$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft File: nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft (raw, json) Hash identifier: gsIyOHaf8D5h2badTGxDhGX0yYgYQYvrEjD0uFVtO64= Subject key identifier: 5F:53:F8:45:BE:DD:BD:7E:66:B0:09:C2:EF:F1:9F:0B:4F:6E:B0:57 Authority key identifier: 9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD Certificate issuer: /CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Certificate serial: 081F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft Manifest number: 0812 Signing time: Mon 30 Jun 2025 21:07:30 +0000 Manifest this update: Mon 30 Jun 2025 21:07:30 +0000 Manifest next update: Mon 07 Jul 2025 21:07:30 +0000 Files and hashes: 1: nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl (hash: YYgSKWC3Mrj+kE1qNpzZjKpL5fBr5Go6rCat/8vJ4nM=) 2: C1171FCAB1B111ECBA7F614FC4F9AE02.roa (hash: 5pc4Fgf96yhJHg1dXqyOkvTiTCFOmyYqtcguriQDwlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 21:07:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2079 (0x81f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D34, serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Validity Not Before: Jun 30 21:07:30 2025 GMT Not After : Jul 7 21:07:30 2025 GMT Subject: CN=6862fc92-1af8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ea:5e:73:f9:b5:07:68:61:9d:02:8c:7c:46: 49:66:0e:11:f0:c7:48:ba:93:07:b0:2e:98:c2:07: e3:1b:6d:31:35:08:de:81:5d:71:ce:64:73:86:e0: 44:9b:b7:29:17:92:30:d0:94:34:fb:1d:61:b3:0e: 81:0d:5b:9e:d9:f3:b5:73:c0:85:cc:7e:c1:20:d9: 33:60:e3:5d:92:f9:45:b3:86:dd:45:f7:ac:9a:f9: ae:44:21:07:18:cd:7f:3e:18:c2:a4:4e:73:a7:a2: 02:91:4b:15:5c:2b:f4:5e:ba:70:87:30:0c:e0:84: ed:5f:9c:e4:31:72:7f:9d:7d:24:1e:e2:ad:b0:e4: e2:1d:3c:84:3f:10:24:0d:50:c5:13:4f:dd:94:ad: d7:c4:12:68:16:97:1e:8c:20:5f:b9:35:13:18:2e: 66:f4:54:96:f5:f5:60:dd:36:20:a2:2e:8d:a5:50: 0c:12:8f:60:ac:95:5d:d9:2f:ad:f4:95:28:62:db: dd:1b:a7:59:d1:66:58:6e:8b:db:1b:02:9a:64:c7: d2:cd:b7:39:a2:3d:97:f0:b6:54:da:83:67:87:b8: 45:bd:ab:9d:df:78:a7:4a:84:3f:09:b9:27:85:4e: 9b:c2:c0:c4:a6:61:b9:80:7b:ef:2e:d7:e0:ef:d1: 2b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:53:F8:45:BE:DD:BD:7E:66:B0:09:C2:EF:F1:9F:0B:4F:6E:B0:57 X509v3 Authority Key Identifier: keyid:9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:e3:34:e9:27:85:58:53:7d:2f:92:a1:30:e7:0c:b7:5c:d5: 2d:8f:b1:81:a6:49:6d:98:99:37:31:15:39:7e:07:f0:c4:8b: 65:bc:b3:c9:c3:e2:54:50:98:90:8a:ec:87:fa:00:1f:15:73: cd:08:38:1c:5e:49:06:0f:2e:04:9a:6a:92:30:a5:cc:32:ac: 51:9a:81:5b:54:a3:cc:6d:f9:b3:e5:d0:72:f6:7a:83:b5:fb: 0c:43:c7:ac:a3:56:32:41:8a:f1:74:ce:62:d1:32:b2:b3:8a: 5f:f0:2f:c3:52:6a:ef:21:93:80:be:5a:3c:9c:b0:e5:08:a0: f7:fe:65:c4:67:f9:6b:aa:cb:35:86:30:4e:a2:ba:a3:9a:f9: b0:69:33:9b:f4:18:58:d9:90:d9:c3:7c:28:97:71:d4:6d:7f: c3:15:d5:d0:b9:6c:6e:96:a5:85:15:de:c8:d5:26:eb:38:dd: c5:3f:2c:29:4f:0f:a7:bf:54:c4:77:e7:7a:13:62:82:94:ba: 99:f4:30:5d:94:1f:19:89:3e:cb:96:cd:12:b6:17:05:84:74: 27:37:db:b4:bb:7a:6e:f3:d6:25:17:5a:f8:43:45:85:92:25: 2a:8d:3d:81:fc:6e:bf:b3:92:1a:1d:6e:e8:34:82:11:10:72: c7:18:cb:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVEMzQxMTAvBgNVBAUTKDlFQzEyMTZEMjU2NDE2NDAzQ0I1QzUzRTczNDU1MzBG ODMyNzJDREQwHhcNMjUwNjMwMjEwNzMwWhcNMjUwNzA3MjEwNzMwWjAYMRYwFAYD VQQDEw02ODYyZmM5Mi0xYWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+pec/m1B2hhnQKMfEZJZg4R8MdIupMHsC6YwgfjG20xNQjegV1xzmRzhuBE m7cpF5Iw0JQ0+x1hsw6BDVue2fO1c8CFzH7BINkzYONdkvlFs4bdRfesmvmuRCEH GM1/PhjCpE5zp6ICkUsVXCv0XrpwhzAM4ITtX5zkMXJ/nX0kHuKtsOTiHTyEPxAk DVDFE0/dlK3XxBJoFpcejCBfuTUTGC5m9FSW9fVg3TYgoi6NpVAMEo9grJVd2S+t 9JUoYtvdG6dZ0WZYbovbGwKaZMfSzbc5oj2X8LZU2oNnh7hFvaud33inSoQ/Cbkn hU6bwsDEpmG5gHvvLtfg79ErNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF9T+EW+ 3b1+ZrAJwu/xnwtPbrBXMB8GA1UdIwQYMBaAFJ7BIW0lZBZAPLXFPnNFUw+DJyzd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQzNC9EQkE4Nzg1OEU2 QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0ZrQTh0Y1UtYzBWVEQ0TW5M TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25zRWhiU1ZrRmtBOHRjVS1jMFZURDRNbkxOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUQzNC9EQkE4Nzg1OEU2QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0Zr QTh0Y1UtYzBWVEQ0TW5MTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBw4zTpJ4VYU30vkqEw5wy3XNUtj7GBpkltmJk3MRU5fgfwxItlvLPJ w+JUUJiQiuyH+gAfFXPNCDgcXkkGDy4EmmqSMKXMMqxRmoFbVKPMbfmz5dBy9nqD tfsMQ8eso1YyQYrxdM5i0TKys4pf8C/DUmrvIZOAvlo8nLDlCKD3/mXEZ/lrqss1 hjBOorqjmvmwaTOb9BhY2ZDZw3wol3HUbX/DFdXQuWxulqWFFd7I1SbrON3FPywp Tw+nv1TEd+d6E2KClLqZ9DBdlB8ZiT7Lls0SthcFhHQnN9u0u3pu89YlF1r4Q0WF kiUqjT2B/G6/s5IaHW7oNIIREHLHGMtJ -----END CERTIFICATE-----Generated at Wed Jul 2 05:53:14 2025 by rpki-client