$ rpki-client -vvf rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.mft File: jLK71ktqd04WwQ_cplCnrcWzjXg.mft (raw, json) Hash identifier: cLC8RRxEHJrebBkXuUyxQaz/4TVLx8MArUbuFiTs+IY= Subject key identifier: CA:A6:3D:4E:A2:15:7F:E1:E7:70:FA:CB:57:C0:29:58:0F:5F:C1:A8 Authority key identifier: 8C:B2:BB:D6:4B:6A:77:4E:16:C1:0F:DC:A6:50:A7:AD:C5:B3:8D:78 Certificate issuer: /CN=A914749C/serialNumber=8CB2BBD64B6A774E16C10FDCA650A7ADC5B38D78 Certificate serial: 1C01 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.mft Manifest number: 1BE9 Signing time: Thu 24 Apr 2025 16:13:52 +0000 Manifest this update: Thu 24 Apr 2025 16:13:52 +0000 Manifest next update: Thu 01 May 2025 16:13:52 +0000 Files and hashes: 1: jLK71ktqd04WwQ_cplCnrcWzjXg.crl (hash: m2QRABhLZLdOX4ZQfSqiZFgQ0KL5lE3ed7obzU6V4xE=) 2: 433FBBECF1A511E6BE0A844EC4F9AE02.roa (hash: UTjSg2cr4EOymY78oxKDbnxxdk7LUhNg4mssHXCS3hY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.crl rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:13:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7169 (0x1c01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914749C, serialNumber=8CB2BBD64B6A774E16C10FDCA650A7ADC5B38D78 Validity Not Before: Apr 24 16:13:52 2025 GMT Not After : May 1 16:13:52 2025 GMT Subject: CN=680a6340-70e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:eb:e6:e5:c5:54:39:7d:a8:78:71:5b:77:13: 5e:c0:a3:7f:c4:7c:d4:55:59:59:01:88:7e:2e:02: ba:27:cd:79:80:c4:55:18:8b:c5:4d:a4:f6:4b:34: fb:3d:a2:88:d2:df:17:7f:17:06:c2:80:5b:46:a5: e0:12:c7:d6:e8:8d:c7:ae:8a:2f:d5:5c:26:a1:f5: 25:85:7f:00:96:90:de:c7:82:75:a9:2c:3a:0b:ec: 47:c2:1f:58:62:4f:76:1c:c2:e9:b0:bb:3e:a4:0d: 47:c4:bd:e8:9d:ff:a1:0f:cd:e2:c4:94:ae:fc:7a: 9c:cf:d3:c1:e6:e0:cf:01:b7:6d:ca:bf:8e:6e:a2: 16:15:94:e8:86:be:bd:25:cf:10:46:0c:e9:c0:17: 35:3e:e2:d4:cd:29:e9:2d:fd:19:6c:af:03:95:97: c8:00:a0:5c:c5:16:0c:e6:e1:7b:6e:fb:de:40:9e: ec:ae:96:51:b6:52:bd:32:32:e9:e8:37:9c:79:78: 58:8e:92:58:57:71:92:24:72:e5:3b:34:e6:58:d4: 28:69:de:01:96:51:09:d2:d5:a2:f1:5f:f5:ae:81: e2:4f:50:ea:74:23:b7:3b:f8:58:55:6a:ba:cd:68: 82:5c:49:3b:fa:5c:bd:5c:eb:cb:11:6c:00:2d:19: 2b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:A6:3D:4E:A2:15:7F:E1:E7:70:FA:CB:57:C0:29:58:0F:5F:C1:A8 X509v3 Authority Key Identifier: keyid:8C:B2:BB:D6:4B:6A:77:4E:16:C1:0F:DC:A6:50:A7:AD:C5:B3:8D:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jLK71ktqd04WwQ_cplCnrcWzjXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914749C/8D78E57EF1A211E69421B545C4F9AE02/jLK71ktqd04WwQ_cplCnrcWzjXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:44:c1:a9:f6:09:02:4f:c1:a0:d2:97:be:43:c6:eb:ba:de: 