$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft File: NebIf2uhtlE6EnD23BNt23ETZFc.mft (raw, json) Hash identifier: PqLXlIYoL/Q1U85QtCNtKhKziPJ2+d9P4A8Bhd4J6rM= Subject key identifier: 2D:0C:C8:E2:98:C8:71:97:EA:0C:63:E6:2C:31:88:0D:1C:98:D9:D2 Authority key identifier: 35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 Certificate issuer: /CN=A91F9749/serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Certificate serial: 0350 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft Manifest number: 034C Signing time: Tue 01 Jul 2025 01:35:15 +0000 Manifest this update: Tue 01 Jul 2025 01:35:14 +0000 Manifest next update: Tue 08 Jul 2025 01:35:14 +0000 Files and hashes: 1: NebIf2uhtlE6EnD23BNt23ETZFc.crl (hash: wn7pAO8Kn5N4WD/EMWI+Esk1gvAXdleQRUh+nSdZ1wo=) 2: 97B81DD6BF9F11ECAB5B1239C4F9AE02.roa (hash: WBPEzwrRJmEQao59jsv0p03EV57EGiVD2LS1uQaSE9s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:35:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 848 (0x350) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9749, serialNumber=35E6C87F6BA1B6513A1270F6DC136DDB71136457 Validity Not Before: Jul 1 01:35:14 2025 GMT Not After : Jul 8 01:35:14 2025 GMT Subject: CN=68633b53-5b4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:9c:c9:67:54:7e:ad:ab:2c:e9:9c:93:d4:6a: 96:0d:e9:f4:be:ab:5f:4c:04:2f:00:c0:40:63:73: cf:cc:61:17:85:79:6c:6f:c3:44:ca:88:ea:fe:a8: d6:43:10:35:4d:3e:76:01:03:3a:3f:f9:59:ba:cc: ce:c4:ea:94:c4:96:00:41:63:5a:67:20:18:bf:5a: d7:8d:d0:91:12:07:96:24:54:5d:b5:f1:7d:80:7b: b8:99:5d:b4:b0:a5:e2:90:df:05:56:18:58:50:fc: 93:64:35:a1:7c:be:44:6e:f2:44:8b:07:30:61:3b: 02:b9:eb:3b:36:8c:be:f2:3b:50:48:1f:e3:bd:0f: e0:65:ac:c9:fc:d3:4b:be:b9:99:3e:fd:91:7a:84: 8a:5d:c9:ac:76:48:37:11:4f:f6:3e:63:34:dc:17: 78:4c:c5:3f:d4:29:9a:43:6f:26:0f:a6:df:0a:f6: b9:57:dd:fa:52:ba:18:c1:91:b9:2b:9b:c4:7c:33: 61:95:7e:95:fe:f3:37:b5:ff:39:5b:e3:09:83:f1: ca:7f:ad:61:79:4b:82:0d:99:c4:c0:7a:17:36:5e: 71:1d:4a:1d:d4:ca:31:f2:cf:cd:c0:8f:61:ac:54: 98:d7:5b:69:d7:c9:01:a9:90:6b:00:2a:3a:75:e8: 58:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:0C:C8:E2:98:C8:71:97:EA:0C:63:E6:2C:31:88:0D:1C:98:D9:D2 X509v3 Authority Key Identifier: keyid:35:E6:C8:7F:6B:A1:B6:51:3A:12:70:F6:DC:13:6D:DB:71:13:64:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NebIf2uhtlE6EnD23BNt23ETZFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9749/99D17D96BF9B11ECAD3C0A30C4F9AE02/NebIf2uhtlE6EnD23BNt23ETZFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:92:58:57:80:e7:1a:5c:95:3d:33:55:98:f6:d9:69:42:42: