$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft File: NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft (raw, json) Hash identifier: swrIv22MFlrBQ+VWbYLkqoJnq+hScKz4sd2G9UFLVIE= Subject key identifier: DA:F6:23:71:E8:7C:A5:D0:71:A7:14:F7:03:B8:3F:0D:4E:17:C8:B5 Authority key identifier: 34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD Certificate issuer: /CN=A91E8F36/serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Certificate serial: 01E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft Manifest number: 01E1 Signing time: Tue 01 Jul 2025 03:08:00 +0000 Manifest this update: Tue 01 Jul 2025 03:07:59 +0000 Manifest next update: Tue 08 Jul 2025 03:07:59 +0000 Files and hashes: 1: NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl (hash: 7BnW000eLEOCaQjlT1aoJ1pZkfKMv3Oi2LbdSA2pBrM=) 2: AC270A727D0711ED8181DA7FC4F9AE02.roa (hash: iIeWWLVIFJDjrG1ibZP/xl+WAjIK44IJWqOkBlQGCcU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 488 (0x1e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8F36, serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Validity Not Before: Jul 1 03:07:59 2025 GMT Not After : Jul 8 03:07:59 2025 GMT Subject: CN=68635110-3540 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7e:df:eb:52:a3:32:82:1d:21:54:61:e8:c4: b9:aa:45:80:c1:55:51:a6:52:62:19:d7:ee:1a:85: 00:d6:55:6d:fc:95:70:16:c7:90:07:31:87:73:17: 8c:50:83:06:6a:ba:3f:f6:7f:b7:17:24:28:24:2c: f7:53:43:1a:f2:ca:1c:1a:f1:39:83:c3:31:42:15: af:38:a7:85:63:2a:8c:48:8b:24:c8:42:9b:df:6e: 95:8c:16:db:af:0e:30:5e:7e:c8:51:dd:a1:8d:02: 1f:b2:dc:38:4f:ae:f6:f1:87:68:62:1e:b5:b4:32: ca:2e:7f:38:f5:c4:0d:6a:26:5c:b9:08:33:52:d6: 58:77:77:37:42:13:af:1b:d8:69:25:47:17:91:8f: d7:1f:4a:d4:8b:65:19:da:84:2c:8d:4b:f6:9a:60: 26:5a:e4:35:a5:0a:c2:29:ee:c8:de:5e:f2:7d:68: 98:5a:c5:07:7e:56:27:ac:e5:98:c4:36:be:af:48: df:f6:09:7d:71:71:f2:e8:ac:8c:94:84:a5:7f:8f: 93:b7:8d:81:95:51:f2:7e:2a:bb:c8:0d:3f:ff:c5: fa:41:05:81:3b:c7:76:d0:28:5d:20:b7:21:0b:3c: 63:81:a2:58:a8:39:14:14:e2:2a:20:c0:04:d8:06: 2e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:F6:23:71:E8:7C:A5:D0:71:A7:14:F7:03:B8:3F:0D:4E:17:C8:B5 X509v3 Authority Key Identifier: keyid:34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:2b:0c:cc:7c:ee:dc:85:65:77:87:c1:71:7b:16:d5:8d:37: 2a:81:4e:f9:74:a0:8a:08:95:1e:d1:47:3d:cd:d9:05:cf:c7: 22:b6:47:f2:35:84:59:98:6f:f0:25:d8:69:b9:a2:33:19:37: cd:b9:96:6b:1b:7a:dc:82:82:8d:aa:5b:4e:2b:02:63:d8:fd: 32:db:12:a4:a4:6b:0e:ce:22:e2:d1:7c:5e:70:49:12:f9:d1: c8:cf:3f:94:90:56:8f:ba:15:f0:4e:d5:b2:62:1f:6c:c9:3e: 7c:13:bc:9e:22:f8:21:52:68:1a:1a:84:f3:ca:37:52:54:5e: 50:8c:35:a1:34:0f:80:8d:3d:2b:9b:73:6b:13:47:7f:09:f0: de:47:13:48:1c:66:45:84:b9:73:ef:7b:68:e8:02:d3:69:8a: b0:1c:e9:76:88:09:38:5b:9e:11:dc:94:78:d2:82:2d:a1:b7: 70:b4:ea:66:d1:3f:b3:39:58:66:2b:0f:89:f9:f7:3b:52:b7: bb:66:57:2f:cd:bb:bb:c5:f0:bd:53:1c:42:87:18:98:bd:50: 1e:af:a7:d0:43:44:ee:e1:a9:db:3a:9f:1d:b6:09:5e:36:98: 4c:4b:b8:2e:f2:b6:dc:51:22:7b:17:f4:75:e6:44:73:0c:0f: 35:e8:ab:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThGMzYxMTAvBgNVBAUTKDM0RDdENkQ0NDFDMzJEN0M4NzE0MkU5RkU1QzdFQkM0 RjQ3OUIwQ0QwHhcNMjUwNzAxMDMwNzU5WhcNMjUwNzA4MDMwNzU5WjAYMRYwFAYD VQQDEw02ODYzNTExMC0zNTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA137f61KjMoIdIVRh6MS5qkWAwVVRplJiGdfuGoUA1lVt/JVwFseQBzGHcxeM UIMGaro/9n+3FyQoJCz3U0Ma8socGvE5g8MxQhWvOKeFYyqMSIskyEKb326VjBbb rw4wXn7IUd2hjQIfstw4T6728YdoYh61tDLKLn849cQNaiZcuQgzUtZYd3c3QhOv G9hpJUcXkY/XH0rUi2UZ2oQsjUv2mmAmWuQ1pQrCKe7I3l7yfWiYWsUHflYnrOWY xDa+r0jf9gl9cXHy6KyMlISlf4+Tt42BlVHyfiq7yA0//8X6QQWBO8d20ChdILch CzxjgaJYqDkUFOIqIMAE2AYu5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNr2I3Ho fKXQcacU9wO4Pw1OF8i1MB8GA1UdIwQYMBaAFDTX1tRBwy18hxQun+XH68T0ebDN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEYzNi8yNDlGNDE0NjdE MDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExYeUhGQzZmNWNmcnhQUjVz TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OZlcxRUhETFh5SEZDNmY1Y2ZyeFBSNXNNMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEYzNi8yNDlGNDE0NjdEMDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExY eUhGQzZmNWNmcnhQUjVzTTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJKwzMfO7chWV3h8FxexbVjTcqgU75dKCKCJUe0Uc9zdkFz8citkfy NYRZmG/wJdhpuaIzGTfNuZZrG3rcgoKNqltOKwJj2P0y2xKkpGsOziLi0XxecEkS +dHIzz+UkFaPuhXwTtWyYh9syT58E7yeIvghUmgaGoTzyjdSVF5QjDWhNA+AjT0r m3NrE0d/CfDeRxNIHGZFhLlz73to6ALTaYqwHOl2iAk4W54R3JR40oItobdwtOpm 0T+zOVhmKw+J+fc7Ure7Zlcvzbu7xfC9UxxChxiYvVAer6fQQ0Tu4anbOp8dtgle NphMS7gu8rbcUSJ7F/R15kRzDA816Ks1 -----END CERTIFICATE-----Generated at Tue Jul 1 21:03:05 2025 by rpki-client