$ rpki-client -vvf rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft File: NBfrvXgtZfKcRPwL3lgaTRst66Q.mft (raw, json) Hash identifier: b32/8tdpN18HllUvkzNxJ2kgTx5UxbQ4dIoZto4P5eI= Subject key identifier: 1C:8C:D2:BB:3D:B3:D3:20:B7:AF:CC:B7:80:F3:08:65:5B:23:BF:5D Authority key identifier: 34:17:EB:BD:78:2D:65:F2:9C:44:FC:0B:DE:58:1A:4D:1B:2D:EB:A4 Certificate issuer: /CN=A91836DB/serialNumber=3417EBBD782D65F29C44FC0BDE581A4D1B2DEBA4 Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft Manifest number: 34 Signing time: Thu 15 May 2025 06:54:07 +0000 Manifest this update: Thu 15 May 2025 06:54:06 +0000 Manifest next update: Thu 22 May 2025 06:54:06 +0000 Files and hashes: 1: NBfrvXgtZfKcRPwL3lgaTRst66Q.crl (hash: v7VbHdKMLsW8IgFOHIDmFk4ujWSl/eWA+xMTpbNiMCA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.crl rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 06:54:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91836DB, serialNumber=3417EBBD782D65F29C44FC0BDE581A4D1B2DEBA4 Validity Not Before: May 15 06:54:06 2025 GMT Not After : May 22 06:54:06 2025 GMT Subject: CN=68258f8f-c7b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:a9:9a:63:6f:d6:94:0b:a9:26:12:24:f0:ea: d7:e6:b4:30:c4:dd:6e:5e:38:f3:46:2b:c2:4f:92: 53:88:9d:13:b3:5b:16:6a:25:50:8a:1f:73:69:9c: b0:e9:ce:7c:04:ad:fd:56:bc:20:6e:e2:1c:19:40: 04:8b:35:17:70:ea:6d:6d:27:f0:a4:d9:36:49:7e: 91:17:32:2b:ab:57:3e:f8:c7:a7:c9:c7:f1:88:01: a1:c6:a4:29:88:02:fb:1c:de:11:aa:79:b6:f1:bd: e9:b3:12:0f:36:9d:78:54:ea:2b:e7:30:49:46:eb: 5e:11:a4:28:7d:2d:4b:83:be:12:b9:da:44:cb:7c: 04:71:8c:5c:ba:83:6a:a9:d7:60:9d:b7:86:08:ec: 1a:75:3d:fc:45:2b:19:0e:b3:e5:f9:55:23:f5:10: b9:a1:52:64:7d:2b:3d:e2:f0:a2:f8:53:a3:c7:7f: 32:a3:d0:23:9b:6c:d1:26:96:58:59:ab:54:d9:53: d8:d4:7c:db:89:06:85:7a:0d:22:91:84:7d:79:d3: 99:ec:a0:d1:f4:e2:c0:3c:be:e9:33:e6:a2:95:dc: f0:df:12:ab:ee:f9:cf:31:a1:7e:17:c3:1d:3e:c4: cd:42:3a:0f:d6:ff:33:fd:fe:1c:dc:1a:61:ba:ed: 00:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:8C:D2:BB:3D:B3:D3:20:B7:AF:CC:B7:80:F3:08:65:5B:23:BF:5D X509v3 Authority Key Identifier: keyid:34:17:EB:BD:78:2D:65:F2:9C:44:FC:0B:DE:58:1A:4D:1B:2D:EB:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NBfrvXgtZfKcRPwL3lgaTRst66Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91836DB/59AFC20AE45E11EFA1562846C4F9AE02/NBfrvXgtZfKcRPwL3lgaTRst66Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d9:ad:34:8e:10:62:28:23:d1:31:2a:ff:ed:19:89:b7:77:a0: