$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft File: nTwzrLEQPnH6H_PmAT6dwxEiafw.mft (raw, json) Hash identifier: YIHI325ePhWIMH1PQJ5iFeRgpAM9JfpeHzAsyNQWBIQ= Subject key identifier: 55:8A:1C:6E:56:83:4C:2C:16:82:32:B0:3E:28:B2:C3:2C:0D:EE:7F Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Certificate serial: 9F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft Manifest number: 9D Signing time: Thu 15 May 2025 05:36:26 +0000 Manifest this update: Thu 15 May 2025 05:36:26 +0000 Manifest next update: Thu 22 May 2025 05:36:26 +0000 Files and hashes: 1: nTwzrLEQPnH6H_PmAT6dwxEiafw.crl (hash: qufYXi81CxTmuRP65KURIJGp2XE3belsy23SozHylsc=) 2: DD76C09AB16711EFBD483568C4F9AE02.roa (hash: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 05:36:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 159 (0x9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Validity Not Before: May 15 05:36:26 2025 GMT Not After : May 22 05:36:26 2025 GMT Subject: CN=68257d5a-2d64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:cc:85:17:45:cd:6a:3d:bd:a0:6e:3e:d2:be: 47:aa:a6:39:87:c3:97:f7:29:84:7c:22:a3:6b:db: b8:80:b4:f5:45:71:6c:3c:7d:e5:1c:83:c7:62:e6: d3:d5:88:bf:db:58:f9:0b:7d:21:b2:62:ea:3b:86: cb:fb:b7:0e:07:05:cd:17:57:ab:c3:f1:ea:88:ed: 75:0c:20:16:36:d5:68:87:31:b6:fb:58:f6:94:32: 0a:03:7f:c6:6b:ec:37:24:53:0c:e4:e8:72:f5:24: c5:36:2c:8a:83:d7:ba:0c:88:f0:bd:52:8a:a6:e8: 7b:e5:30:dc:6b:a6:5e:b7:d5:0a:33:c2:02:ce:91: d6:f9:e1:79:f2:ad:71:a7:56:ac:94:4c:e0:49:ee: 57:74:ab:a6:34:e6:61:ac:eb:a3:51:6b:b6:2b:f8: 33:81:32:55:c7:6d:3a:96:e1:f9:49:85:65:94:60: 49:3a:46:29:f4:d7:e3:c4:f9:94:cd:b1:97:23:38: e9:37:3c:d5:a3:4f:9e:97:84:9f:38:a4:18:0e:9a: 24:20:eb:28:7e:4c:53:41:e7:9c:49:1b:86:54:5c: f7:1c:55:0e:13:39:72:4f:77:b5:2d:3e:b4:55:70: 9b:74:40:f8:f1:02:a4:da:60:c5:c5:f5:0f:fd:db: 15:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:8A:1C:6E:56:83:4C:2C:16:82:32:B0:3E:28:B2:C3:2C:0D:EE:7F X509v3 Authority Key Identifier: keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:31:8f:c6:53:59:82:2e:37:02:5d:5c:95:66:6b:37:ad:0e: e8:39:62:46:07:78:27:e0:65:e0:a8:d1:14:10:ac:a8:c9:f5: 81:04:eb:4f:3a:74:0e:f6:09:45:cd:8a:69:e6:6a:a0:1b:53: 93:de:3e:1d:8f:78:19:27:1d:7a:58:af:43:17:a2:3f:54:3f: 46:ba:39:94:10:c8:e1:49:4a:2f:0e:6b:d1:7b:51:3d:5c:1b: e6:aa:4b:4e:c1:f2:42:62:a5:1d:39:b9:bb:74:a7:43:2e:1c: 4f:c6:94:7e:ec:33:8a:91:cc:15:da:06:9c:4e:90:e1:eb:90: b6:9e:49:3a:8f:45:1c:ee:81:a8:5b:5d:3b:dd:62:fa:64:25: cf:b1:75:f7:ba:79:0d:02:60:62:35:7c:13:0a:eb:8c:76:98: a9:39:ca:1e:64:35:f1:84:e6:69:24:51:b7:9d:2a:b8:49:db: 9b:6b:9e:0a:c0:b9:f1:b8:f4:13:d3:26:8a:ab:a1:60:c4:0b: c7:82:e4:a0:a8:42:0e:33:d9:53:8d:64:f0:27:c2:e0:81:c4: b2:62:d1:2c:86:05:cb:ea:ef:84:5c:38:e1:a1:12:8b:b3:df: b7:18:3c:3d:8a:8a:45:26:38:c2:af:69:c2:6c:7e:b5:70:62: eb:6a:fd:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDlEM0MzM0FDQjExMDNFNzFGQTFGRjNFNjAxM0U5REMz MTEyMjY5RkMwHhcNMjUwNTE1MDUzNjI2WhcNMjUwNTIyMDUzNjI2WjAYMRYwFAYD VQQDEw02ODI1N2Q1YS0yZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MyFF0XNaj29oG4+0r5HqqY5h8OX9ymEfCKja9u4gLT1RXFsPH3lHIPHYubT 1Yi/21j5C30hsmLqO4bL+7cOBwXNF1erw/HqiO11DCAWNtVohzG2+1j2lDIKA3/G a+w3JFMM5Ohy9STFNiyKg9e6DIjwvVKKpuh75TDca6Zet9UKM8ICzpHW+eF58q1x p1aslEzgSe5XdKumNOZhrOujUWu2K/gzgTJVx206luH5SYVllGBJOkYp9NfjxPmU zbGXIzjpNzzVo0+el4SfOKQYDpokIOsofkxTQeecSRuGVFz3HFUOEzlyT3e1LT60 VXCbdED48QKk2mDFxfUP/dsVbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFWKHG5W g0wsFoIysD4ossMsDe5/MB8GA1UdIwQYMBaAFJ08M6yxED5x+h/z5gE+ncMRImn8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82MjkxNzY0NDQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBuSDZIX1BtQVQ2ZHd4RWlh ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBu SDZIX1BtQVQ2ZHd4RWlhZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApMY/GU1mCLjcCXVyVZms3rQ7oOWJGB3gn4GXgqNEUEKyoyfWBBOtP OnQO9glFzYpp5mqgG1OT3j4dj3gZJx16WK9DF6I/VD9GujmUEMjhSUovDmvRe1E9 XBvmqktOwfJCYqUdObm7dKdDLhxPxpR+7DOKkcwV2gacTpDh65C2nkk6j0Uc7oGo W1073WL6ZCXPsXX3unkNAmBiNXwTCuuMdpipOcoeZDXxhOZpJFG3nSq4Sduba54K wLnxuPQT0yaKq6FgxAvHguSgqEIOM9lTjWTwJ8LggcSyYtEshgXL6u+EXDjhoRKL s9+3GDw9iopFJjjCr2nCbH61cGLrav0P -----END CERTIFICATE-----Generated at Thu May 15 18:06:12 2025 by rpki-client