$ rpki-client -vvf rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.mft File: NjlSt_QXggYJMArokUgSGEuPw9w.mft (raw, json) Hash identifier: qEYFUL8iUSUYDi64Ntz9XOoGbJddJj6AtYYAmYTTd9k= Subject key identifier: 15:76:A2:78:2E:08:FB:28:0C:DE:B9:4E:36:1C:C6:CD:89:FD:AF:18 Authority key identifier: 36:39:52:B7:F4:17:82:06:09:30:0A:E8:91:48:12:18:4B:8F:C3:DC Certificate issuer: /CN=A91A70FA/serialNumber=363952B7F417820609300AE8914812184B8FC3DC Certificate serial: 1C89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.mft Manifest number: 1C72 Signing time: Fri 22 Aug 2025 16:15:58 +0000 Manifest this update: Fri 22 Aug 2025 16:15:57 +0000 Manifest next update: Fri 29 Aug 2025 16:15:57 +0000 Files and hashes: 1: NjlSt_QXggYJMArokUgSGEuPw9w.crl (hash: T+oBJgBTPRn9ZdIzg+WA+tOpfngwC+ShuLKiBhRVZ0o=) 2: EC1B43EA393111EAA1873746C4F9AE02.roa (hash: 3515yyoHz/OpGxhQJVW0uZ09F4a0FPsq5rPkaEYDZbk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.crl rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:15:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7305 (0x1c89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A70FA, serialNumber=363952B7F417820609300AE8914812184B8FC3DC Validity Not Before: Aug 22 16:15:57 2025 GMT Not After : Aug 29 16:15:57 2025 GMT Subject: CN=68a897bd-5610 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:08:fc:9b:e5:24:27:23:c1:79:f6:8b:7b:c9: 41:96:6b:18:8a:f0:b4:ee:98:fb:eb:43:f3:b7:05: ad:b0:2d:0b:3c:d7:cb:66:cf:8d:b2:1d:53:6d:8d: 8c:11:76:38:3e:11:f9:37:7f:4e:57:49:77:49:71: bc:ef:a1:b4:fd:9e:c7:32:59:c9:23:1b:d5:89:e8: 81:07:b8:8e:58:ee:68:9a:f5:25:f6:1c:8b:40:50: 9e:ef:68:1a:fe:95:62:d3:f5:56:3b:26:b4:39:42: 49:71:c9:71:c2:dd:c4:a3:19:6c:12:06:8d:49:08: 8b:84:2e:ca:16:28:6b:cc:c9:2e:25:57:cb:6c:7d: b4:12:b6:29:37:af:dd:a6:0e:71:18:58:1d:58:ed: 4a:5a:18:2b:2f:66:33:72:3e:fa:86:a9:ba:52:f8: 65:4e:ad:74:ee:79:c5:a0:5b:0e:ab:ec:c0:95:e2: ff:b8:eb:91:65:ed:b9:4b:48:29:d2:8d:47:ec:bc: 79:77:5b:a5:bc:91:6e:86:42:aa:29:85:a8:80:7b: 63:aa:68:0e:a5:d9:53:b8:21:4c:4e:76:2d:9f:0f: e8:72:54:d0:f2:26:ed:b9:6e:2a:4c:a7:32:ae:16: 24:f6:4d:33:bf:09:9d:c2:0f:c1:45:0c:f2:6b:7d: 37:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:76:A2:78:2E:08:FB:28:0C:DE:B9:4E:36:1C:C6:CD:89:FD:AF:18 X509v3 Authority Key Identifier: keyid:36:39:52:B7:F4:17:82:06:09:30:0A:E8:91:48:12:18:4B:8F:C3:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:c2:28:f2:8f:16:53:be:f8:7e:a0:2f:5b:03:a9:a5:c4:37: