$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: wmrDvN23x+Kc+40dIMQOfLMW1K6HrDjxLKzu7rSjTIo= Subject key identifier: 1E:C6:A1:E5:79:36:68:06:34:E8:E0:93:04:20:9A:79:05:FD:E8:4F Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 01A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 019D Signing time: Sat 23 Aug 2025 03:29:45 +0000 Manifest this update: Sat 23 Aug 2025 03:29:45 +0000 Manifest next update: Sat 30 Aug 2025 03:29:45 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: BWrEZCWahpwzgLEFKeHlxCNjiX2yGu0S5hbKLm2vLgw=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: mBxiRWgEarnzYFat9Qg22lu2bbXA9CIcAcjVQbJnnic=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 03:29:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 418 (0x1a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: Aug 23 03:29:45 2025 GMT Not After : Aug 30 03:29:45 2025 GMT Subject: CN=68a935a9-d12b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a3:35:f4:23:6b:26:6a:70:63:f7:95:6e:79: d6:3e:9c:34:5c:16:db:8a:98:bd:09:f1:d3:38:77: 2c:54:c6:70:a0:22:ca:14:1e:0c:48:dc:de:fe:24: 8d:4e:05:bf:7c:d4:0f:bc:75:6e:10:6b:da:b6:6a: 5f:a8:44:e6:48:b8:fc:0b:e6:37:a9:36:7b:39:cc: b3:c3:de:88:3e:79:e8:aa:67:81:be:c3:cb:fa:72: e4:bc:d6:3e:7d:08:a8:f7:07:d1:20:7c:94:80:a4: 83:20:99:6d:f7:96:de:bd:46:c5:d0:7e:a9:15:f2: a6:92:7c:58:10:7a:70:d1:29:bb:6b:46:6b:ad:7d: b8:59:53:c8:49:7e:90:55:57:e2:41:a0:e5:3c:9d: 31:9f:37:e7:78:ca:0b:24:01:0a:ed:b7:27:3e:3d: dc:15:07:77:3d:1f:7c:8c:67:75:3d:f1:67:78:27: 52:c4:58:eb:64:c3:62:c9:25:28:1f:9c:bb:b0:82: a9:31:44:03:89:fe:e1:69:c7:41:b2:0c:07:9f:eb: 09:1a:fe:b7:fd:d6:b1:82:8a:82:30:e2:95:ac:50: 99:88:9d:d5:8d:76:95:b5:2c:c3:70:93:cd:47:f4: 88:b0:08:fe:d3:a2:9b:bc:4e:1d:66:b5:e0:eb:ca: 98:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C6:A1:E5:79:36:68:06:34:E8:E0:93:04:20:9A:79:05:FD:E8:4F X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:9b:a2:d4:66:38:f7:b4:93:6a:a5:73:d7:b1:dd:4b:97:8e: 96:e8:45:23:80:2a:7e:c9:6c:4f:e1:ff:86:35:97:21:b1:bd: de:23:8a:82:fe:1c:f7:4c:8a:0b:ea:78:0d:2f:c1:79:0e:78: b3:00:a4:8f:d4:69:78:39:7e:6b:19:c1:ce:50:4c:0a:c6:9a: 05:84:c1:91:b6:e0:e0:44:0f:f1:9a:6a:11:54:c3:a0:9f:82: 70:5c:e0:c7:33:d4:0c:c4:88:0c:70:07:fe:a7:ac:25:d3:af: fa:d7:98:a0:c0:e7:29:bd:6a:fc:5c:16:b3:7b:ab:22:5e:85: ea:42:81:22:09:d7:f0:f0:cf:75:cc:82:c7:13:a3:72:9f:4a: 9c:34:f9:26:b1:db:2c:e3:de:38:65:94:2c:34:51:01:2a:95: 9b:18:bf:65:ce:ef:6a:39:b3:2c:ab:dd:8e:92:ef:85:74:2e: d4:33:33:ba:78:9e:65:5c:15:7b:96:fe:f1:fe:02:dc:8a:36: 31:bf:ea:8a:d8:50:a1:75:0c:3d:68:d0:0e:af:04:ca:6a:ff: c0:74:2d:5c:fb:b8:95:93:62:da:3f:f0:be:85:12:b1:9d:ea: 47:96:cd:95:7e:c4:ab:39:fc:43:02:50:b7:69:0b:2e:b8:75: 88:7f:e7:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUwODIzMDMyOTQ1WhcNMjUwODMwMDMyOTQ1WjAYMRYwFAYD VQQDEw02OGE5MzVhOS1kMTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA06M19CNrJmpwY/eVbnnWPpw0XBbbipi9CfHTOHcsVMZwoCLKFB4MSNze/iSN TgW/fNQPvHVuEGvatmpfqETmSLj8C+Y3qTZ7Ocyzw96IPnnoqmeBvsPL+nLkvNY+ fQio9wfRIHyUgKSDIJlt95bevUbF0H6pFfKmknxYEHpw0Sm7a0ZrrX24WVPISX6Q VVfiQaDlPJ0xnzfneMoLJAEK7bcnPj3cFQd3PR98jGd1PfFneCdSxFjrZMNiySUo H5y7sIKpMUQDif7hacdBsgwHn+sJGv63/daxgoqCMOKVrFCZiJ3VjXaVtSzDcJPN R/SIsAj+06KbvE4dZrXg68qYVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB7GoeV5 NmgGNOjgkwQgmnkF/ehPMB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMm6LUZjj3tJNqpXPXsd1Ll46W6EUjgCp+yWxP4f+GNZchsb3eI4qC /hz3TIoL6ngNL8F5DnizAKSP1Gl4OX5rGcHOUEwKxpoFhMGRtuDgRA/xmmoRVMOg n4JwXODHM9QMxIgMcAf+p6wl06/615igwOcpvWr8XBaze6siXoXqQoEiCdfw8M91 zILHE6Nyn0qcNPkmsdss4944ZZQsNFEBKpWbGL9lzu9qObMsq92Oku+FdC7UMzO6 eJ5lXBV7lv7x/gLcijYxv+qK2FChdQw9aNAOrwTKav/AdC1c+7iVk2LaP/C+hRKx nepHls2VfsSrOfxDAlC3aQsuuHWIf+fK -----END CERTIFICATE-----Generated at Sun Aug 24 04:48:53 2025 by rpki-client