$ rpki-client -vvf rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft File: NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft (raw, json) Hash identifier: TRm6yaRfnE47JSm+ViDMUnz2Rf5s6B/44Lhzw7LSQ8w= Subject key identifier: EF:35:61:82:BD:71:FB:DA:80:D9:7F:B4:E7:04:B3:F7:16:94:AC:83 Authority key identifier: 34:80:C5:65:23:34:8D:DA:BA:30:3E:31:F2:2D:FA:36:3F:88:7E:8F Certificate issuer: /CN=A91C779D/serialNumber=3480C56523348DDABA303E31F22DFA363F887E8F Certificate serial: DB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft Manifest number: D9 Signing time: Tue 13 May 2025 04:44:34 +0000 Manifest this update: Tue 13 May 2025 04:44:34 +0000 Manifest next update: Tue 20 May 2025 04:44:34 +0000 Files and hashes: 1: NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl (hash: +KYjDccmURSYX9kpHj2mlSPSkt7ZcHmimOq3c6ZqjdM=) 2: 0BBBE2B2E2B211EEACBA3341C4F9AE02.roa (hash: dwiUCjJJt0eG2N+1FVdoqJWTzPaXWWEUJdKiT+scZJI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:44:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 219 (0xdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C779D, serialNumber=3480C56523348DDABA303E31F22DFA363F887E8F Validity Not Before: May 13 04:44:34 2025 GMT Not After : May 20 04:44:34 2025 GMT Subject: CN=6822ce32-1979 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:bf:42:ff:00:ae:ea:45:6a:c7:94:99:cb:3c: 4e:87:3e:c0:af:1d:f1:49:15:af:4b:e6:0f:9b:93: c0:34:e2:20:45:ac:bf:02:e1:38:3c:7a:46:09:fb: 9e:aa:9a:64:cd:32:44:eb:97:ed:c7:24:59:b8:8a: 7f:bf:6b:86:d5:cc:8f:0e:d2:32:99:20:df:4c:a4: bb:4b:4d:2d:b7:78:35:fc:5e:70:d2:6e:e2:eb:57: 58:b2:b2:50:9f:65:e8:49:b4:73:9d:bc:31:2b:83: b8:e4:86:75:40:44:16:8e:28:94:cf:a0:c9:d7:cd: bb:1a:56:89:a2:0f:a9:54:0d:c6:fe:1d:cb:f6:13: f0:58:08:ff:a1:38:51:47:0e:06:f2:0e:5e:80:63: ca:49:be:67:a2:92:1a:d6:0f:7e:96:14:8c:54:29: 1e:56:cd:52:fb:07:43:ad:2f:f8:98:4f:d9:d6:ed: 4c:8c:b2:db:a8:93:10:34:fa:61:12:9b:33:3c:a8: 3d:d5:3f:5c:d6:48:d6:6c:b1:dd:85:66:cd:b4:a3: 6f:3b:5b:42:55:f8:f9:a3:94:d7:d6:b4:92:c7:ec: 71:07:6a:45:9a:38:8c:e1:a0:0c:22:5e:5a:53:07: ce:22:01:00:a1:bd:9a:20:68:47:23:f7:31:2d:ce: 74:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:35:61:82:BD:71:FB:DA:80:D9:7F:B4:E7:04:B3:F7:16:94:AC:83 X509v3 Authority Key Identifier: keyid:34:80:C5:65:23:34:8D:DA:BA:30:3E:31:F2:2D:FA:36:3F:88:7E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:a4:48:39:a8:38:67:97:9f:b5:44:83:e7:c3:cc:ca:16:16: