$ rpki-client -vvf rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.mft File: rj-mU0lVFmDf9IxJfoN4pjC5g3Y.mft (raw, json) Hash identifier: MZcvsCuwrpKVI7vX9REAny+1dj9N5fh7N63eBRsAe4Q= Subject key identifier: B5:D1:C9:53:42:A8:47:0E:A7:E0:DF:28:99:A7:FE:6A:02:68:FC:43 Authority key identifier: AE:3F:A6:53:49:55:16:60:DF:F4:8C:49:7E:83:78:A6:30:B9:83:76 Certificate issuer: /CN=A915EB0B/serialNumber=AE3FA65349551660DFF48C497E8378A630B98376 Certificate serial: 0528 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.mft Manifest number: 0523 Signing time: Thu 24 Apr 2025 23:19:12 +0000 Manifest this update: Thu 24 Apr 2025 23:19:11 +0000 Manifest next update: Thu 01 May 2025 23:19:11 +0000 Files and hashes: 1: rj-mU0lVFmDf9IxJfoN4pjC5g3Y.crl (hash: HyNWGtNzzPLaxelqVMEBaFc9okAVtJwpP856it0xlNE=) 2: D7AD2B6AF90311EBBB71C076C4F9AE02.roa (hash: VL9J48E6mKHF8lb44rgcasmZ+ef6A3tiZtXM0iIEHSs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.crl rsync://rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:19:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1320 (0x528) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EB0B, serialNumber=AE3FA65349551660DFF48C497E8378A630B98376 Validity Not Before: Apr 24 23:19:11 2025 GMT Not After : May 1 23:19:11 2025 GMT Subject: CN=680ac6f0-05c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:40:ff:ed:10:50:4d:31:fa:e2:b5:59:b9:8a: 10:3b:22:17:0a:1a:13:ca:44:8d:fb:e5:e7:3a:6f: 29:ab:3c:fc:ca:10:78:cc:a6:2d:3a:2f:37:7c:3b: 0d:e5:bc:56:c3:91:44:d1:ff:81:51:ac:fc:c8:c3: 93:7f:ab:58:22:89:e9:c1:46:4a:45:f2:2e:ef:0f: 68:f3:04:ff:e3:98:97:be:d2:7b:14:ee:07:d6:d8: ef:ba:0f:0e:5a:53:41:22:66:33:3a:a8:13:a6:1d: de:84:6e:fc:4f:3c:e9:b7:07:65:93:50:d0:61:34: b2:58:ce:10:26:6e:26:9e:d2:f6:03:aa:8d:d4:2b: 40:04:1a:9f:ce:12:d4:e6:f9:67:8c:a5:4f:62:7f: db:e4:9d:90:95:59:3a:56:cb:d8:57:f9:d2:8f:0d: 30:84:45:ed:67:4e:ce:0c:7b:39:7f:2e:bf:f2:a1: c7:cc:ec:44:c3:e5:b2:79:c9:43:81:41:4d:1e:66: 92:5a:09:ab:26:ce:66:ee:09:64:54:b5:35:fe:dc: 9e:12:67:aa:f3:6e:73:e8:f2:86:cd:00:5a:9c:bb: df:4e:3a:2f:95:c7:5c:08:79:01:a9:31:e6:97:f0: ce:a0:40:8d:71:b0:fc:c7:1b:e4:5b:51:49:0d:0c: af:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:D1:C9:53:42:A8:47:0E:A7:E0:DF:28:99:A7:FE:6A:02:68:FC:43 X509v3 Authority Key Identifier: keyid:AE:3F:A6:53:49:55:16:60:DF:F4:8C:49:7E:83:78:A6:30:B9:83:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EB0B/3A4C4606F90011EBBA19D528C4F9AE02/rj-mU0lVFmDf9IxJfoN4pjC5g3Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:55:7b:12:8b:81:ca:d2:a1:c7:50:07:b8:a6:27:25:00:ba: 