$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft File: NebIf2uhtlE6EnD23BNt23ETZFc.mft (raw, json) Hash identifier: nlpk8XKMJFQA0/uFbCfRlpwpdFuOP+UhaRZ6taj0QAg= Subject key identifier: A4:92:50:E4:BF:C0:18:15:1C:67:35:87:AE:62:AC:CA:38:D1:99:32 Authority key identifier: 35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 Certificate issuer: /CN=A91F9749/serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Certificate serial: 036B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft Manifest number: 0367 Signing time: Sat 23 Aug 2025 01:09:07 +0000 Manifest this update: Sat 23 Aug 2025 01:09:07 +0000 Manifest next update: Sat 30 Aug 2025 01:09:07 +0000 Files and hashes: 1: NebIf2uhtlE6EnD23BNt23ETZFc.crl (hash: 1McjqoGaELRIyZ5wg6UMwYHP0kRNMMwZC1luYzNVNls=) 2: 97B81DD6BF9F11ECAB5B1239C4F9AE02.roa (hash: WBPEzwrRJmEQao59jsv0p03EV57EGiVD2LS1uQaSE9s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:09:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 875 (0x36b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9749, serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Validity Not Before: Aug 23 01:09:07 2025 GMT Not After : Aug 30 01:09:07 2025 GMT Subject: CN=68a914b3-0761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e4:f9:54:6e:92:a3:83:f1:8f:21:f9:50:64: d2:51:5e:8f:8e:a1:01:c4:21:2e:b0:16:1b:73:fd: 4c:3d:e7:5c:48:c0:bd:e1:db:2d:38:fe:a2:c0:b9: dc:af:83:c1:c7:5c:94:a8:42:01:6c:83:fb:f5:79: 95:ec:66:6e:9d:8e:48:da:99:d1:ad:dc:a7:29:bd: f0:d2:42:48:e5:cf:9e:9f:4e:a3:06:2c:5a:b1:9c: 25:50:cf:ec:63:0a:d3:ca:c3:b7:f1:3b:55:6f:ad: c2:e8:62:5d:30:c6:a6:cc:d4:12:a6:07:1d:9f:ff: 8b:f2:01:05:96:9b:67:66:21:6c:fb:d0:43:b7:69: 03:4b:8d:b8:c8:4a:fd:f6:3d:0b:80:3f:b1:80:b1: d8:c8:23:ff:c8:f5:5d:f8:80:56:03:29:67:94:ee: 38:0d:2a:8c:b9:66:51:ab:da:ff:d9:c1:7e:e7:b1: 0a:ef:dd:19:53:bc:6c:2c:c9:94:62:1f:6f:dd:88: 7a:58:11:58:e8:98:52:78:40:e8:03:52:c5:66:0e: f2:64:2d:7d:7d:ca:39:64:97:e0:c6:f3:02:47:3a: 27:b6:b7:06:0c:1c:de:09:22:f7:49:f3:ee:9f:ad: c8:fe:c6:18:6a:6f:fd:9b:05:40:30:71:e9:f0:c7: af:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:92:50:E4:BF:C0:18:15:1C:67:35:87:AE:62:AC:CA:38:D1:99:32 X509v3 Authority Key Identifier: keyid:35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:0e:4e:a7:9c:93:e7:fe:ad:b4:9d:64:45:e2:94:fd:7b:85: 75:92:c7:09:09:f8:1d:42:56:79:89:a1:ae:41:67:51:d4:af: 3c:fe:67:fc:1b:55:8a:42:7d:61:32:e2:e4:49:a9:32:08:37: 8d:d1:18:d8:8e:16:c2:eb:53:4f:5d:c1:6c:d6:a3:03:b4:4b: 46:85:e5:43:b2:c2:c8:05:60:ba:31:53:05:93:7e:6e:5d:f8: 15:3f:2a:3b:c1:29:85:62:cb:84:b3:71:18:80:2a:8c:55:f8: 3f:80:ae:f6:f4:e5:c5:f8:bb:d6:5d:cd:ce:ad:ce:f1:b0:32: 12:50:5e:85:a5:e6:3d:8b:c2:83:c3:08:be:f8:0f:d1:32:e4: b5:57:dd:00:2f:bc:0a:73:ba:4a:d7:ca:c8:c7:29:53:28:a4: 49:cc:44:08:4b:45:09:74:d9:a6:81:64:27:6c:04:da:78:59: 30:09:17:98:ab:71:14:a1:ac:45:dc:fc:6d:8e:e9:c2:57:2d: 81:b1:fb:97:75:41:df:48:99:6c:a8:e9:89:81:87:d9:ee:f3: e6:4c:cf:f9:d8:ca:65:dd:d3:71:9b:70:09:5a:29:57:8d:e9: 61:27:25:37:89:f6:93:62:73:29:53:52:91:da:d5:3a:cd:5e: 12:5c:52:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA2swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjk3NDkxMTAvBgNVBAUTKDM1RTZDODdGNkJBMUI2NTEzQTEyNzBGNkRDMTM2RERC NzExMzY0NTcwHhcNMjUwODIzMDEwOTA3WhcNMjUwODMwMDEwOTA3WjAYMRYwFAYD VQQDEw02OGE5MTRiMy0wNzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3eT5VG6So4PxjyH5UGTSUV6PjqEBxCEusBYbc/1MPedcSMC94dstOP6iwLnc r4PBx1yUqEIBbIP79XmV7GZunY5I2pnRrdynKb3w0kJI5c+en06jBixasZwlUM/s YwrTysO38TtVb63C6GJdMMamzNQSpgcdn/+L8gEFlptnZiFs+9BDt2kDS424yEr9 9j0LgD+xgLHYyCP/yPVd+IBWAylnlO44DSqMuWZRq9r/2cF+57EK790ZU7xsLMmU Yh9v3Yh6WBFY6JhSeEDoA1LFZg7yZC19fco5ZJfgxvMCRzontrcGDBzeCSL3SfPu n63I/sYYam/9mwVAMHHp8MevBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKSSUOS/ wBgVHGc1h65irMo40ZkyMB8GA1UdIwQYMBaAFDXmyH9robZROhJw9twTbdtxE2RX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTc0OS85OUQxN0Q5NkJG OUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRsRTZFbkQyM0JOdDIzRVRa RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05lYklmMnVodGxFNkVuRDIzQk50MjNFVFpGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTc0OS85OUQxN0Q5NkJGOUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRs RTZFbkQyM0JOdDIzRVRaRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2Dk6nnJPn/q20nWRF4pT9e4V1kscJCfgdQlZ5iaGuQWdR1K88/mf8 G1WKQn1hMuLkSakyCDeN0RjYjhbC61NPXcFs1qMDtEtGheVDssLIBWC6MVMFk35u XfgVPyo7wSmFYsuEs3EYgCqMVfg/gK729OXF+LvWXc3Orc7xsDISUF6FpeY9i8KD wwi++A/RMuS1V90AL7wKc7pK18rIxylTKKRJzEQIS0UJdNmmgWQnbATaeFkwCReY q3EUoaxF3PxtjunCVy2BsfuXdUHfSJlsqOmJgYfZ7vPmTM/52Mpl3dNxm3AJWilX jelhJyU3ifaTYnMpU1KR2tU6zV4SXFJT -----END CERTIFICATE-----Generated at Sat Aug 23 17:01:01 2025 by rpki-client