76:f0:fe:8d:89:bf:95:b9:f6:f8:7d:13:11:b1:26:63:b6:f5: c5:13:dc:63:f1:81:cf:c7:06:42:94:8c:fc:ca:6d:a1:94:06: c1:5c:45:3b:6c:a0:e7:7c:f1:c0:34:c4:56:68:d7:c5:74:58: 7b:00:df:a3:4e:ef:58:a8:74:a5:c1:7a:10:8d:e4:5e:4e:ef: e1:46:cb:3f:78:17:fe:93:1e:72:e7:75:3f:e7:bb:0b:c1:18: bf:72:e1:f5:cb:70:5a:88:2b:d9:e2:a2:7e:95:28:7f:6b:72: 5a:95:6f:72:47:96:f3:8a:a6:21:ee:eb:e9:79:7a:d6:3b:c5: 32:b4:19:60:3f:cd:bb:84:71:bf:1b:ad:09:19:db:c2:e7:2d: 76:7e:eb:2b:7c:de:44:16:8c:a7:ba:68:1a:62:6f:28:d8:e0: e4:d1:35:26:34:aa:c3:0c:7f:62:9b:99:86:5a:93:ff:7c:9b: 20:98:78:4b:ed:72:cd:6b:78:ab:2a:54:ef:7f:e0:bd:05:bc: 90:80:08:6f:f0:ef:97:2d:f1:e0:63:ff:51:a9:e1:5d:57:b6: fd:2b:f7:c8:1f:b1:8e:aa:2b:ac:22:f7:3b:30:37:5e:66:68: a5:23:af:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc0OUMxMTAvBgNVBAUTKDhDQjJCQkQ2NEI2QTc3NEUxNkMxMEZEQ0E2NTBBN0FE QzVCMzhENzgwHhcNMjUwNDI0MTYxMzUyWhcNMjUwNTAxMTYxMzUyWjAYMRYwFAYD VQQDEw02ODBhNjM0MC03MGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1+vm5cVUOX2oeHFbdxNewKN/xHzUVVlZAYh+LgK6J815gMRVGIvFTaT2SzT7 PaKI0t8XfxcGwoBbRqXgEsfW6I3Hroov1VwmofUlhX8AlpDex4J1qSw6C+xHwh9Y Yk92HMLpsLs+pA1HxL3onf+hD83ixJSu/Hqcz9PB5uDPAbdtyr+ObqIWFZTohr69 Jc8QRgzpwBc1PuLUzSnpLf0ZbK8DlZfIAKBcxRYM5uF7bvveQJ7srpZRtlK9MjLp 6DeceXhYjpJYV3GSJHLlOzTmWNQoad4BllEJ0tWi8V/1roHiT1DqdCO3O/hYVWq6 zWiCXEk7+ly9XOvLEWwALRkrzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMqmPU6i FX/h53D6y1fAKVgPX8GoMB8GA1UdIwQYMBaAFIyyu9ZLandOFsEP3KZQp63Fs414 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzQ5Qy84RDc4RTU3RUYx QTIxMUU2OTQyMUI1NDVDNEY5QUUwMi9qTEs3MWt0cWQwNFd3UV9jcGxDbnJjV3pq WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pMSzcxa3RxZDA0V3dRX2NwbENucmNXempYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzQ5Qy84RDc4RTU3RUYxQTIxMUU2OTQyMUI1NDVDNEY5QUUwMi9qTEs3MWt0cWQw NFd3UV9jcGxDbnJjV3pqWGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRRMGp9gkCT8Gg0pe+Q8brut528P6Nib+Vufb4fRMRsSZjtvXFE9xj 8YHPxwZClIz8ym2hlAbBXEU7bKDnfPHANMRWaNfFdFh7AN+jTu9YqHSlwXoQjeRe Tu/hRss/eBf+kx5y53U/57sLwRi/cuH1y3BaiCvZ4qJ+lSh/a3JalW9yR5bziqYh 7uvpeXrWO8UytBlgP827hHG/G60JGdvC5y12fusrfN5EFoynumgaYm8o2ODk0TUm NKrDDH9im5mGWpP/fJsgmHhL7XLNa3irKlTvf+C9BbyQgAhv8O+XLfHgY/9RqeFd V7b9K/fIH7GOqiusIvc7MDdeZmilI68V -----END CERTIFICATE-----Generated at Sat Apr 26 05:06:48 2025 by rpki-client