$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft File: NM2mWwLxdr_CSHhNqprIp74WU9s.mft (raw, json) Hash identifier: mf5Mmr6hr+S5POkneDlDvw9Qrj1qaOCX4cDh1RGULBs= Subject key identifier: A3:5F:D1:8D:3C:3F:B3:72:7B:05:9A:53:31:34:2C:70:D7:39:74:9B Authority key identifier: 34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB Certificate issuer: /CN=A91E3DDB/serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Certificate serial: 30 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft Manifest number: 2C Signing time: Sat 23 Aug 2025 08:01:27 +0000 Manifest this update: Sat 23 Aug 2025 08:01:26 +0000 Manifest next update: Sat 30 Aug 2025 08:01:26 +0000 Files and hashes: 1: NM2mWwLxdr_CSHhNqprIp74WU9s.crl (hash: 42GgSwaGP0km/JMGu65xUmc8AEZevaelLFLpDvuSyVw=) 2: B24F568A4C7A11F09CF1A77BC4F9AE02.roa (hash: iZRDXQppbsQwPvsyTvXzZpqvjaraKsPpnctxXUoNoxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48 (0x30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3DDB, serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Validity Not Before: Aug 23 08:01:26 2025 GMT Not After : Aug 30 08:01:26 2025 GMT Subject: CN=68a97556-5e7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fd:e0:e1:8b:37:6d:b0:18:3a:4c:3d:d2:08: 82:6f:0b:e7:9b:58:8f:b4:4d:96:67:4f:5a:eb:cb: d7:4b:31:64:ff:28:bf:1b:ee:e2:0c:1b:fc:33:9e: b8:b5:87:67:79:7d:dd:ee:44:4d:78:1d:c3:2b:3b: 65:13:55:1e:26:d2:6d:46:c2:07:d1:24:40:b4:4d: a8:cb:b1:53:f6:b4:c8:d2:be:23:fb:4d:1b:0d:f1: ed:cf:be:5a:5c:ac:8e:92:fb:52:62:39:d3:e5:a3: 03:9a:bf:c0:dc:bb:49:5c:71:f9:ba:79:e8:ee:57: 5b:fe:61:b5:ae:59:51:2a:28:2a:79:4a:20:39:d3: 2b:cb:e3:70:dd:c9:43:6a:b4:87:c9:9a:7d:b4:dd: 3e:0e:cd:4b:f8:3b:42:2c:32:ff:ad:ee:ae:d2:e8: 4f:f2:b3:6c:19:70:a6:f6:f9:29:cd:8d:34:4d:8c: ea:79:06:80:73:fd:46:97:ea:9b:03:fd:c2:76:33: 04:49:d0:43:9b:57:76:93:06:2f:70:74:0c:7b:65: f4:c0:92:65:ca:b2:bd:f8:20:ee:49:47:2d:38:b5: b6:d3:99:ec:0b:61:6e:67:85:60:e9:6d:a0:98:dc: 45:4c:a6:bb:d0:82:52:f9:59:a6:80:7d:33:fe:3b: d8:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:5F:D1:8D:3C:3F:B3:72:7B:05:9A:53:31:34:2C:70:D7:39:74:9B X509v3 Authority Key Identifier: keyid:34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:26:54:dc:d3:b0:16:d3:21:f4:07:1f:b9:9e:a6:9a:55:2d: d7:7a:25:89:e7:3a:fb:98:f1:9c:8d:5b:9e:22:b3:25:39:03: da:bd:db:d8:e2:bf:47:b2:8e:e6:be:94:5a:c4:66:7e:1e:14: 1c:a5:23:a5:7a:6d:56:cc:95:29:a7:14:8d:34:f2:33:63:c1: bd:10:c7:0c:41:b3:b3:06:92:e0:e3:37:51:a9:e9:e8:16:bd: 92:c5:4a:af:51:e0:f7:f9:a1:97:17:9b:5d:5e:e0:2f:26:10: 30:ff:7e:0c:51:da:e3:6f:86:f7:c0:25:23:08:b3:22:ba:6b: 0e:2c:e0:a2:04:e7:64:ec:bf:17:ba:d7:0a:5a:2e:ea:4d:e4: dd:68:6a:a1:57:65:e0:19:ec:92:b8:6c:12:11:eb:e2:cd:9a: ee:55:b1:75:e9:d0:44:c6:e9:e6:d6:9c:52:61:b2:db:38:60: bd:8f:9f:33:4c:20:4f:71:fe:50:f3:77:48:78:91:a1:be:03: ed:cb:26:55:0c:d9:67:fd:14:f0:3b:4e:73:9b:f2:7a:1c:0a: 00:37:e4:73:4f:95:c6:1c:3a:86:d5:28:7e:c4:17:77:b4:82: 94:1f:7b:c5:bb:90:ac:c8:a8:c3:10:5b:4c:9c:36:c0:ff:77: 13:5d:9a:47 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0REQjExMC8GA1UEBRMoMzRDREE2NUIwMkYxNzZCRkMyNDg3ODREQUE5QUM4QTdC RTE2NTNEQjAeFw0yNTA4MjMwODAxMjZaFw0yNTA4MzAwODAxMjZaMBgxFjAUBgNV BAMTDTY4YTk3NTU2LTVlN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2/eDhizdtsBg6TD3SCIJvC+ebWI+0TZZnT1rry9dLMWT/KL8b7uIMG/wznri1 h2d5fd3uRE14HcMrO2UTVR4m0m1GwgfRJEC0TajLsVP2tMjSviP7TRsN8e3Pvlpc rI6S+1JiOdPlowOav8Dcu0lccfm6eejuV1v+YbWuWVEqKCp5SiA50yvL43DdyUNq tIfJmn203T4OzUv4O0IsMv+t7q7S6E/ys2wZcKb2+SnNjTRNjOp5BoBz/UaX6psD /cJ2MwRJ0EObV3aTBi9wdAx7ZfTAkmXKsr34IO5JRy04tbbTmewLYW5nhWDpbaCY 3EVMprvQglL5WaaAfTP+O9i7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUo1/RjTw/ s3J7BZpTMTQscNc5dJswHwYDVR0jBBgwFoAUNM2mWwLxdr/CSHhNqprIp74WU9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRERCLzBFM0JEQUVDNDcy NDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJfQ1NIaE5xcHJJcDc0V1U5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTk0ybVd3THhkcl9DU0hoTnFwcklwNzRXVTlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RERCLzBFM0JEQUVDNDcyNDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJf Q1NIaE5xcHJJcDc0V1U5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACAmVNzTsBbTIfQHH7mepppVLdd6JYnnOvuY8ZyNW54isyU5A9q929ji v0eyjua+lFrEZn4eFBylI6V6bVbMlSmnFI008jNjwb0QxwxBs7MGkuDjN1Gp6egW vZLFSq9R4Pf5oZcXm11e4C8mEDD/fgxR2uNvhvfAJSMIsyK6aw4s4KIE52Tsvxe6 1wpaLupN5N1oaqFXZeAZ7JK4bBIR6+LNmu5VsXXp0ETG6ebWnFJhsts4YL2PnzNM IE9x/lDzd0h4kaG+A+3LJlUM2Wf9FPA7TnOb8nocCgA35HNPlcYcOobVKH7EF3e0 gpQfe8W7kKzIqMMQW0ycNsD/dxNdmkc= -----END CERTIFICATE-----Generated at Sat Aug 23 15:45:07 2025 by rpki-client