$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft File: NebIf2uhtlE6EnD23BNt23ETZFc.mft (raw, json) Hash identifier: y5dt18x4SyFwsDvlzy6FOUqEJfD1qWLuzjrl39P0Xzg= Subject key identifier: 19:FE:24:54:31:7A:FF:E3:E8:86:17:65:A8:E7:CD:16:F4:22:7F:6F Authority key identifier: 35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 Certificate issuer: /CN=A91F9749/serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Certificate serial: 0336 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft Manifest number: 0332 Signing time: Fri 09 May 2025 00:51:11 +0000 Manifest this update: Fri 09 May 2025 00:51:10 +0000 Manifest next update: Fri 16 May 2025 00:51:10 +0000 Files and hashes: 1: NebIf2uhtlE6EnD23BNt23ETZFc.crl (hash: SFnj1hfTdLjo24Szath5ouzyFEUu7sGUchcbguVAUKw=) 2: 97B81DD6BF9F11ECAB5B1239C4F9AE02.roa (hash: WBPEzwrRJmEQao59jsv0p03EV57EGiVD2LS1uQaSE9s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 00:51:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 822 (0x336) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9749, serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Validity Not Before: May 9 00:51:10 2025 GMT Not After : May 16 00:51:10 2025 GMT Subject: CN=681d517f-6884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a3:aa:82:b0:b2:b5:13:e9:eb:f7:4b:86:1c: 4b:56:b1:b1:d1:77:9a:76:e3:a8:b6:a3:cf:d1:70: f1:76:d0:97:41:8d:a8:25:8d:87:cd:55:00:9f:92: 44:33:b5:4c:5e:67:f3:6d:03:a4:42:20:51:56:a2: 7c:94:31:06:42:3b:2c:2e:71:11:cb:13:fc:46:33: d7:58:d2:fb:8d:47:82:3c:b3:f4:ec:82:d7:5b:00: bb:fe:0c:67:e3:9c:34:f6:63:1a:83:e7:54:53:cc: cd:ab:15:29:65:ad:67:c0:31:75:f7:95:0e:e9:f9: ac:27:05:53:92:e4:3a:9b:75:99:68:2d:7b:2e:8b: 47:48:05:5b:a7:f8:c0:a1:b9:78:21:c2:d3:e8:4e: 07:1b:0d:f3:bd:2d:f4:56:ac:da:9e:c6:c8:b0:9b: 90:14:f4:28:64:c3:39:ec:a1:ae:c1:3c:a5:f1:fb: 70:15:dd:bd:d7:60:a8:e6:fd:e9:df:46:a1:73:1c: f1:70:8e:c4:c7:1d:68:b3:f0:66:bf:4a:82:d3:c9: e6:55:f7:95:eb:02:3f:d2:ea:50:c8:97:53:3f:69: c4:fb:57:62:c6:e1:25:b7:ef:db:06:8c:77:d7:eb: f5:a1:1d:9c:7d:c7:c6:fc:7d:b4:71:a3:4c:ad:e1: 45:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:FE:24:54:31:7A:FF:E3:E8:86:17:65:A8:E7:CD:16:F4:22:7F:6F X509v3 Authority Key Identifier: keyid:35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:de:2c:e4:bd:f4:44:30:59:ad:5a:f6:2c:f1:42:12:9b:b9: 7e:00:c1:28:91:6b:05:b6:c0:48:0c:fa:97:6e:24:70:67:53: 44:fa:54:ef:5f:6f:a5:df:18:b0:54:65:1b:b1:51:0f:a0:38: 8c:3e:85:31:47:a3:76:6e:07:ed:94:db:a0:07:76:3f:73:d3: f4:90:7e:fe:2f:c3:77:e0:92:ad:48:ca:04:70:8d:d1:ac:4f: a1:6b:c4:6c:cb:e3:55:f4:f5:4a:91:7c:bf:c3:ae:ae:de:f5: 6e:39:cd:09:c5:14:ba:b3:53:c8:f2:80:cf:b8:79:89:5b:05: d9:89:2d:44:ac:4b:bf:8c:27:89:0b:9c:ca:c1:12:65:fa:cb: d7:1d:23:23:1d:6f:50:b3:cc:c7:f3:48:7a:89:27:19:af:5c: 16:33:68:f2:1a:22:fe:0b:c4:94:d6:8b:4b:cf:d2:9a:71:d4: e5:31:c0:d4:fc:80:5c:69:14:1e:23:56:c1:96:01:20:6d:10: 5e:8c:87:c0:2c:18:ac:6f:f8:02:65:9e:4e:15:46:54:a1:fa: 64:f7:95:d0:c6:60:6b:2a:c2:ca:bb:a0:06:4e:2f:dc:d8:b2: 1e:4f:c0:de:b7:d8:3c:e8:73:ae:f5:b6:52:49:dc:09:7d:15: 6a:dc:7b:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjk3NDkxMTAvBgNVBAUTKDM1RTZDODdGNkJBMUI2NTEzQTEyNzBGNkRDMTM2RERC NzExMzY0NTcwHhcNMjUwNTA5MDA1MTEwWhcNMjUwNTE2MDA1MTEwWjAYMRYwFAYD VQQDEw02ODFkNTE3Zi02ODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3qOqgrCytRPp6/dLhhxLVrGx0XeaduOotqPP0XDxdtCXQY2oJY2HzVUAn5JE M7VMXmfzbQOkQiBRVqJ8lDEGQjssLnERyxP8RjPXWNL7jUeCPLP07ILXWwC7/gxn 45w09mMag+dUU8zNqxUpZa1nwDF195UO6fmsJwVTkuQ6m3WZaC17LotHSAVbp/jA obl4IcLT6E4HGw3zvS30VqzansbIsJuQFPQoZMM57KGuwTyl8ftwFd2912Co5v3p 30ahcxzxcI7Exx1os/Bmv0qC08nmVfeV6wI/0upQyJdTP2nE+1dixuElt+/bBox3 1+v1oR2cfcfG/H20caNMreFFhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBn+JFQx ev/j6IYXZajnzRb0In9vMB8GA1UdIwQYMBaAFDXmyH9robZROhJw9twTbdtxE2RX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTc0OS85OUQxN0Q5NkJG OUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRsRTZFbkQyM0JOdDIzRVRa RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05lYklmMnVodGxFNkVuRDIzQk50MjNFVFpGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTc0OS85OUQxN0Q5NkJGOUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRs RTZFbkQyM0JOdDIzRVRaRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB53izkvfREMFmtWvYs8UISm7l+AMEokWsFtsBIDPqXbiRwZ1NE+lTv X2+l3xiwVGUbsVEPoDiMPoUxR6N2bgftlNugB3Y/c9P0kH7+L8N34JKtSMoEcI3R rE+ha8Rsy+NV9PVKkXy/w66u3vVuOc0JxRS6s1PI8oDPuHmJWwXZiS1ErEu/jCeJ C5zKwRJl+svXHSMjHW9Qs8zH80h6iScZr1wWM2jyGiL+C8SU1otLz9KacdTlMcDU /IBcaRQeI1bBlgEgbRBejIfALBisb/gCZZ5OFUZUofpk95XQxmBrKsLKu6AGTi/c 2LIeT8Det9g86HOu9bZSSdwJfRVq3HuS -----END CERTIFICATE-----Generated at Sun May 11 02:13:50 2025 by rpki-client