$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.mft File: jZIwmM1n9tG_JM--LD3KC2Zau4w.mft (raw, json) Hash identifier: yD3sdTmWEScfkWsSpEQ63a/D7dJ3Rhl3sBC0CZ+AsfY= Subject key identifier: DE:11:B8:EB:B1:68:22:12:51:E9:9D:18:4A:01:F1:DC:6E:D3:DF:C3 Authority key identifier: 8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C Certificate issuer: /CN=A9148B17/serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C Certificate serial: 0133 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.mft Manifest number: 012B Signing time: Fri 25 Apr 2025 03:48:13 +0000 Manifest this update: Fri 25 Apr 2025 03:48:13 +0000 Manifest next update: Fri 02 May 2025 03:48:13 +0000 Files and hashes: 1: jZIwmM1n9tG_JM--LD3KC2Zau4w.crl (hash: pi/MLaZ4ew0uahXrjmSrbAyPmtkL9kAFmSNQdNRSsj4=) 2: 4495F306772E11EEB7DE544FC4F9AE02.roa (hash: ccDaM+xIQE3p2Y5zhdqiVD5sdxLAr7SXV+gu36JLnEc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.crl rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:48:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 307 (0x133) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B17, serialNumber=8D923098CD67F6D1BF24CFBE2C3DCA0B665ABB8C Validity Not Before: Apr 25 03:48:13 2025 GMT Not After : May 2 03:48:13 2025 GMT Subject: CN=680b05fd-5268 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:dd:7c:ca:d2:3f:e9:29:e4:8e:4b:37:9e:95: cd:8f:63:95:fd:30:1f:2a:43:61:75:08:1d:08:c5: 1e:3c:29:95:da:6c:79:63:01:65:f9:cf:ee:44:91: 90:eb:12:26:1f:21:2f:bb:0d:89:32:0f:04:8b:cf: ac:b3:11:6c:29:aa:cb:98:9e:35:bc:3d:f9:b7:c9: b4:86:1c:03:0f:67:b1:49:e3:c6:80:ce:e0:a7:36: 4e:f5:84:4f:48:38:8c:d5:03:23:14:1d:53:ee:97: 31:d3:fb:06:ec:95:9a:fe:5c:ab:6b:d7:10:60:7c: 0a:cb:02:02:a9:ae:ea:91:95:ec:22:45:fd:49:d4: 42:6d:8d:99:53:d3:71:85:40:b5:42:e1:51:8b:13: 5e:e9:cb:6c:74:ad:b0:5e:ad:0d:6e:1f:dc:29:85: ae:7b:ac:12:00:91:96:28:87:5a:45:20:1c:d9:78: fc:d2:b1:d8:da:6f:c0:6e:d6:c3:77:0b:57:c3:54: c1:30:ab:4f:ce:f6:86:60:2d:ff:63:ee:b9:d1:19: 09:6f:c4:72:4e:d5:00:f5:9f:1b:98:2f:fa:b6:e1: 28:b2:99:d4:57:46:d5:e7:e2:da:78:79:dd:5c:c7: d6:88:20:6a:5c:02:5e:9d:bc:36:8c:27:c2:7b:d5: d7:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:11:B8:EB:B1:68:22:12:51:E9:9D:18:4A:01:F1:DC:6E:D3:DF:C3 X509v3 Authority Key Identifier: keyid:8D:92:30:98:CD:67:F6:D1:BF:24:CF:BE:2C:3D:CA:0B:66:5A:BB:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jZIwmM1n9tG_JM--LD3KC2Zau4w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B17/EA4B165E68ED11EEB4B5D362C4F9AE02/jZIwmM1n9tG_JM--LD3KC2Zau4w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:f6:c6:2f:f4:12:5d:be:3b:24:84:b7:6c:68:46:4c:84:84: