$ rpki-client -vvf rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft File: nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft (raw, json) Hash identifier: HgQjuZXgwBMvpZrJA1tItoybk7ry8e13nZJkvG6u1f0= Subject key identifier: 11:61:04:54:56:EA:28:BF:C5:71:CD:8E:1D:C2:B1:9E:D1:BB:5A:BB Authority key identifier: 9E:29:B0:F5:1B:BB:6D:60:33:C0:EF:00:62:3C:C4:BB:AC:EA:58:41 Certificate issuer: /CN=A9172CE3/serialNumber=9E29B0F51BBB6D6033C0EF00623CC4BBACEA5841 Certificate serial: 0478 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft Manifest number: 0478 Signing time: Mon 12 May 2025 23:51:32 +0000 Manifest this update: Mon 12 May 2025 23:51:31 +0000 Manifest next update: Mon 19 May 2025 23:51:31 +0000 Files and hashes: 1: nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl (hash: p7fXGY3N48X8PZQfGzzM/bLc/YIpg2mECV+kKTzZYVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 23:51:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1144 (0x478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172CE3, serialNumber=9E29B0F51BBB6D6033C0EF00623CC4BBACEA5841 Validity Not Before: May 12 23:51:31 2025 GMT Not After : May 19 23:51:31 2025 GMT Subject: CN=68228984-ef4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:cf:9b:e2:1f:62:91:42:a2:df:65:ae:98:cc: dc:ab:a3:3d:95:df:b4:9a:3e:3d:0a:98:4a:cf:d0: f2:98:c8:9c:f8:89:bf:90:6a:5b:ba:25:b3:92:1b: 96:97:ce:04:f9:62:ce:08:71:cc:ad:03:30:99:8a: 65:9d:94:99:14:2d:82:02:dd:b4:9c:45:96:9e:2d: 41:62:81:e4:35:f0:6e:e1:f1:64:c4:76:17:c0:1c: c1:28:e7:ea:09:c4:63:2d:51:6c:dd:30:4e:f9:f8: 20:63:28:75:b0:b4:51:a7:97:23:f5:ed:c5:02:1b: 19:59:79:35:63:6d:d5:1e:d7:7a:7d:4e:ad:f7:62: c2:bf:b0:a7:4a:fd:6d:31:1c:4f:3d:81:81:00:94: be:8c:91:8e:aa:6d:c5:25:0e:89:11:d7:26:cf:2c: fd:ed:ad:a4:5a:98:c9:00:15:ef:21:49:46:12:7d: 3a:d1:aa:c6:b0:84:67:01:a3:38:32:99:91:32:f5: 0b:62:1c:3a:1d:63:21:30:e1:e2:f3:4f:4f:2b:9b: 9c:dc:06:5b:9f:50:56:f1:4e:fb:d9:d6:85:30:5f: 60:7b:d6:d3:09:05:c6:19:be:ac:a0:d6:4c:ef:51: 00:20:4c:02:62:bb:1b:7c:ce:f2:85:7b:91:a0:7a: 8a:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:61:04:54:56:EA:28:BF:C5:71:CD:8E:1D:C2:B1:9E:D1:BB:5A:BB X509v3 Authority Key Identifier: keyid:9E:29:B0:F5:1B:BB:6D:60:33:C0:EF:00:62:3C:C4:BB:AC:EA:58:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nimw9Ru7bWAzwO8AYjzEu6zqWEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/6728C4C4405911ECA0AFAA4DC4F9AE02/nimw9Ru7bWAzwO8AYjzEu6zqWEE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:12:9d:a7:f1:7a:88:1a:d3:d4:d4:12:59:0d:40:bc:17:c5: 