$ rpki-client -vvf rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft File: NAlJ7LhXg2NX8QJTxpQnIggZex0.mft (raw, json) Hash identifier: nlWmgVb7yGe3y6GCXk56LeoN80cJbbeph/Eg7ZkC8p4= Subject key identifier: E4:D7:60:D5:9C:87:8F:B2:52:C3:2F:BD:D2:A3:57:F8:92:75:B1:45 Authority key identifier: 34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D Certificate issuer: /CN=A916BC76/serialNumber=340949ECB857836357F10253C694272208197B1D Certificate serial: 0541 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft Manifest number: 053C Signing time: Mon 30 Jun 2025 23:54:21 +0000 Manifest this update: Mon 30 Jun 2025 23:54:20 +0000 Manifest next update: Mon 07 Jul 2025 23:54:20 +0000 Files and hashes: 1: NAlJ7LhXg2NX8QJTxpQnIggZex0.crl (hash: LyUaIKWMH4jyfvcGxofZjsNThZjlfMsgySc71W0XKTI=) 2: F44B1F40FC1711EBA835010DC4F9AE02.roa (hash: Y4KIW6waXy9by1Ft4XI4IDDdWRGAFQ3T1gtKYgu91qw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 23:54:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1345 (0x541) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BC76, serialNumber=340949ECB857836357F10253C694272208197B1D Validity Not Before: Jun 30 23:54:20 2025 GMT Not After : Jul 7 23:54:20 2025 GMT Subject: CN=686323ac-54e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ac:c3:d4:ea:19:7a:ff:89:ab:e3:9e:2d:3e: 6d:53:34:9e:8e:67:fe:42:8d:0d:c2:93:48:c3:c7: ba:0b:38:cc:86:6c:7b:d2:c2:aa:b6:ce:23:f9:33: b9:12:51:a0:96:27:9e:e2:f3:fe:61:db:08:87:96: f4:35:eb:57:ee:30:25:07:03:84:4d:72:6a:95:66: 9b:64:67:b4:08:09:59:25:b3:95:93:a5:24:49:79: b0:6f:b6:7d:a9:29:2f:28:aa:6a:ed:70:55:ba:19: 22:1c:b0:3a:56:07:83:d9:4a:47:2d:00:39:ec:f9: 88:7e:46:0a:94:63:55:22:79:19:7f:18:97:18:91: cb:00:a9:01:b0:ac:27:5d:e7:22:a4:27:9f:4d:2d: 5d:8a:20:16:d7:dc:58:2b:f9:79:9e:33:78:e0:f1: dd:79:0f:81:54:6f:66:bf:91:86:b3:ec:6e:55:5e: 86:b6:1e:9a:0e:b8:b2:9c:5a:94:ef:e4:a2:b7:83: ad:f4:68:3f:e5:80:da:94:e1:dc:f0:2a:f9:9f:dd: 4a:67:3e:ff:87:f3:9a:c0:80:7f:d9:d9:2d:73:da: be:ae:92:b1:03:51:cf:84:04:43:03:a6:ce:fb:d7: 77:e2:9b:28:26:cb:b7:0c:ef:3b:5a:aa:57:8f:fb: 7c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:D7:60:D5:9C:87:8F:B2:52:C3:2F:BD:D2:A3:57:F8:92:75:B1:45 X509v3 Authority Key Identifier: keyid:34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:f8:85:ff:cd:28:a1:7f:16:8d:ae:e4:d3:a4:cd:69:e2:cd: 52:d6:f5:7e:9b:a5:a5:ae:c3:8d:05:a4:45:af:60:e5:92:2a: 9c:e5:ab:fc:f7:59:0a:e3:7e:92:2f:a0:80:f1:52:2f:fa:31: c4:31:d9:34:a8:bb:7d:4b:89:10:02:12:c4:bf:ca:11:da:45: ec:33:a9:cd:81:a8:fe:a9:62:49:4f:f5:71:94:9b:10:16:5e: d8:61:f3:25:86:f0:c4:9d:76:fb:bf:d0:61:7c:8c:eb:0a:b5: 29:33:ad:63:e3:9e:df:fb:86:1d:d3:dc:8d:e5:32:33:9f:32: 04:5d:9d:53:68:12:33:59:08:3f:8a:33:77:21:7f:6f:a4:de: 6e:6a:13:cc:db:c7:f8:41:4f:b5:8b:8c:64:37:e4:86:2f:1b: 17:87:80:80:7e:7b:0f:72:b3:9b:c8:e9:5b:04:67:59:2e:db: 57:db:ed:21:38:27:0b:73:06:0c:e6:c2:ed:21:ab:d1:ee:6f: 8c:8a:2c:c9:4b:7f:98:a2:2d:fd:6d:24:e4:7b:d5:e2:a4:73: 90:6d:67:06:7c:19:67:ac:37:ab:07:4b:3f:fb:c1:14:93:d9: 27:7a:b8:41:96:3f:8f:01:9d:9d:a5:82:a7:e3:d4:ee:7b:1f: 64:f9:b8:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDNzYxMTAvBgNVBAUTKDM0MDk0OUVDQjg1NzgzNjM1N0YxMDI1M0M2OTQyNzIy MDgxOTdCMUQwHhcNMjUwNjMwMjM1NDIwWhcNMjUwNzA3MjM1NDIwWjAYMRYwFAYD VQQDEw02ODYzMjNhYy01NGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtazD1OoZev+Jq+OeLT5tUzSejmf+Qo0NwpNIw8e6CzjMhmx70sKqts4j+TO5 ElGgliee4vP+YdsIh5b0NetX7jAlBwOETXJqlWabZGe0CAlZJbOVk6UkSXmwb7Z9 qSkvKKpq7XBVuhkiHLA6VgeD2UpHLQA57PmIfkYKlGNVInkZfxiXGJHLAKkBsKwn XecipCefTS1diiAW19xYK/l5njN44PHdeQ+BVG9mv5GGs+xuVV6Gth6aDriynFqU 7+Sit4Ot9Gg/5YDalOHc8Cr5n91KZz7/h/OawIB/2dktc9q+rpKxA1HPhARDA6bO +9d34psoJsu3DO87WqpXj/t8fwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOTXYNWc h4+yUsMvvdKjV/iSdbFFMB8GA1UdIwQYMBaAFDQJSey4V4NjV/ECU8aUJyIIGXsd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkM3Ni82MTM2QTE3MkZD MTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcyTlg4UUpUeHBRbklnZ1pl eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BbEo3TGhYZzJOWDhRSlR4cFFuSWdnWmV4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QkM3Ni82MTM2QTE3MkZDMTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcy Tlg4UUpUeHBRbklnZ1pleDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCq+IX/zSihfxaNruTTpM1p4s1S1vV+m6WlrsONBaRFr2Dlkiqc5av8 91kK436SL6CA8VIv+jHEMdk0qLt9S4kQAhLEv8oR2kXsM6nNgaj+qWJJT/VxlJsQ Fl7YYfMlhvDEnXb7v9BhfIzrCrUpM61j457f+4Yd09yN5TIznzIEXZ1TaBIzWQg/ ijN3IX9vpN5uahPM28f4QU+1i4xkN+SGLxsXh4CAfnsPcrObyOlbBGdZLttX2+0h OCcLcwYM5sLtIavR7m+MiizJS3+Yoi39bSTke9XipHOQbWcGfBlnrDerB0s/+8EU k9knerhBlj+PAZ2dpYKn49Tuex9k+bhC -----END CERTIFICATE-----Generated at Wed Jul 2 20:01:25 2025 by rpki-client