e8:40:86:b6:6e:ea:e8:b9:00:1e:aa:c1:a5:70:19:c4:70:98: 8b:4c:25:2a:5c:1a:17:e1:5d:0f:ea:60:f8:e8:37:75:31:5b: 83:96:08:d6:3e:dd:ce:e6:a5:8e:47:24:0c:fe:fb:3c:3e:a0: 0b:a1:a8:6b:41:0e:1d:32:57:75:45:3b:64:a6:c6:ff:e6:87: a2:11:5a:bb:97:e7:c5:35:52:fc:51:b6:38:5e:ba:23:ed:1c: 02:c5:0f:a9:7b:5f:75:99:c3:2d:17:bd:aa:af:aa:b3:9c:31: 35:5e:56:36:2d:cd:fa:c1:ba:87:3d:36:ae:08:90:7a:95:aa: fc:3c:3c:78:69:62:2d:2b:14:00:ab:93:df:a4:ec:62:10:70: 40:fc:db:31:0b:a8:10:23:71:84:0e:da:66:60:53:d5:9b:bf: 0b:22:7f:70:e2:86:5b:4f:c4:32:36:eb:cb:06:4c:7d:2e:da: 9e:53:c9:26:ed:21:b3:36:4e:4f:5d:69:c0:8c:5c:17:09:d8: 04:07:00:25:9c:6d:76:a8:88:e0:33:6c:cd:8f:36:90:97:df: 7f:59:29:8b:aa:39:b9:b4:5a:17:89:94:b5:15:15:00:6b:ce: a7:56:4a:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCMTcxMTAvBgNVBAUTKDhEOTIzMDk4Q0Q2N0Y2RDFCRjI0Q0ZCRTJDM0RDQTBC NjY1QUJCOEMwHhcNMjUwNDI1MDM0ODEzWhcNMjUwNTAyMDM0ODEzWjAYMRYwFAYD VQQDEw02ODBiMDVmZC01MjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxd18ytI/6Snkjks3npXNj2OV/TAfKkNhdQgdCMUePCmV2mx5YwFl+c/uRJGQ 6xImHyEvuw2JMg8Ei8+ssxFsKarLmJ41vD35t8m0hhwDD2exSePGgM7gpzZO9YRP SDiM1QMjFB1T7pcx0/sG7JWa/lyra9cQYHwKywICqa7qkZXsIkX9SdRCbY2ZU9Nx hUC1QuFRixNe6ctsdK2wXq0Nbh/cKYWue6wSAJGWKIdaRSAc2Xj80rHY2m/AbtbD dwtXw1TBMKtPzvaGYC3/Y+650RkJb8RyTtUA9Z8bmC/6tuEospnUV0bV5+LaeHnd XMfWiCBqXAJenbw2jCfCe9XXiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN4RuOux aCISUemdGEoB8dxu09/DMB8GA1UdIwQYMBaAFI2SMJjNZ/bRvyTPviw9ygtmWruM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEIxNy9FQTRCMTY1RTY4 RUQxMUVFQjRCNUQzNjJDNEY5QUUwMi9qWkl3bU0xbjl0R19KTS0tTEQzS0MyWmF1 NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2paSXdtTTFuOXRHX0pNLS1MRDNLQzJaYXU0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEIxNy9FQTRCMTY1RTY4RUQxMUVFQjRCNUQzNjJDNEY5QUUwMi9qWkl3bU0xbjl0 R19KTS0tTEQzS0MyWmF1NHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCc9sYv9BJdvjskhLdsaEZMhIToQIa2burouQAeqsGlcBnEcJiLTCUq XBoX4V0P6mD46Dd1MVuDlgjWPt3O5qWORyQM/vs8PqALoahrQQ4dMld1RTtkpsb/ 5oeiEVq7l+fFNVL8UbY4Xroj7RwCxQ+pe191mcMtF72qr6qznDE1XlY2Lc36wbqH PTauCJB6lar8PDx4aWItKxQAq5PfpOxiEHBA/NsxC6gQI3GEDtpmYFPVm78LIn9w 4oZbT8QyNuvLBkx9LtqeU8km7SGzNk5PXWnAjFwXCdgEBwAlnG12qIjgM2zNjzaQ l99/WSmLqjm5tFoXiZS1FRUAa86nVkqo -----END CERTIFICATE-----Generated at Sat Apr 26 13:05:24 2025 by rpki-client