$ rpki-client -vvf rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft File: NAlJ7LhXg2NX8QJTxpQnIggZex0.mft (raw, json) Hash identifier: MlAsqgZr2lnrJZGwAmeNK/UVK/n+o1v7Te9EClNlqjQ= Subject key identifier: 59:76:BA:A2:9D:DA:0F:59:07:F6:C9:E0:BF:B7:C8:10:7B:42:B9:D6 Authority key identifier: 34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D Certificate issuer: /CN=A916BC76/serialNumber=340949ECB857836357F10253C694272208197B1D Certificate serial: 0528 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft Manifest number: 0523 Signing time: Sat 10 May 2025 23:09:13 +0000 Manifest this update: Sat 10 May 2025 23:09:13 +0000 Manifest next update: Sat 17 May 2025 23:09:13 +0000 Files and hashes: 1: NAlJ7LhXg2NX8QJTxpQnIggZex0.crl (hash: VPi0Zn918k/UfSG9rhaHGRiOnyob47BM6nItnKOT/DI=) 2: F44B1F40FC1711EBA835010DC4F9AE02.roa (hash: Y4KIW6waXy9by1Ft4XI4IDDdWRGAFQ3T1gtKYgu91qw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 23:09:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1320 (0x528) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BC76, serialNumber=340949ECB857836357F10253C694272208197B1D Validity Not Before: May 10 23:09:13 2025 GMT Not After : May 17 23:09:13 2025 GMT Subject: CN=681fdc99-9605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:97:c0:95:42:07:cc:c7:85:69:50:e9:b0:ea: 14:6c:cf:1a:6d:8e:bd:7f:72:f1:c9:8a:ad:81:21: ad:b5:54:4b:8d:9a:88:af:f6:7e:99:75:d5:41:52: ab:e0:5e:42:08:7d:89:44:db:dc:0e:d0:3e:c0:4a: c9:0f:d2:85:34:17:ee:ea:96:91:1f:de:4f:01:a3: 6c:e1:2c:a5:c8:44:3f:c7:29:2d:ee:2f:43:ac:36: ac:af:79:41:d8:80:69:4e:fa:2d:11:5b:64:ad:57: ae:5e:08:6e:10:13:6d:92:6c:de:36:5f:6e:f7:8f: 97:c5:40:ad:00:c5:c3:cf:10:18:59:ea:2c:f7:47: 06:91:8f:ac:df:8d:36:2e:29:6d:19:57:19:b2:6d: 99:19:04:c9:c8:da:5b:42:96:76:ea:60:71:4d:0c: 05:60:27:fd:3a:18:f4:e0:10:a1:6e:ec:5b:9d:a4: cc:b1:f4:f7:e9:e0:f0:0a:d5:76:0e:89:da:d2:90: a8:25:e0:bd:82:32:45:04:0b:86:3c:56:20:6d:c6: 85:35:b1:16:23:37:4d:22:c5:3c:3f:4f:8f:59:5a: a0:59:fc:e0:fe:56:ea:74:62:13:75:d7:7f:31:6e: a9:d0:1f:8d:9c:8c:b1:84:54:68:67:9a:c5:f7:b6: 42:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:76:BA:A2:9D:DA:0F:59:07:F6:C9:E0:BF:B7:C8:10:7B:42:B9:D6 X509v3 Authority Key Identifier: keyid:34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:4e:15:83:d1:e5:98:94:ad:e0:24:c5:c9:2e:cc:b8:be:ae: 5e:b1:7f:df:3a:12:01:63:bc:87:38:6e:8b:99:36:91:2f:b1: ed:10:b1:77:b3:a4:1a:f1:e0:59:b7:36:e6:b4:32:f9:c1:b2: 74:8f:6b:10:61:b2:d7:17:d8:93:8b:ac:9d:3e:6b:84:3b:f8: e0:1f:16:e6:00:0a:f7:4e:1a:5c:e4:6e:fe:ec:17:ce:9a:0e: 1e:e6:f7:13:dd:87:89:b8:8d:a7:e1:d3:d9:c1:4e:08:fa:36: d5:81:4c:b9:53:61:2d:d1:b7:5a:98:c0:90:3c:7a:25:16:b8: 04:c7:6d:04:aa:08:af:ba:6c:4d:e6:bd:00:d5:27:f8:67:35: 83:e6:a6:35:e1:b5:68:e6:4d:92:62:9a:4d:d3:cc:5a:46:af: 7f:cd:25:44:38:30:21:15:b0:99:fa:04:18:a3:81:fe:1a:05: ae:b1:76:91:2b:f2:fd:3e:e0:eb:88:97:9d:1e:c4:1f:54:3d: a7:48:0d:39:a6:56:50:6b:18:c7:cc:79:83:a2:46:a8:b3:eb: 27:6a:dc:a4:14:a1:2f:65:2b:82:fe:85:97:c7:b6:9f:fe:54: 08:cb:f3:4e:75:45:f8:7c:7d:98:3f:26:e8:a2:34:36:48:de: 69:01:3f:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDNzYxMTAvBgNVBAUTKDM0MDk0OUVDQjg1NzgzNjM1N0YxMDI1M0M2OTQyNzIy MDgxOTdCMUQwHhcNMjUwNTEwMjMwOTEzWhcNMjUwNTE3MjMwOTEzWjAYMRYwFAYD VQQDEw02ODFmZGM5OS05NjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy5fAlUIHzMeFaVDpsOoUbM8abY69f3LxyYqtgSGttVRLjZqIr/Z+mXXVQVKr 4F5CCH2JRNvcDtA+wErJD9KFNBfu6paRH95PAaNs4SylyEQ/xykt7i9DrDasr3lB 2IBpTvotEVtkrVeuXghuEBNtkmzeNl9u94+XxUCtAMXDzxAYWeos90cGkY+s3402 LiltGVcZsm2ZGQTJyNpbQpZ26mBxTQwFYCf9Ohj04BChbuxbnaTMsfT36eDwCtV2 Dona0pCoJeC9gjJFBAuGPFYgbcaFNbEWIzdNIsU8P0+PWVqgWfzg/lbqdGITddd/ MW6p0B+NnIyxhFRoZ5rF97ZCPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFl2uqKd 2g9ZB/bJ4L+3yBB7QrnWMB8GA1UdIwQYMBaAFDQJSey4V4NjV/ECU8aUJyIIGXsd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkM3Ni82MTM2QTE3MkZD MTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcyTlg4UUpUeHBRbklnZ1pl eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BbEo3TGhYZzJOWDhRSlR4cFFuSWdnWmV4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QkM3Ni82MTM2QTE3MkZDMTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcy Tlg4UUpUeHBRbklnZ1pleDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCThWD0eWYlK3gJMXJLsy4vq5esX/fOhIBY7yHOG6LmTaRL7HtELF3 s6Qa8eBZtzbmtDL5wbJ0j2sQYbLXF9iTi6ydPmuEO/jgHxbmAAr3Thpc5G7+7BfO mg4e5vcT3YeJuI2n4dPZwU4I+jbVgUy5U2Et0bdamMCQPHolFrgEx20EqgivumxN 5r0A1Sf4ZzWD5qY14bVo5k2SYppN08xaRq9/zSVEODAhFbCZ+gQYo4H+GgWusXaR K/L9PuDriJedHsQfVD2nSA05plZQaxjHzHmDokaos+snatykFKEvZSuC/oWXx7af /lQIy/NOdUX4fH2YPyboojQ2SN5pAT8M -----END CERTIFICATE-----Generated at Mon May 12 19:46:03 2025 by rpki-client