ec:53:c4:2f:19:d7:c5:cb:e2:37:a9:36:5b:81:23:4f:7f:37: 52:e0:45:00:c3:4a:2e:53:5c:75:de:5c:05:73:bf:0d:c6:c0: 39:47:9c:5f:6b:9e:62:4a:de:e1:b9:4c:cc:09:84:2f:75:f2: ea:6e:5b:e3:0c:cd:2e:7e:72:ba:cc:f9:fa:11:58:7a:c8:f2: f7:71:6d:ee:33:55:b7:c0:43:eb:b3:b4:5e:80:30:d8:2f:f5: b2:33:14:fd:42:da:a0:1e:2e:03:1a:11:66:04:ab:54:c1:7b: 0b:68:3b:9d:dd:61:56:96:d4:82:4c:a3:73:4a:7f:1b:70:fa: 2b:6c:c1:1c:56:b9:b0:36:7b:e9:3a:14:e8:9b:4d:5d:98:77: 0f:ce:5e:9a:83:81:1b:8f:67:86:f7:1e:a4:14:c0:d0:97:be: bf:af:6f:c4:f3:6c:66:00:dc:c5:2b:ef:dc:44:47:0f:df:88: 62:20:fb:3d:0c:f5:2e:44:9f:85:43:e9:65:c2:79:f6:1a:b2: 17:02:0e:e6:bc:68:bd:26:0f:d1:84:63:dc:f5:c8:5a:d9:2b: a0:b9:4f:6b:da:0c:77:e0:85:5e:ae:22:31:55:33:74:d6:ee: 56:a7:3a:1a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MzZEQjExMC8GA1UEBRMoMzQxN0VCQkQ3ODJENjVGMjlDNDRGQzBCREU1ODFBNEQx QjJERUJBNDAeFw0yNTA1MTUwNjU0MDZaFw0yNTA1MjIwNjU0MDZaMBgxFjAUBgNV BAMTDTY4MjU4ZjhmLWM3YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDlqZpjb9aUC6kmEiTw6tfmtDDE3W5eOPNGK8JPklOInROzWxZqJVCKH3NpnLDp znwErf1WvCBu4hwZQASLNRdw6m1tJ/Ck2TZJfpEXMiurVz74x6fJx/GIAaHGpCmI Avsc3hGqebbxvemzEg82nXhU6ivnMElG614RpCh9LUuDvhK52kTLfARxjFy6g2qp 12Cdt4YI7Bp1PfxFKxkOs+X5VSP1ELmhUmR9Kz3i8KL4U6PHfzKj0CObbNEmllhZ q1TZU9jUfNuJBoV6DSKRhH1505nsoNH04sA8vukz5qKV3PDfEqvu+c8xoX4Xwx0+ xM1COg/W/zP9/hzcGmG67QA5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHIzSuz2z 0yC3r8y3gPMIZVsjv10wHwYDVR0jBBgwFoAUNBfrvXgtZfKcRPwL3lgaTRst66Qw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgzNkRCLzU5QUZDMjBBRTQ1 RTExRUZBMTU2Mjg0NkM0RjlBRTAyL05CZnJ2WGd0WmZLY1JQd0wzbGdhVFJzdDY2 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTkJmcnZYZ3RaZktjUlB3TDNsZ2FUUnN0NjZRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgz NkRCLzU5QUZDMjBBRTQ1RTExRUZBMTU2Mjg0NkM0RjlBRTAyL05CZnJ2WGd0WmZL Y1JQd0wzbGdhVFJzdDY2US5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANmtNI4QYigj0TEq/+0Zibd3oOxTxC8Z18XL4jepNluBI09/N1LgRQDD Si5TXHXeXAVzvw3GwDlHnF9rnmJK3uG5TMwJhC918upuW+MMzS5+crrM+foRWHrI 8vdxbe4zVbfAQ+uztF6AMNgv9bIzFP1C2qAeLgMaEWYEq1TBewtoO53dYVaW1IJM o3NKfxtw+itswRxWubA2e+k6FOibTV2Ydw/OXpqDgRuPZ4b3HqQUwNCXvr+vb8Tz bGYA3MUr79xERw/fiGIg+z0M9S5En4VD6WXCefYashcCDua8aL0mD9GEY9z1yFrZ K6C5T2vaDHfghV6uIjFVM3TW7lanOho= -----END CERTIFICATE-----Generated at Fri May 16 15:29:02 2025 by rpki-client