$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: rcXtvWiY6pSlD2V/yT7qrrI84T11CungzZx00GgBICQ= Subject key identifier: 36:8F:9F:2D:11:D3:0D:8C:76:D7:4E:B8:97:1E:3E:B1:B2:AC:D4:7E Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 0188 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 0183 Signing time: Thu 03 Jul 2025 03:44:54 +0000 Manifest this update: Thu 03 Jul 2025 03:44:54 +0000 Manifest next update: Thu 10 Jul 2025 03:44:54 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: uDxy+M1r7O7MuWCmtAVXm0ug8aBEgpMMSnV3CvD5mkE=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: mBxiRWgEarnzYFat9Qg22lu2bbXA9CIcAcjVQbJnnic=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 392 (0x188) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: Jul 3 03:44:54 2025 GMT Not After : Jul 10 03:44:54 2025 GMT Subject: CN=6865fcb6-9321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:74:ce:4e:28:b3:e1:11:d1:11:34:55:75:ba: 51:7f:66:0f:45:3e:60:df:f6:ec:3d:64:93:82:e7: 4f:cd:70:e3:87:04:60:d6:53:c6:02:d1:4d:b4:c8: c1:29:8c:0d:73:b4:49:b3:96:f5:d7:b6:43:ef:1f: b8:3f:82:fd:ff:cb:91:c1:d7:b5:ff:d1:a2:0d:56: 8f:04:1a:17:d4:07:21:7a:bb:07:72:4a:f8:29:20: d1:dd:a1:f0:50:b4:59:ac:e1:2e:55:4a:7c:2d:07: 32:26:3f:05:35:b4:f6:e9:98:c6:a9:0e:0d:00:c1: 95:83:41:25:8a:c7:6e:a6:d3:6f:15:75:c3:cc:9a: 86:f2:e7:12:35:10:2a:68:e7:c7:bc:a7:e8:78:69: 2b:3b:e6:57:4e:06:c7:16:8a:10:05:f1:d8:e6:c8: 45:9c:26:fc:c6:78:7b:41:7f:2a:30:76:53:34:46: fe:94:f1:d3:88:88:99:78:7e:20:7b:58:ba:37:91: 71:ad:1b:4e:d6:21:3f:bf:8c:4e:8d:cf:b7:08:0b: 62:ef:3b:c9:f7:1c:75:58:bf:cf:3e:5d:fe:4c:cb: f4:08:b0:47:29:11:33:28:3b:ba:e2:b0:38:f4:ce: f4:22:5f:cd:de:8c:77:82:55:c5:1d:a6:58:69:a3: 6a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:8F:9F:2D:11:D3:0D:8C:76:D7:4E:B8:97:1E:3E:B1:B2:AC:D4:7E X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:1b:df:79:58:9a:12:a7:ac:dd:7c:44:7c:09:bd:3e:06:07: ce:95:01:1e:a2:cb:51:36:bd:40:a9:1e:f4:78:f1:50:45:1e: b5:6d:cd:c9:be:d4:a9:09:e6:b9:22:5e:49:67:d4:b5:77:d7: a8:2f:b6:26:d4:dd:da:7e:61:af:66:2c:b4:5a:d2:c7:38:a7: ee:7b:5d:3c:47:15:3e:2c:52:85:be:26:e1:8a:39:cd:4a:d4: 99:22:a5:d2:3b:74:77:e0:87:01:8e:80:a3:a3:1f:f4:c5:9a: 5f:32:96:92:f4:82:a7:a1:93:5b:46:51:ef:67:40:87:b5:21: eb:0e:da:87:7a:b5:91:0c:59:2b:01:b8:4a:04:c5:f0:6f:42: 4d:e2:ae:04:49:89:f0:89:80:72:ed:f9:bf:1f:4b:82:75:da: bb:5a:99:fb:28:ec:ec:63:bf:59:55:dc:6c:b5:ff:b5:53:2e: f6:1d:b8:ba:d6:96:bc:14:00:a1:96:f6:2c:33:da:ea:87:d4: 73:3d:71:6d:b3:2a:c9:68:bd:a8:d4:7e:f9:e7:2c:4c:a7:10: 84:3f:b7:e6:9d:85:77:02:c0:c0:c2:c8:3f:7d:28:14:bf:b9: 09:67:fc:ee:c0:9a:ac:db:77:53:b9:a9:7b:ca:bb:af:f9:c8: fc:4d:1f:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUwNzAzMDM0NDU0WhcNMjUwNzEwMDM0NDU0WjAYMRYwFAYD VQQDEw02ODY1ZmNiNi05MzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw3TOTiiz4RHRETRVdbpRf2YPRT5g3/bsPWSTgudPzXDjhwRg1lPGAtFNtMjB KYwNc7RJs5b117ZD7x+4P4L9/8uRwde1/9GiDVaPBBoX1AchersHckr4KSDR3aHw ULRZrOEuVUp8LQcyJj8FNbT26ZjGqQ4NAMGVg0ElisduptNvFXXDzJqG8ucSNRAq aOfHvKfoeGkrO+ZXTgbHFooQBfHY5shFnCb8xnh7QX8qMHZTNEb+lPHTiIiZeH4g e1i6N5FxrRtO1iE/v4xOjc+3CAti7zvJ9xx1WL/PPl3+TMv0CLBHKREzKDu64rA4 9M70Il/N3ox3glXFHaZYaaNquQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDaPny0R 0w2MdtdOuJcePrGyrNR+MB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDLG995WJoSp6zdfER8Cb0+BgfOlQEeostRNr1AqR70ePFQRR61bc3J vtSpCea5Il5JZ9S1d9eoL7Ym1N3afmGvZiy0WtLHOKfue108RxU+LFKFvibhijnN StSZIqXSO3R34IcBjoCjox/0xZpfMpaS9IKnoZNbRlHvZ0CHtSHrDtqHerWRDFkr AbhKBMXwb0JN4q4ESYnwiYBy7fm/H0uCddq7Wpn7KOzsY79ZVdxstf+1Uy72Hbi6 1pa8FAChlvYsM9rqh9RzPXFtsyrJaL2o1H755yxMpxCEP7fmnYV3AsDAwsg/fSgU v7kJZ/zuwJqs23dTual7yruv+cj8TR8h -----END CERTIFICATE-----Generated at Thu Jul 3 09:13:26 2025 by rpki-client