b9:f4:5a:fa:47:07:59:d5:4a:fa:b7:ff:09:cf:bf:c4:ea:eb: 73:d7:ef:ce:27:78:c3:2e:aa:6d:56:3d:c4:b1:76:1b:6a:82: 2b:14:42:4d:ab:80:a1:a5:7e:b4:f2:5a:72:dc:a2:1a:2c:8f: 87:d7:00:10:6b:82:07:31:89:65:f7:60:43:57:74:36:b5:d6: 2f:72:9f:90:2a:a7:1f:b4:c3:b9:73:a8:80:fa:75:d9:e3:4f: 5d:ab:b6:e9:56:87:10:5a:fe:84:ee:93:62:98:c0:b3:9e:ac: 33:b6:20:72:f6:9d:13:4e:06:6e:5f:9d:c7:d6:e5:65:d0:57: 96:68:95:a8:ec:ae:b2:52:cc:ee:6c:30:7c:b2:e3:98:2c:21: f8:41:ea:10:8b:57:0c:19:a8:cf:cd:8b:9b:b2:9e:db:8e:a4: 55:39:06:89:87:a0:bf:f6:c2:fe:c0:c6:c7:58:5c:57:f9:56: 7f:72:1d:ba:a2:8a:b6:34:14:75:52:8d:f6:93:55:cd:f7:e2: a1:30:75:50:e0:6b:55:b8:03:67:36:59:71:37:7e:7a:84:4a: ed:74:11:bb:9d:78:4f:47:6e:cf:64:13:3f:6b:ab:40:bb:25: 96:9d:20:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3OUQxMTAvBgNVBAUTKDM0ODBDNTY1MjMzNDhEREFCQTMwM0UzMUYyMkRGQTM2 M0Y4ODdFOEYwHhcNMjUwNTEzMDQ0NDM0WhcNMjUwNTIwMDQ0NDM0WjAYMRYwFAYD VQQDEw02ODIyY2UzMi0xOTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtr9C/wCu6kVqx5SZyzxOhz7Arx3xSRWvS+YPm5PANOIgRay/AuE4PHpGCfue qppkzTJE65ftxyRZuIp/v2uG1cyPDtIymSDfTKS7S00tt3g1/F5w0m7i61dYsrJQ n2XoSbRznbwxK4O45IZ1QEQWjiiUz6DJ1827GlaJog+pVA3G/h3L9hPwWAj/oThR Rw4G8g5egGPKSb5nopIa1g9+lhSMVCkeVs1S+wdDrS/4mE/Z1u1MjLLbqJMQNPph EpszPKg91T9c1kjWbLHdhWbNtKNvO1tCVfj5o5TX1rSSx+xxB2pFmjiM4aAMIl5a UwfOIgEAob2aIGhHI/cxLc50hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO81YYK9 cfvagNl/tOcEs/cWlKyDMB8GA1UdIwQYMBaAFDSAxWUjNI3aujA+MfIt+jY/iH6P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc5RC80NjBEMUM1QUUy QUUxMUVFODZGMzNDMUVDNEY5QUUwMi9OSURGWlNNMGpkcTZNRDR4OGkzNk5qLUlm bzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05JREZaU00wamRxNk1ENHg4aTM2TmotSWZvOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc5RC80NjBEMUM1QUUyQUUxMUVFODZGMzNDMUVDNEY5QUUwMi9OSURGWlNNMGpk cTZNRDR4OGkzNk5qLUlmbzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbpEg5qDhnl5+1RIPnw8zKFha59Fr6RwdZ1Ur6t/8Jz7/E6utz1+/O J3jDLqptVj3EsXYbaoIrFEJNq4ChpX608lpy3KIaLI+H1wAQa4IHMYll92BDV3Q2 tdYvcp+QKqcftMO5c6iA+nXZ409dq7bpVocQWv6E7pNimMCznqwztiBy9p0TTgZu X53H1uVl0FeWaJWo7K6yUszubDB8suOYLCH4QeoQi1cMGajPzYubsp7bjqRVOQaJ h6C/9sL+wMbHWFxX+VZ/ch26ooq2NBR1Uo32k1XN9+KhMHVQ4GtVuANnNllxN356 hErtdBG7nXhPR27PZBM/a6tAuyWWnSAk -----END CERTIFICATE-----Generated at Wed May 14 01:37:48 2025 by rpki-client