45:15:12:4a:7b:fa:b1:40:cd:70:43:b1:5c:f2:15:3d:23:78: 1d:e0:c5:b8:c3:d3:25:2f:f0:07:2e:75:81:89:23:00:8e:ed: 6f:c7:eb:c0:c6:e9:bd:86:b1:31:19:81:47:51:09:6c:60:13: 01:a6:94:ce:79:e6:c0:be:6e:d9:24:25:6f:cc:05:d8:61:d9: 8d:36:d9:13:ec:93:57:09:09:fb:7a:12:47:4d:5c:b1:d2:e9: e5:25:b4:78:62:7b:c5:e6:ef:49:88:c0:36:53:e0:c2:14:e8: 91:01:87:78:59:8a:75:b8:17:b2:73:b0:3f:64:da:7a:be:e6: ea:da:e7:eb:28:98:05:86:8b:60:ee:6b:5e:09:10:5b:0b:9c: 21:5f:15:18:75:52:60:0f:e8:75:24:46:8f:09:b8:6f:53:7e: 5c:de:fb:45:e5:b1:ff:73:ee:d0:52:d1:3e:99:e2:6a:37:0e: a9:cb:9b:52:42:33:04:97:88:69:34:c2:1a:24:a6:06:a2:1d: 73:9f:56:f1:6c:08:83:16:ba:d8:40:25:40:71:5f:d9:8b:b3: 7d:3c:0f:1c:85:3a:9e:a2:54:8c:8a:43:bc:28:9c:26:cc:8d: e8:30:db:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVCMEIxMTAvBgNVBAUTKEFFM0ZBNjUzNDk1NTE2NjBERkY0OEM0OTdFODM3OEE2 MzBCOTgzNzYwHhcNMjUwNDI0MjMxOTExWhcNMjUwNTAxMjMxOTExWjAYMRYwFAYD VQQDEw02ODBhYzZmMC0wNWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxUD/7RBQTTH64rVZuYoQOyIXChoTykSN++XnOm8pqzz8yhB4zKYtOi83fDsN 5bxWw5FE0f+BUaz8yMOTf6tYIonpwUZKRfIu7w9o8wT/45iXvtJ7FO4H1tjvug8O WlNBImYzOqgTph3ehG78Tzzptwdlk1DQYTSyWM4QJm4mntL2A6qN1CtABBqfzhLU 5vlnjKVPYn/b5J2QlVk6VsvYV/nSjw0whEXtZ07ODHs5fy6/8qHHzOxEw+WyeclD gUFNHmaSWgmrJs5m7glkVLU1/tyeEmeq825z6PKGzQBanLvfTjovlcdcCHkBqTHm l/DOoECNcbD8xxvkW1FJDQyvIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLXRyVNC qEcOp+DfKJmn/moCaPxDMB8GA1UdIwQYMBaAFK4/plNJVRZg3/SMSX6DeKYwuYN2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUIwQi8zQTRDNDYwNkY5 MDAxMUVCQkExOUQ1MjhDNEY5QUUwMi9yai1tVTBsVkZtRGY5SXhKZm9ONHBqQzVn M1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JqLW1VMGxWRm1EZjlJeEpmb040cGpDNWczWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RUIwQi8zQTRDNDYwNkY5MDAxMUVCQkExOUQ1MjhDNEY5QUUwMi9yai1tVTBsVkZt RGY5SXhKZm9ONHBqQzVnM1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmVXsSi4HK0qHHUAe4piclALpFFRJKe/qxQM1wQ7Fc8hU9I3gd4MW4 w9MlL/AHLnWBiSMAju1vx+vAxum9hrExGYFHUQlsYBMBppTOeebAvm7ZJCVvzAXY YdmNNtkT7JNXCQn7ehJHTVyx0unlJbR4YnvF5u9JiMA2U+DCFOiRAYd4WYp1uBey c7A/ZNp6vubq2ufrKJgFhotg7mteCRBbC5whXxUYdVJgD+h1JEaPCbhvU35c3vtF 5bH/c+7QUtE+meJqNw6py5tSQjMEl4hpNMIaJKYGoh1zn1bxbAiDFrrYQCVAcV/Z i7N9PA8chTqeolSMikO8KJwmzI3oMNsb -----END CERTIFICATE-----Generated at Sat Apr 26 12:37:57 2025 by rpki-client