$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft File: NM2mWwLxdr_CSHhNqprIp74WU9s.mft (raw, json) Hash identifier: 9R1eEdzGdEZLsaR0PqNrlqv5DPqwckdcuW5sjMRYGt0= Subject key identifier: BD:75:E3:78:09:C4:C5:0F:01:17:29:69:9B:97:D9:3E:6C:88:39:9C Authority key identifier: 34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB Certificate issuer: /CN=A91E3DDB/serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Certificate serial: 14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft Manifest number: 10 Signing time: Sun 29 Jun 2025 07:08:15 +0000 Manifest this update: Sun 29 Jun 2025 07:08:15 +0000 Manifest next update: Sun 06 Jul 2025 07:08:15 +0000 Files and hashes: 1: NM2mWwLxdr_CSHhNqprIp74WU9s.crl (hash: Tx6SORzj8nJ1xDz3KW0M0TDuZuuMKV1CeMDr1B8a5x0=) 2: B24F568A4C7A11F09CF1A77BC4F9AE02.roa (hash: iZRDXQppbsQwPvsyTvXzZpqvjaraKsPpnctxXUoNoxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 07:08:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3DDB, serialNumber=34CDA65B02F176BFC248784DAA9AC8A7BE1653DB Validity Not Before: Jun 29 07:08:15 2025 GMT Not After : Jul 6 07:08:15 2025 GMT Subject: CN=6860e65f-0036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:77:5c:14:45:34:17:5d:fb:f7:65:ec:3c:cd: fe:0a:01:4c:3f:23:cb:ae:4a:37:dd:1f:29:1b:f5: 27:f6:60:c4:a5:0a:3c:7b:f0:2b:15:b1:ce:c8:38: 83:24:77:89:6b:72:ae:f8:1b:7d:4c:63:f4:94:88: 71:16:db:b0:0e:dc:77:84:dd:4e:d4:70:bd:6f:ad: 17:11:a0:10:f2:76:e1:02:07:81:31:6f:41:e0:c1: 65:79:fe:d8:7d:48:1b:3f:7e:88:d9:21:93:5a:a7: 1d:1b:47:71:c3:29:a7:27:33:73:da:14:c3:ea:a0: 93:3b:13:a9:8d:b4:9f:0a:78:db:46:cc:27:bb:0d: d3:ad:fd:fd:4c:e8:6f:fd:c1:eb:1d:5f:17:d3:4a: e4:8b:73:aa:04:a2:58:62:db:d0:07:39:f3:27:3e: b6:17:37:ed:31:79:a9:c5:cd:45:e0:9e:33:45:39: 87:ab:ea:04:d0:45:4e:6a:1f:6d:cb:7f:5b:4e:c0: 64:08:6e:19:ae:a3:ba:d3:9a:49:aa:cb:80:1a:39: cd:2e:3f:c0:85:ca:e5:e6:b5:62:98:a6:ca:6d:8f: 1d:df:77:b9:5c:c0:ee:ac:34:2d:43:8e:66:25:fe: d0:06:63:b9:5d:76:3f:bd:9d:18:0b:79:f2:2e:75: 7a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:75:E3:78:09:C4:C5:0F:01:17:29:69:9B:97:D9:3E:6C:88:39:9C X509v3 Authority Key Identifier: keyid:34:CD:A6:5B:02:F1:76:BF:C2:48:78:4D:AA:9A:C8:A7:BE:16:53:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NM2mWwLxdr_CSHhNqprIp74WU9s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3DDB/0E3BDAEC472411F095F91B23C4F9AE02/NM2mWwLxdr_CSHhNqprIp74WU9s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:27:c3:78:46:e3:7f:82:51:cc:20:4d:e7:aa:b5:eb:97:27: 