c8:59:f2:2b:4c:91:36:cd:83:f0:28:52:56:22:fc:7b:20:f5: 19:20:a6:f8:52:76:ea:d9:55:7b:f3:83:35:39:0e:d3:a1:bf: 8c:14:d6:19:07:1a:5d:2e:92:5f:5a:f0:f2:b7:e8:ad:ef:70: fd:4b:f3:bd:1f:ef:b7:25:3e:da:f1:77:49:2b:45:c1:4c:2e: 03:8f:5c:33:c9:4e:3f:b6:34:49:0e:9e:0c:0e:d3:42:d9:d0: d1:0f:be:f2:06:24:6a:df:b3:6a:ee:6b:72:14:3c:d8:b2:5d: 82:39:00:66:13:60:67:2a:4e:fa:ca:f3:6d:d6:d6:24:27:2a: a0:ec:9a:32:ac:f5:89:dc:b1:67:09:4b:fd:76:34:8f:c6:d9: 98:1e:18:a9:49:b4:20:d6:a3:9c:30:f2:d6:0c:f6:70:da:36: c4:fc:6a:6f:d1:1e:13:4e:0b:ef:b4:ff:f0:80:52:8a:ea:9d: 34:35:16:94:83:f5:13:d3:5c:80:2e:49:c0:b9:3c:82:f5:4b: 21:fd:6a:74:38:e6:0b:85:59:05:2f:d1:2e:f1:09:8c:93:1f: 7e:c3:e6:4d:5b:19:02:00:b1:ad:81:c4:da:e9:ca:ea:4c:db: 67:42:f2:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjk3NDkxMTAvBgNVBAUTKDM1RTZDODdGNkJBMUI2NTEzQTEyNzBGNkRDMTM2RERC NzExMzY0NTcwHhcNMjUwNzAxMDEzNTE0WhcNMjUwNzA4MDEzNTE0WjAYMRYwFAYD VQQDEw02ODYzM2I1My01YjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0JzJZ1R+rass6ZyT1GqWDen0vqtfTAQvAMBAY3PPzGEXhXlsb8NEyojq/qjW QxA1TT52AQM6P/lZuszOxOqUxJYAQWNaZyAYv1rXjdCREgeWJFRdtfF9gHu4mV20 sKXikN8FVhhYUPyTZDWhfL5EbvJEiwcwYTsCues7Noy+8jtQSB/jvQ/gZazJ/NNL vrmZPv2ReoSKXcmsdkg3EU/2PmM03Bd4TMU/1CmaQ28mD6bfCva5V936UroYwZG5 K5vEfDNhlX6V/vM3tf85W+MJg/HKf61heUuCDZnEwHoXNl5xHUod1Mox8s/NwI9h rFSY11tp18kBqZBrACo6dehYXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC0MyOKY yHGX6gxj5iwxiA0cmNnSMB8GA1UdIwQYMBaAFDXmyH9robZROhJw9twTbdtxE2RX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTc0OS85OUQxN0Q5NkJG OUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRsRTZFbkQyM0JOdDIzRVRa RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05lYklmMnVodGxFNkVuRDIzQk50MjNFVFpGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTc0OS85OUQxN0Q5NkJGOUIxMUVDQUQzQzBBMzBDNEY5QUUwMi9OZWJJZjJ1aHRs RTZFbkQyM0JOdDIzRVRaRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAklhXgOcaXJU9M1WY9tlpQkLIWfIrTJE2zYPwKFJWIvx7IPUZIKb4 Unbq2VV784M1OQ7Tob+MFNYZBxpdLpJfWvDyt+it73D9S/O9H++3JT7a8XdJK0XB TC4Dj1wzyU4/tjRJDp4MDtNC2dDRD77yBiRq37Nq7mtyFDzYsl2COQBmE2BnKk76 yvNt1tYkJyqg7JoyrPWJ3LFnCUv9djSPxtmYHhipSbQg1qOcMPLWDPZw2jbE/Gpv 0R4TTgvvtP/wgFKK6p00NRaUg/UT01yALknAuTyC9Ush/Wp0OOYLhVkFL9Eu8QmM kx9+w+ZNWxkCALGtgcTa6crqTNtnQvKa -----END CERTIFICATE-----Generated at Tue Jul 1 17:06:06 2025 by rpki-client