$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft File: NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft (raw, json) Hash identifier: oYBLL989FxxCqvMTu6jr7g7GERQJa+MHUbJGNZ25EAQ= Subject key identifier: D0:A7:14:A4:C8:89:B0:62:7C:25:66:3D:92:6F:90:02:38:E4:0A:65 Authority key identifier: 34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD Certificate issuer: /CN=A91E8F36/serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Certificate serial: 01CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft Manifest number: 01C8 Signing time: Sun 11 May 2025 01:59:37 +0000 Manifest this update: Sun 11 May 2025 01:59:37 +0000 Manifest next update: Sun 18 May 2025 01:59:37 +0000 Files and hashes: 1: NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl (hash: LbofGN4j5uzCgzWXiDXyh6WLRYXOS3PlA5QHTiDubzQ=) 2: AC270A727D0711ED8181DA7FC4F9AE02.roa (hash: iIeWWLVIFJDjrG1ibZP/xl+WAjIK44IJWqOkBlQGCcU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 01:59:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 463 (0x1cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8F36, serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Validity Not Before: May 11 01:59:37 2025 GMT Not After : May 18 01:59:37 2025 GMT Subject: CN=68200489-5381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3c:5e:3b:46:2c:0b:19:22:79:3e:c2:3c:f6: ad:24:ad:8c:73:2d:22:e5:80:35:f2:f9:4a:60:c2: ec:d1:3b:22:80:6d:30:2d:39:d2:a4:e1:87:9e:37: f2:c2:ac:1c:24:35:4b:be:70:81:25:ed:01:df:25: 0c:c6:46:06:72:25:ca:67:ee:80:ef:1f:c5:2e:d0: d6:0b:e5:9f:2a:7d:b3:6a:e4:ca:60:74:02:f1:72: f9:f4:e7:a1:4a:13:e4:1e:d2:10:32:fc:17:6a:fc: ac:78:72:1b:95:9c:11:99:10:67:c9:de:9b:fc:f1: 12:5c:d8:e1:d1:3a:98:9b:db:3a:60:fd:d1:4d:6d: 0d:de:b9:80:b5:a0:e7:b8:79:0d:9f:ac:45:d5:fa: 77:61:3b:69:2d:2e:02:64:fd:9c:a6:e5:34:68:7a: f9:74:b0:ee:fe:74:b2:59:1e:c4:90:73:c9:0d:21: 92:e2:38:23:8b:63:34:62:05:da:f1:bb:40:ef:32: e9:62:a1:fa:b7:a2:47:f9:8a:b6:e4:f6:51:cf:5e: 92:da:36:36:e2:28:64:54:f8:65:02:dd:a0:cf:8c: 7e:2f:bf:c1:30:1a:19:09:cc:0a:fa:71:18:38:29: 75:84:14:3c:10:be:17:b0:38:45:14:a0:f0:78:f5: d4:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:A7:14:A4:C8:89:B0:62:7C:25:66:3D:92:6F:90:02:38:E4:0A:65 X509v3 Authority Key Identifier: keyid:34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:a2:3a:49:7f:f9:7b:fe:69:fe:59:8f:2e:8a:f7:91:ae:a0: 8b:98:ea:49:21:96:56:1e:61:75:3b:99:c5:ed:f9:a9:ff:8a: 8c:c1:c6:10:ca:9e:f4:f7:a9:82:cf:0c:71:4c:f5:a7:83:39: b7:52:7b:38:8a:db:a8:1e:22:70:38:49:81:c0:a4:71:0d:d0: 6c:e7:3a:af:4e:e3:c8:19:52:92:7e:48:12:2b:88:6d:88:52: 31:dd:66:0a:f8:5a:f8:fb:2f:d2:29:fe:b3:32:01:9f:0b:b5: 18:52:80:1a:d7:c9:63:3d:13:63:cd:5f:39:76:b4:48:eb:eb: 20:49:d3:74:f3:d8:ad:13:b6:b7:36:91:7b:b4:e0:bf:80:fe: 74:0c:62:cd:e2:8b:dd:06:f3:f6:6a:b0:b8:e2:aa:36:26:ac: f3:6d:80:41:1f:df:3b:50:72:ac:56:49:4c:fa:61:77:1b:bf: f6:12:49:07:d8:b8:63:01:ec:71:75:a5:e3:57:ec:fa:04:75: f3:90:d4:a3:15:bb:0d:61:94:f4:1b:52:d9:b9:c4:b7:ca:5e: cd:5e:1e:59:1e:32:18:ae:94:32:eb:96:cf:e9:65:b1:c5:d4: 2a:06:b8:1f:15:42:2d:1f:e5:14:61:79:dd:e6:a2:d8:68:45: e6:38:47:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThGMzYxMTAvBgNVBAUTKDM0RDdENkQ0NDFDMzJEN0M4NzE0MkU5RkU1QzdFQkM0 RjQ3OUIwQ0QwHhcNMjUwNTExMDE1OTM3WhcNMjUwNTE4MDE1OTM3WjAYMRYwFAYD VQQDEw02ODIwMDQ4OS01MzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvzxeO0YsCxkieT7CPPatJK2Mcy0i5YA18vlKYMLs0TsigG0wLTnSpOGHnjfy wqwcJDVLvnCBJe0B3yUMxkYGciXKZ+6A7x/FLtDWC+WfKn2zauTKYHQC8XL59Oeh ShPkHtIQMvwXavyseHIblZwRmRBnyd6b/PESXNjh0TqYm9s6YP3RTW0N3rmAtaDn uHkNn6xF1fp3YTtpLS4CZP2cpuU0aHr5dLDu/nSyWR7EkHPJDSGS4jgji2M0YgXa 8btA7zLpYqH6t6JH+Yq25PZRz16S2jY24ihkVPhlAt2gz4x+L7/BMBoZCcwK+nEY OCl1hBQ8EL4XsDhFFKDwePXU2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNCnFKTI ibBifCVmPZJvkAI45AplMB8GA1UdIwQYMBaAFDTX1tRBwy18hxQun+XH68T0ebDN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEYzNi8yNDlGNDE0NjdE MDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExYeUhGQzZmNWNmcnhQUjVz TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OZlcxRUhETFh5SEZDNmY1Y2ZyeFBSNXNNMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEYzNi8yNDlGNDE0NjdEMDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExY eUhGQzZmNWNmcnhQUjVzTTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjojpJf/l7/mn+WY8uiveRrqCLmOpJIZZWHmF1O5nF7fmp/4qMwcYQ yp7096mCzwxxTPWngzm3Uns4ituoHiJwOEmBwKRxDdBs5zqvTuPIGVKSfkgSK4ht iFIx3WYK+Fr4+y/SKf6zMgGfC7UYUoAa18ljPRNjzV85drRI6+sgSdN089itE7a3 NpF7tOC/gP50DGLN4ovdBvP2arC44qo2JqzzbYBBH987UHKsVklM+mF3G7/2EkkH 2LhjAexxdaXjV+z6BHXzkNSjFbsNYZT0G1LZucS3yl7NXh5ZHjIYrpQy65bP6WWx xdQqBrgfFUItH+UUYXnd5qLYaEXmOEfy -----END CERTIFICATE-----Generated at Sun May 11 15:53:31 2025 by rpki-client