85:c9:43:2a:4c:3b:31:9f:9c:86:01:93:dc:8e:06:ff:7f:71: f4:3e:20:82:aa:6a:d2:4b:54:0b:ce:52:3c:01:3b:f3:34:2c: 22:b9:d5:93:22:de:90:57:38:d1:cf:d0:96:45:5a:6e:3f:f8: 7a:78:12:34:76:e2:e0:d5:0b:f8:7d:b5:f0:8b:72:ee:8f:09: 99:bc:79:2f:29:76:81:0f:f2:29:3d:9a:da:b0:47:e8:c4:57: 6d:6d:05:62:85:ae:d9:32:aa:c5:12:2c:ea:32:75:63:99:8e: dc:a2:4d:60:85:ac:f5:83:53:33:22:79:3e:02:27:52:35:01: d2:34:a2:de:2a:49:ee:ce:dc:5e:c1:c7:f4:ed:87:f9:c6:37: 81:ca:df:54:ee:5d:a6:e4:d8:62:a8:24:72:4d:07:27:9b:0b: d6:e2:a9:00:58:4e:d6:74:53:51:52:5a:b4:a2:ff:44:05:fe: 50:70:bc:75:10:d0:1f:a4:62:b1:0e:b4:ff:d6:ab:74:74:70: 33:17:d3:da:ac:8d:1b:1b:f8:96:4c:ea:f7:f1:d1:87:91:e0: 27:d0:53:4b:35:31:6d:66:82:70:e0:c7:a5:df:db:24:62:c1: 46:07:a1:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF M0REQjExMC8GA1UEBRMoMzRDREE2NUIwMkYxNzZCRkMyNDg3ODREQUE5QUM4QTdC RTE2NTNEQjAeFw0yNTA2MjkwNzA4MTVaFw0yNTA3MDYwNzA4MTVaMBgxFjAUBgNV BAMTDTY4NjBlNjVmLTAwMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBd1wURTQXXfv3Zew8zf4KAUw/I8uuSjfdHykb9Sf2YMSlCjx78CsVsc7IOIMk d4lrcq74G31MY/SUiHEW27AO3HeE3U7UcL1vrRcRoBDyduECB4Exb0HgwWV5/th9 SBs/fojZIZNapx0bR3HDKacnM3PaFMPqoJM7E6mNtJ8KeNtGzCe7DdOt/f1M6G/9 wesdXxfTSuSLc6oEolhi29AHOfMnPrYXN+0xeanFzUXgnjNFOYer6gTQRU5qH23L f1tOwGQIbhmuo7rTmkmqy4AaOc0uP8CFyuXmtWKYpsptjx3fd7lcwO6sNC1DjmYl /tAGY7lddj+9nRgLefIudXrHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvXXjeAnE xQ8BFylpm5fZPmyIOZwwHwYDVR0jBBgwFoAUNM2mWwLxdr/CSHhNqprIp74WU9sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzRERCLzBFM0JEQUVDNDcy NDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJfQ1NIaE5xcHJJcDc0V1U5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTk0ybVd3THhkcl9DU0hoTnFwcklwNzRXVTlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUz RERCLzBFM0JEQUVDNDcyNDExRjA5NUY5MUIyM0M0RjlBRTAyL05NMm1Xd0x4ZHJf Q1NIaE5xcHJJcDc0V1U5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHYnw3hG43+CUcwgTeeqteuXJ4XJQypMOzGfnIYBk9yOBv9/cfQ+IIKq atJLVAvOUjwBO/M0LCK51ZMi3pBXONHP0JZFWm4/+Hp4EjR24uDVC/h9tfCLcu6P CZm8eS8pdoEP8ik9mtqwR+jEV21tBWKFrtkyqsUSLOoydWOZjtyiTWCFrPWDUzMi eT4CJ1I1AdI0ot4qSe7O3F7Bx/Tth/nGN4HK31TuXabk2GKoJHJNByebC9biqQBY TtZ0U1FSWrSi/0QF/lBwvHUQ0B+kYrEOtP/Wq3R0cDMX09qsjRsb+JZM6vfx0YeR 4CfQU0s1MW1mgnDgx6Xf2yRiwUYHobI= -----END CERTIFICATE-----Generated at Sun Jun 29 16:40:17 2025 by rpki-client