MrQq+FbRKTg+9qcZZWyGN8RLF4j95lb n8LF5lutsnw82bFiVD8fIA65zQQGgL1XhbjUANTJX3UlKI5qhwEGgK/cYmEj8KuI +PHuzKmCFd42Zb11d16P6WpezWJN3cDv1HFdSkXsjksp7cDhu/xEXUTvvAfMG4IM 0fJYMoU9DoEPLBXNpMcQvJAGEacCD/NToqzLE8zSiCWIRCUXCLR1cU+2zJAp+UW0 mpqa3JWtfj13dvh9Kc/ScN9gnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFWDamr7 +KxlwuB5ltKg9xA/M9WBMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhFb4g2f1MtuP4u7pzGH3XZ3Vx4i4PcNLqZk8PgR5fZ4wgDRPLuEgp +nsDecGksark9Oqtq0RkD4O5SywnoAR+imUyNcFsICzZNzSwk4XlUw0hrU5FGXoh oE6eOtG7OaEgoFV+Irprnn6rYRcjwZJETPXhpQf3v5RdGFkTEhehksk4RcwaTOfS tqlPCIpfLtK8firmQuQ31KxHZPSo8u4CZ3zQ28+76+KyC8HGJhC8dpTsXDD2uWMI LE6l1lacTg8wdDisqBTevz3xHt9nX8S+3+1mEFgGsx5w1xfOn8On4AeyWHGZWT1y jPnn6NqUTmiG3zAaaCT/Pvbo0Qlqwcgj -----END CERTIFICATE-----Generated at Wed May 14 00:01:01 2025 by rpki-client