$ rpki-client -vvf rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft File: NBfrvXgtZfKcRPwL3lgaTRst66Q.mft (raw, json) Hash identifier: XE6m027t/UWzbjZm/t+F5bHNjLZ5BjRL3pNRBNDoeS8= Subject key identifier: 5F:4C:64:47:ED:00:4B:3A:F5:73:6E:9D:DB:30:63:8B:70:DA:A8:EF Authority key identifier: 34:17:EB:BD:78:2D:65:F2:9C:44:FC:0B:DE:58:1A:4D:1B:2D:EB:A4 Certificate issuer: /CN=A91836DB/serialNumber=3417EBBD782D65F29C44FC0BDE581A4D1B2DEBA4 Certificate serial: 66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft Manifest number: 66 Signing time: Sat 23 Aug 2025 07:13:48 +0000 Manifest this update: Sat 23 Aug 2025 07:13:48 +0000 Manifest next update: Sat 30 Aug 2025 07:13:48 +0000 Files and hashes: 1: NBfrvXgtZfKcRPwL3lgaTRst66Q.crl (hash: OUvnda+Mkbt7NQnDdJ5mULoVaHqPefeX5WBvVA1xOKU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.crl rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:13:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 102 (0x66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91836DB, serialNumber=3417EBBD782D65F29C44FC0BDE581A4D1B2DEBA4 Validity Not Before: Aug 23 07:13:48 2025 GMT Not After : Aug 30 07:13:48 2025 GMT Subject: CN=68a96a2c-cd8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ce:39:f1:b5:4a:b1:9b:66:bf:e9:fc:7b:43: fa:db:ec:db:a5:48:65:3b:6d:59:bc:64:b8:24:82: ac:f3:ff:8a:b2:e0:47:40:73:b6:39:a0:17:0c:a0: 3a:3c:5a:b6:a7:b7:e1:6b:89:d6:c8:e3:71:67:dd: 9c:7b:f2:c3:e3:63:b4:ff:78:00:f9:55:54:e9:fb: eb:42:c5:35:39:b7:2d:4d:59:5d:74:a5:1f:df:b0: 24:ea:0e:90:a4:f6:58:0e:2e:ed:cf:b6:52:d8:11: f2:e0:05:bc:e5:8f:5d:39:bb:3d:01:15:64:eb:23: 71:74:a9:cb:c6:17:67:f9:8c:4f:60:ad:cd:bb:59: f8:c0:e8:b0:3e:ee:54:19:e2:4c:49:47:8d:b7:56: 27:9a:02:f8:0e:10:45:82:18:a8:8e:c0:8e:2a:7b: 3a:7f:2d:1c:fb:0d:49:50:6f:46:2a:ae:a7:77:59: 95:bf:d9:e3:6a:c8:30:bf:6e:d9:9b:ba:3d:b8:e5: 22:22:03:23:bf:ed:1e:2f:92:fc:b3:c6:a6:79:21: 3d:11:e4:2d:9e:ab:3c:bc:5e:fc:2a:ee:de:9a:66: 25:9c:cf:f8:13:3b:b3:d1:bf:3d:b4:4d:ed:e0:81: 58:20:3e:95:cd:aa:29:18:b4:56:dc:bd:03:73:d1: c9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:4C:64:47:ED:00:4B:3A:F5:73:6E:9D:DB:30:63:8B:70:DA:A8:EF X509v3 Authority Key Identifier: keyid:34:17:EB:BD:78:2D:65:F2:9C:44:FC:0B:DE:58:1A:4D:1B:2D:EB:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:73:e5:7c:b5:c9:9d:58:b4:88:83:32:5e:eb:3c:a1:28:4e: 