bd:d7:0c:4c:88:7b:d3:b5:c7:8c:25:90:d5:f0:98:97:50:30: b7:4d:ce:af:40:26:1a:a5:73:78:95:f8:0a:67:5e:33:f9:b0: 19:d5:54:6e:80:ce:d0:25:5e:82:39:9a:30:47:cf:03:ef:24: 4a:de:71:54:5d:81:9b:f2:55:3d:d4:80:12:d4:52:45:5b:8c: b2:ac:67:aa:be:b7:ac:28:b2:4b:23:7d:22:76:ce:59:40:5e: 9b:22:95:a7:49:a2:40:ad:6f:32:5f:23:41:2a:50:46:6f:ec: 1b:36:e2:c5:8a:9e:8d:c8:4f:ce:36:45:ff:0e:79:8a:71:57: 77:89:79:b9:22:e1:a0:cd:fa:0a:07:3b:1f:47:f8:f2:fd:81: c3:eb:7c:a4:ff:f4:fb:50:b8:68:74:78:05:1e:34:34:7e:16: bc:4d:33:08:ee:72:ff:24:f1:7b:86:76:84:0d:61:4b:08:c1: df:4b:43:5d:85:02:2e:b9:b4:c2:35:69:63:5b:c6:92:e1:e7: 9d:bc:bf:45:81:78:8e:38:c0:51:c8:db:8d:ae:00:6b:51:49: 9b:2d:3f:8f:34:2c:8b:fa:3a:24:84:67:85:1f:6a:5e:be:64: 09:49:6c:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTcwRkExMTAvBgNVBAUTKDM2Mzk1MkI3RjQxNzgyMDYwOTMwMEFFODkxNDgxMjE4 NEI4RkMzREMwHhcNMjUwODIyMTYxNTU3WhcNMjUwODI5MTYxNTU3WjAYMRYwFAYD VQQDEw02OGE4OTdiZC01NjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Qj8m+UkJyPBefaLe8lBlmsYivC07pj760PztwWtsC0LPNfLZs+Nsh1TbY2M EXY4PhH5N39OV0l3SXG876G0/Z7HMlnJIxvVieiBB7iOWO5omvUl9hyLQFCe72ga /pVi0/VWOya0OUJJcclxwt3EoxlsEgaNSQiLhC7KFihrzMkuJVfLbH20ErYpN6/d pg5xGFgdWO1KWhgrL2Yzcj76hqm6UvhlTq107nnFoFsOq+zAleL/uOuRZe25S0gp 0o1H7Lx5d1ulvJFuhkKqKYWogHtjqmgOpdlTuCFMTnYtnw/oclTQ8ibtuW4qTKcy rhYk9k0zvwmdwg/BRQzya3038QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBV2ongu CPsoDN65TjYcxs2J/a8YMB8GA1UdIwQYMBaAFDY5Urf0F4IGCTAK6JFIEhhLj8Pc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzBGQS82NEZCN0UxQ0Uz QTcxMUU2QTVCMjAxNzhDNEY5QUUwMi9OamxTdF9RWGdnWUpNQXJva1VnU0dFdVB3 OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05qbFN0X1FYZ2dZSk1Bcm9rVWdTR0V1UHc5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NzBGQS82NEZCN0UxQ0UzQTcxMUU2QTVCMjAxNzhDNEY5QUUwMi9OamxTdF9RWGdn WUpNQXJva1VnU0dFdVB3OXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdwijyjxZTvvh+oC9bA6mlxDe91wxMiHvTtceMJZDV8JiXUDC3Tc6v QCYapXN4lfgKZ14z+bAZ1VRugM7QJV6COZowR88D7yRK3nFUXYGb8lU91IAS1FJF W4yyrGeqvresKLJLI30ids5ZQF6bIpWnSaJArW8yXyNBKlBGb+wbNuLFip6NyE/O NkX/DnmKcVd3iXm5IuGgzfoKBzsfR/jy/YHD63yk//T7ULhodHgFHjQ0fha8TTMI 7nL/JPF7hnaEDWFLCMHfS0NdhQIuubTCNWljW8aS4eedvL9FgXiOOMBRyNuNrgBr UUmbLT+PNCyL+jokhGeFH2pevmQJSWxd -----END CERTIFICATE-----Generated at Sat Aug 23 20:33:51 2025 by rpki-client