$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: o1TdLxaCB/qnnCYxP6QVZA5fDTML9psd11DkzIdfAt0= Subject key identifier: A7:D9:45:4B:C0:97:59:13:31:E0:E3:48:90:55:2C:53:64:9A:8F:A5 Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: 8E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: 83 Signing time: Fri 09 May 2025 05:52:19 +0000 Manifest this update: Fri 09 May 2025 05:52:18 +0000 Manifest next update: Fri 16 May 2025 05:52:18 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: LEDH+GTQZ7Hiov0BohX6pQv37k8gaLi+QTlqLoKUNBA=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: 4Ilw9gY/NOcFcq0qbuj1smp6o0+TRpgSf2CHUKcnvWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 05:52:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 142 (0x8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: May 9 05:52:18 2025 GMT Not After : May 16 05:52:18 2025 GMT Subject: CN=681d9813-e416 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6a:00:7b:d3:fb:36:18:5f:59:46:e0:15:ab: ba:5a:86:88:f4:88:68:55:35:5c:31:4a:3e:48:1f: 2a:31:d7:c6:54:52:e6:fd:90:a4:bf:5a:07:34:ed: 12:3b:fd:76:30:4d:f6:8d:fc:b2:2d:68:24:3f:d5: 53:5a:59:74:66:9c:6b:bc:f6:6d:89:55:fc:9a:b5: 71:37:a7:b6:1a:80:71:f0:27:46:d4:72:7f:8a:af: 35:57:f9:52:4e:c9:3f:0f:37:92:fd:19:cf:2f:70: 02:e8:8b:7e:2c:c0:b4:a6:dd:2b:ba:d8:e8:cf:33: 93:cc:b3:d4:e2:71:63:20:2d:c8:06:1e:3a:e2:b8: d8:07:3c:f0:fd:ae:c0:00:1d:ea:1d:14:35:0d:e4: 01:ef:16:4c:c8:a1:a3:08:ba:b8:64:4c:0a:fe:d1: 20:94:50:f7:37:01:51:6b:de:85:51:e3:98:cc:3b: e8:d3:56:e4:a1:bc:e6:ee:e1:d4:73:0b:af:c8:f9: 48:1c:17:7a:2c:cd:02:63:7b:a8:54:20:da:86:d3: f4:8b:dc:3e:99:9f:4f:b0:72:f6:14:bb:e0:d0:04: 5b:53:30:99:17:24:d6:f4:e7:da:13:51:35:84:3d: d3:14:40:db:c0:0b:13:cf:57:29:08:84:0c:21:49: c5:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D9:45:4B:C0:97:59:13:31:E0:E3:48:90:55:2C:53:64:9A:8F:A5 X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:25:df:e9:02:2a:57:b8:81:19:ed:ce:a0:a1:a5:07:8d:42: b0:ae:de:9f:d3:63:9c:50:00:fc:9f:ef:a3:ff:93:07:7c:21: 86:bf:80:df:96:c0:ed:b3:1f:69:4e:43:95:3a:f1:2d:88:ad: 23:57:19:99:9e:4f:50:ad:9d:e3:17:bf:0b:22:db:a3:f7:92: 20:45:d1:64:44:a1:4f:61:cd:dc:71:aa:ab:54:af:1f:a2:92: cb:25:c9:d9:09:9c:8d:b7:d3:99:95:3b:1a:45:19:76:8c:b5: 12:d9:4a:fc:69:d6:cc:23:c6:28:ed:b1:8d:16:c4:13:40:d5: 2d:da:a4:4a:cd:c2:0b:aa:28:c0:35:33:0b:50:c3:92:fc:81: e0:24:e5:19:97:31:5a:a2:e9:78:dd:29:45:35:43:e7:f6:39: 38:e9:c6:6e:b0:49:bd:14:2c:56:3c:14:fb:7b:34:31:38:d6: ce:74:ee:af:81:e8:04:10:bb:dc:18:19:51:ad:a8:48:bf:99: c1:eb:23:33:39:37:b9:85:36:c8:5a:77:7f:d9:20:54:6c:99: 44:e3:7a:40:70:9c:5a:98:86:45:50:94:6e:a9:d5:20:1a:72: e5:ba:b6:59:a3:10:a5:a2:0e:c6:74:62:40:78:8e:95:29:18: 4c:b9:8a:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDM1NzQ3OTBEOERGODJCM0I1NTFFM0I3MDI1NzFCQUY1 NUE5RTk5NjEwHhcNMjUwNTA5MDU1MjE4WhcNMjUwNTE2MDU1MjE4WjAYMRYwFAYD VQQDEw02ODFkOTgxMy1lNDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuWoAe9P7NhhfWUbgFau6WoaI9IhoVTVcMUo+SB8qMdfGVFLm/ZCkv1oHNO0S O/12ME32jfyyLWgkP9VTWll0ZpxrvPZtiVX8mrVxN6e2GoBx8CdG1HJ/iq81V/lS Tsk/DzeS/RnPL3AC6It+LMC0pt0rutjozzOTzLPU4nFjIC3IBh464rjYBzzw/a7A AB3qHRQ1DeQB7xZMyKGjCLq4ZEwK/tEglFD3NwFRa96FUeOYzDvo01bkobzm7uHU cwuvyPlIHBd6LM0CY3uoVCDahtP0i9w+mZ9PsHL2FLvg0ARbUzCZFyTW9OfaE1E1 hD3TFEDbwAsTz1cpCIQMIUnFYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKfZRUvA l1kTMeDjSJBVLFNkmo+lMB8GA1UdIwQYMBaAFDV0eQ2N+Cs7VR47cCVxuvVanplh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi82QjVEMkE3Qzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6dFZIanR3SlhHNjlWcWVt V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1XRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6 dFZIanR3SlhHNjlWcWVtV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFJd/pAipXuIEZ7c6goaUHjUKwrt6f02OcUAD8n++j/5MHfCGGv4Df lsDtsx9pTkOVOvEtiK0jVxmZnk9QrZ3jF78LItuj95IgRdFkRKFPYc3ccaqrVK8f opLLJcnZCZyNt9OZlTsaRRl2jLUS2Ur8adbMI8Yo7bGNFsQTQNUt2qRKzcILqijA NTMLUMOS/IHgJOUZlzFaoul43SlFNUPn9jk46cZusEm9FCxWPBT7ezQxONbOdO6v gegEELvcGBlRrahIv5nB6yMzOTe5hTbIWnd/2SBUbJlE43pAcJxamIZFUJRuqdUg GnLlurZZoxClog7GdGJAeI6VKRhMuYrc -----END CERTIFICATE-----Generated at Fri May 9 20:47:38 2025 by rpki-client