$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: L0W7YrAnU3hTjdYLlMBp1hKWUSI5dqp5c52ZdS/cxPY= Subject key identifier: 01:A1:4A:5B:83:84:DC:99:CD:74:3F:80:8C:BD:7F:D3:4E:E5:ED:ED Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 0863 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 085E Signing time: Sat 10 May 2025 20:23:28 +0000 Manifest this update: Sat 10 May 2025 20:23:27 +0000 Manifest next update: Sat 17 May 2025 20:23:27 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: 02aPNjjwtN1Lhjbo+AB2I54UF3kVaoQG3Fd/gVNVTB4=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: 7JqfyMrbJ4CL7Io5TdtHAHWsu8lXWZvGXH4eXClkDWI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:23:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2147 (0x863) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: May 10 20:23:27 2025 GMT Not After : May 17 20:23:27 2025 GMT Subject: CN=681fb5c0-dfad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:94:c4:6f:b5:20:f2:d4:6f:1d:02:99:fb:94: 7b:2c:56:8b:cc:75:6c:9f:6e:f3:ea:dc:c0:af:c0: 8c:c0:53:91:ff:cf:7c:91:c1:f6:09:23:ea:0a:39: 84:76:af:83:cf:2e:51:61:6a:ca:b2:22:57:c1:80: 65:09:22:3d:c7:0e:ab:5a:c0:84:36:f4:8d:0b:1b: d0:98:0e:88:6e:3a:be:87:cc:1a:b1:f9:4c:b6:ce: 6d:ff:b2:03:a5:1d:f6:0f:04:56:23:f7:00:39:38: 73:40:4c:9b:aa:46:b2:10:5b:ef:d0:76:77:83:70: ab:41:a7:b9:ae:02:9e:0f:06:37:8f:68:af:15:11: 7c:ff:d3:cf:32:e7:a3:ad:34:a5:26:09:e3:f8:a1: f7:b7:e2:8e:46:5e:79:9f:f5:34:eb:4c:11:14:3d: ce:5c:0b:aa:38:4f:0a:5c:76:30:13:73:68:47:e1: a6:1e:e7:76:68:d1:d8:41:0d:54:0b:24:63:c9:41: 80:c0:d8:25:d7:9f:f9:ba:7d:04:fe:fe:16:71:39: b4:04:af:57:3e:03:fd:81:77:3b:7d:84:9b:46:ec: 18:34:39:22:19:cc:b6:dd:9f:95:d5:cd:28:cb:8a: 22:cb:02:01:4c:5f:49:f5:f3:37:9d:01:c4:76:d3: b3:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:A1:4A:5B:83:84:DC:99:CD:74:3F:80:8C:BD:7F:D3:4E:E5:ED:ED X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:fc:d7:b5:09:5b:9e:93:89:cf:92:06:4c:0d:02:b5:f0:02: 4d:43:d6:03:1d:2b:0e:ca:5b:46:ad:db:d7:4d:0d:f1:fc:60: 62:66:f8:75:76:44:dc:14:1e:ef:04:fd:85:7d:40:cf:0c:28: 2b:2d:9c:1c:e6:06:4f:ae:c6:71:65:72:1b:d2:3f:d6:e9:e9: 8e:be:de:7f:e6:c3:d4:0c:a4:de:4e:3c:04:53:9f:c8:2e:fa: 16:25:ec:5c:a4:76:fc:d3:38:99:b9:d2:ce:06:25:d0:3e:a5: 84:6d:48:11:61:6b:d7:c3:cf:a2:65:c0:3a:e7:28:0d:8e:1b: 4b:19:96:a7:31:7a:4a:b1:d6:68:b1:f2:83:92:82:81:ba:63: e3:b1:aa:3e:c6:02:18:3a:18:56:1f:e0:27:00:a3:69:8d:38: 08:45:00:cb:aa:dd:a4:30:5e:de:b2:b7:8a:46:b0:99:1f:77: af:dd:d5:79:c6:05:60:e3:15:d5:6a:30:51:42:78:fb:a4:09: 06:d4:88:1d:87:bf:6f:8d:54:e0:56:cc:96:73:5b:92:88:36: 84:68:34:91:4d:b2:98:e3:d3:89:50:87:3b:27:6d:5c:9a:e4: 53:32:6d:25:f3:97:38:40:fb:2e:aa:bc:1d:70:64:7a:20:fb: a2:c2:82:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUwNTEwMjAyMzI3WhcNMjUwNTE3MjAyMzI3WjAYMRYwFAYD VQQDEw02ODFmYjVjMC1kZmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA05TEb7Ug8tRvHQKZ+5R7LFaLzHVsn27z6tzAr8CMwFOR/898kcH2CSPqCjmE dq+Dzy5RYWrKsiJXwYBlCSI9xw6rWsCENvSNCxvQmA6Ibjq+h8wasflMts5t/7ID pR32DwRWI/cAOThzQEybqkayEFvv0HZ3g3CrQae5rgKeDwY3j2ivFRF8/9PPMuej rTSlJgnj+KH3t+KORl55n/U060wRFD3OXAuqOE8KXHYwE3NoR+GmHud2aNHYQQ1U CyRjyUGAwNgl15/5un0E/v4WcTm0BK9XPgP9gXc7fYSbRuwYNDkiGcy23Z+V1c0o y4oiywIBTF9J9fM3nQHEdtOzoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAGhSluD hNyZzXQ/gIy9f9NO5e3tMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3/Ne1CVuek4nPkgZMDQK18AJNQ9YDHSsOyltGrdvXTQ3x/GBiZvh1 dkTcFB7vBP2FfUDPDCgrLZwc5gZPrsZxZXIb0j/W6emOvt5/5sPUDKTeTjwEU5/I LvoWJexcpHb80ziZudLOBiXQPqWEbUgRYWvXw8+iZcA65ygNjhtLGZanMXpKsdZo sfKDkoKBumPjsao+xgIYOhhWH+AnAKNpjTgIRQDLqt2kMF7esreKRrCZH3ev3dV5 xgVg4xXVajBRQnj7pAkG1Igdh79vjVTgVsyWc1uSiDaEaDSRTbKY49OJUIc7J21c muRTMm0l85c4QPsuqrwdcGR6IPuiwoKc -----END CERTIFICATE-----Generated at Mon May 12 19:05:57 2025 by rpki-client