$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: E1lTs7mffRH/wDSpNsE96WmY7CkLzWdJ2zSI/hiMaSc= Subject key identifier: 4F:5F:B9:4F:A7:0E:B9:2C:D4:E8:8B:A2:57:0D:B2:C5:FC:68:5C:44 Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: C3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: B8 Signing time: Sat 23 Aug 2025 06:25:37 +0000 Manifest this update: Sat 23 Aug 2025 06:25:37 +0000 Manifest next update: Sat 30 Aug 2025 06:25:37 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: XxoqE1d5zwLoc97vQ1/LMloDisAmFCtZE5WxmSjAKJQ=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: 4Ilw9gY/NOcFcq0qbuj1smp6o0+TRpgSf2CHUKcnvWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:25:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: Aug 23 06:25:37 2025 GMT Not After : Aug 30 06:25:37 2025 GMT Subject: CN=68a95ee1-1934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:53:8f:bb:e2:2f:a3:3d:25:b8:45:d2:f1:e3: a2:35:c3:78:0e:34:40:09:3c:32:f0:a6:99:03:d0: 95:f4:d5:96:ee:62:85:f7:68:5b:61:fb:2c:a2:f9: 81:ee:3b:2b:bd:11:9f:c6:f2:36:27:f7:9b:b0:e0: 8d:eb:c2:98:bf:02:95:91:30:fa:53:9f:a7:e2:c2: 27:e9:be:84:96:f2:d4:6f:a7:1e:71:00:ec:86:e8: dd:09:44:d2:1e:fd:2a:05:5c:ef:f2:20:ae:c4:81: 4b:e0:24:77:a1:7c:97:af:d4:05:e1:98:3a:4c:4a: 7b:b4:35:5d:1f:b1:e9:76:ca:3c:dd:0c:21:0d:e7: 66:b2:dc:a2:5f:0a:ff:5b:25:7e:d1:bc:a1:ec:f4: f0:f6:e5:12:05:84:25:bc:3b:8c:70:75:5f:26:0f: 72:d7:21:82:cd:7e:91:8c:66:6a:ad:16:31:5b:32: 8e:20:e2:70:12:60:5b:59:ba:12:8d:65:3d:7a:75: d6:a8:f9:96:d5:d2:4d:e7:f5:fc:26:95:69:93:3d: cb:84:af:16:fa:a8:df:ae:56:3c:60:9f:ee:2e:5e: 11:c6:5c:58:7c:65:b6:fe:31:2b:c0:ee:e6:f1:2b: 30:c2:31:27:99:de:20:d3:91:1e:79:42:bc:f7:9d: 8d:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:5F:B9:4F:A7:0E:B9:2C:D4:E8:8B:A2:57:0D:B2:C5:FC:68:5C:44 X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:3f:39:51:17:b1:f9:46:3f:b4:9e:8f:fe:f1:2c:94:16:da: 4e:6e:a7:c4:a3:ee:7d:76:bc:d8:87:96:30:41:51:4d:51:64: 93:93:c6:de:48:73:45:ee:95:03:ea:a7:29:c7:1b:c8:3e:b8: ba:fd:ea:a6:28:b9:9e:1c:e3:39:f2:e9:9b:2d:3b:3c:50:14: ab:b7:48:dd:70:5e:60:82:c7:fc:d2:f7:74:a3:6b:cf:d1:a7: 1b:8a:b1:ba:cf:82:99:65:66:dc:1f:c1:57:de:df:8d:f1:1d: 49:77:8e:65:69:4c:8f:ea:e1:4c:69:cf:f8:ce:19:ec:dc:21: d0:2a:d9:63:59:32:47:46:71:cb:f8:22:a8:4d:02:be:c5:22: 2e:eb:d5:c1:9b:af:e8:71:2a:c1:16:15:fe:56:12:6c:17:64: ec:88:c6:cd:c1:b8:e4:7e:f4:ff:29:0a:fc:f4:e6:e5:4d:ff: da:b7:89:8b:ec:f0:3e:fb:32:2f:0c:fc:5e:a6:37:9a:bb:d5: 61:aa:3c:7f:5c:16:bb:f2:e5:5b:82:62:fc:79:00:43:b5:da: 6f:2b:ae:3d:ff:90:a8:d8:b4:cb:41:56:34:56:4e:de:bd:21: 45:1e:ef:00:6a:35:01:9f:af:a3:b6:4b:24:0a:9d:c9:a1:3c: 17:27:07:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Q0MEIxMTAvBgNVBAUTKDM1NzQ3OTBEOERGODJCM0I1NTFFM0I3MDI1NzFCQUY1 NUE5RTk5NjEwHhcNMjUwODIzMDYyNTM3WhcNMjUwODMwMDYyNTM3WjAYMRYwFAYD VQQDEw02OGE5NWVlMS0xOTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVOPu+Ivoz0luEXS8eOiNcN4DjRACTwy8KaZA9CV9NWW7mKF92hbYfssovmB 7jsrvRGfxvI2J/ebsOCN68KYvwKVkTD6U5+n4sIn6b6ElvLUb6cecQDshujdCUTS Hv0qBVzv8iCuxIFL4CR3oXyXr9QF4Zg6TEp7tDVdH7Hpdso83QwhDedmstyiXwr/ WyV+0byh7PTw9uUSBYQlvDuMcHVfJg9y1yGCzX6RjGZqrRYxWzKOIOJwEmBbWboS jWU9enXWqPmW1dJN5/X8JpVpkz3LhK8W+qjfrlY8YJ/uLl4RxlxYfGW2/jErwO7m 8SswwjEnmd4g05EeeUK8952NBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE9fuU+n Drks1OiLolcNssX8aFxEMB8GA1UdIwQYMBaAFDV0eQ2N+Cs7VR47cCVxuvVanplh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi82QjVEMkE3Qzg1 NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6dFZIanR3SlhHNjlWcWVt V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1XRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9OWFI1RFkzNEt6 dFZIanR3SlhHNjlWcWVtV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApPzlRF7H5Rj+0no/+8SyUFtpObqfEo+59drzYh5YwQVFNUWSTk8be SHNF7pUD6qcpxxvIPri6/eqmKLmeHOM58umbLTs8UBSrt0jdcF5ggsf80vd0o2vP 0acbirG6z4KZZWbcH8FX3t+N8R1Jd45laUyP6uFMac/4zhns3CHQKtljWTJHRnHL +CKoTQK+xSIu69XBm6/ocSrBFhX+VhJsF2TsiMbNwbjkfvT/KQr89OblTf/at4mL 7PA++zIvDPxepjeau9Vhqjx/XBa78uVbgmL8eQBDtdpvK649/5Co2LTLQVY0Vk7e vSFFHu8AajUBn6+jtkskCp3JoTwXJwcQ -----END CERTIFICATE-----Generated at Sat Aug 23 14:01:26 2025 by rpki-client