10:d0:64:95:70:b0:6b:e8:6b:6f:44:4b:8d:28:76:b6:fe:d3: db:c1:f2:b7:71:5b:8b:a5:d6:a5:86:30:f2:00:5b:5a:0a:85: 9a:60:95:da:60:70:51:18:48:ad:66:97:6d:21:ce:e7:74:48: 41:7a:9e:d8:c9:a8:3b:40:f8:94:b0:93:c7:ff:35:f3:fa:c2: a2:60:22:d8:d9:55:db:99:5a:0e:52:95:a8:26:52:04:6c:74: 9b:fa:f4:3e:8d:af:b1:4f:62:3a:e5:3d:bd:33:99:18:a5:49: 7d:9b:c3:0f:0b:c2:3f:93:f5:a9:71:16:e3:f5:04:35:a6:53: ca:6a:14:e1:1e:f7:d0:eb:2c:04:7b:fc:f8:60:2d:f0:bd:b0: 93:fe:62:1e:cf:6c:64:61:ae:8e:47:59:71:05:bb:53:a6:3c: 0b:e9:58:54:0b:05:fb:a1:20:28:59:c4:4a:59:2a:68:54:e1: 1c:7a:23:24:f4:6d:b4:95:6a:2b:29:28:9b:54:4a:85:e5:63: 11:28:2a:44:cc:56:e8:63:25:80:f5:ed:1f:e6:0b:7d:f3:f3: 04:ec:d9:54:dc:0d:39:ed:e7:82:a7:07:26:4e:5a:33:6b:12: 70:8a:bd:2c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MzZEQjExMC8GA1UEBRMoMzQxN0VCQkQ3ODJENjVGMjlDNDRGQzBCREU1ODFBNEQx QjJERUJBNDAeFw0yNTA4MjMwNzEzNDhaFw0yNTA4MzAwNzEzNDhaMBgxFjAUBgNV BAMTDTY4YTk2YTJjLWNkOGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYzjnxtUqxm2a/6fx7Q/rb7NulSGU7bVm8ZLgkgqzz/4qy4EdAc7Y5oBcMoDo8 Wrant+FridbI43Fn3Zx78sPjY7T/eAD5VVTp++tCxTU5ty1NWV10pR/fsCTqDpCk 9lgOLu3PtlLYEfLgBbzlj105uz0BFWTrI3F0qcvGF2f5jE9grc27WfjA6LA+7lQZ 4kxJR423VieaAvgOEEWCGKiOwI4qezp/LRz7DUlQb0Yqrqd3WZW/2eNqyDC/btmb uj245SIiAyO/7R4vkvyzxqZ5IT0R5C2eqzy8Xvwq7t6aZiWcz/gTO7PRvz20Te3g gVggPpXNqikYtFbcvQNz0cnjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUX0xkR+0A Szr1c26d2zBji3DaqO8wHwYDVR0jBBgwFoAUNBfrvXgtZfKcRPwL3lgaTRst66Qw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgzNkRCLzU5QUZDMjBBRTQ1 RTExRUZBMTU2Mjg0NkM0RjlBRTAyL05CZnJ2WGd0WmZLY1JQd0wzbGdhVFJzdDY2 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTkJmcnZYZ3RaZktjUlB3TDNsZ2FUUnN0NjZRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgz NkRCLzU5QUZDMjBBRTQ1RTExRUZBMTU2Mjg0NkM0RjlBRTAyL05CZnJ2WGd0WmZL Y1JQd0wzbGdhVFJzdDY2US5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGJz5Xy1yZ1YtIiDMl7rPKEoThDQZJVwsGvoa29ES40odrb+09vB8rdx W4ul1qWGMPIAW1oKhZpgldpgcFEYSK1ml20hzud0SEF6ntjJqDtA+JSwk8f/NfP6 wqJgItjZVduZWg5SlagmUgRsdJv69D6Nr7FPYjrlPb0zmRilSX2bww8Lwj+T9alx FuP1BDWmU8pqFOEe99DrLAR7/PhgLfC9sJP+Yh7PbGRhro5HWXEFu1OmPAvpWFQL BfuhIChZxEpZKmhU4Rx6IyT0bbSVaispKJtUSoXlYxEoKkTMVuhjJYD17R/mC33z 8wTs2VTcDTnt54KnByZOWjNrEnCKvSw= -----END CERTIFICATE-----Generated at Sun Aug 24 00:45:22 2025 by rpki-client