24:86:39:b7:0b:a3:8f:96:91:77:a9:ef:52:42:db:f8:69:2e: aa:91:3c:91:dd:81:58:a5:30:54:cc:8b:1e:9d:be:a8:89:80: 0f:09:4b:2a:03:14:6f:05:37:a0:2f:6b:5b:da:53:18:68:1c: 06:f4:d2:8f:a1:dd:fc:6e:2d:73:26:47:02:c7:52:8b:36:77: 8a:c1:e8:9e:15:7d:00:f7:32:6d:f1:64:1f:ff:d5:eb:15:58: d3:77:77:ba:a6:3b:4d:a0:de:6d:71:e8:0c:f5:40:0a:ea:a3: 76:d3:fb:23:ca:ba:2a:9d:f1:d2:05:2c:43:24:69:d9:3b:77: 98:6b:bb:ce:c6:76:c4:5e:4d:c9:ba:e3:3b:26:31:13:98:0c: 7e:dc:c3:22:5e:59:e0:30:23:53:39:11:75:c5:7f:6e:1b:87: f8:0f:de:77:67:8a:c4:5c:fc:7f:9f:b2:f7:30:74:9f:29:27: 50:96:fb:dc:6c:a6:db:17:ce:a5:7f:8a:f6:75:97:51:ed:fb: 1e:89:51:5c:51:99:f6:73:8b:c6:f7:62:f1:ff:96:70:ae:c0: f1:7c:95:0f:55:4d:ca:05:64:a4:3f:b4:a8:c3:f6:31:21:90: 45:63:a8:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDRTMxMTAvBgNVBAUTKDlFMjlCMEY1MUJCQjZENjAzM0MwRUYwMDYyM0NDNEJC QUNFQTU4NDEwHhcNMjUwNTEyMjM1MTMxWhcNMjUwNTE5MjM1MTMxWjAYMRYwFAYD VQQDEw02ODIyODk4NC1lZjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6s+b4h9ikUKi32WumMzcq6M9ld+0mj49CphKz9DymMic+Im/kGpbuiWzkhuW l84E+WLOCHHMrQMwmYplnZSZFC2CAt20nEWWni1BYoHkNfBu4fFkxHYXwBzBKOfq CcRjLVFs3TBO+fggYyh1sLRRp5cj9e3FAhsZWXk1Y23VHtd6fU6t92LCv7CnSv1t MRxPPYGBAJS+jJGOqm3FJQ6JEdcmzyz97a2kWpjJABXvIUlGEn060arGsIRnAaM4 MpmRMvULYhw6HWMhMOHi809PK5uc3AZbn1BW8U772daFMF9ge9bTCQXGGb6soNZM 71EAIEwCYrsbfM7yhXuRoHqKxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBFhBFRW 6ii/xXHNjh3CsZ7Ru1q7MB8GA1UdIwQYMBaAFJ4psPUbu21gM8DvAGI8xLus6lhB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkNFMy82NzI4QzRDNDQw NTkxMUVDQTBBRkFBNERDNEY5QUUwMi9uaW13OVJ1N2JXQXp3TzhBWWp6RXU2enFX RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25pbXc5UnU3YldBendPOEFZanpFdTZ6cVdFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkNFMy82NzI4QzRDNDQwNTkxMUVDQTBBRkFBNERDNEY5QUUwMi9uaW13OVJ1N2JX QXp3TzhBWWp6RXU2enFXRUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYEp2n8XqIGtPU1BJZDUC8F8Ukhjm3C6OPlpF3qe9SQtv4aS6qkTyR 3YFYpTBUzIsenb6oiYAPCUsqAxRvBTegL2tb2lMYaBwG9NKPod38bi1zJkcCx1KL NneKweieFX0A9zJt8WQf/9XrFVjTd3e6pjtNoN5tcegM9UAK6qN20/sjyroqnfHS BSxDJGnZO3eYa7vOxnbEXk3JuuM7JjETmAx+3MMiXlngMCNTORF1xX9uG4f4D953 Z4rEXPx/n7L3MHSfKSdQlvvcbKbbF86lf4r2dZdR7fseiVFcUZn2c4vG92Lx/5Zw rsDxfJUPVU3KBWSkP7Sow/YxIZBFY6j+ -----END CERTIFICATE-----Generated at Tue May 13 21:57:12 2025 by rpki-client