$ rpki-client -vvf rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft File: JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft (raw, json) Hash identifier: OAY+8BzvJu+I4hcOKB8WIe17gmKh9IGmrec9TWqG79I= Subject key identifier: 9D:3E:B6:DC:D7:87:8C:85:2B:27:07:2E:4F:45:C4:43:D3:06:37:BF Authority key identifier: 24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 Certificate issuer: /CN=A91820CC/serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft Manifest number: 12 Signing time: Fri 25 Apr 2025 07:04:07 +0000 Manifest this update: Fri 25 Apr 2025 07:04:07 +0000 Manifest next update: Fri 02 May 2025 07:04:07 +0000 Files and hashes: 1: JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl (hash: Xx+Wv1Ziw4mSd028iqWxpdjCdpB8dTCv/3fHXLgafGY=) 2: D9D9E8C0191511F092B86383C4F9AE02.roa (hash: QZ2cZMYkPm+jK9/JMXPVcucYU0NqHDxW+giSXfrxEfc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:04:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91820CC, serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Validity Not Before: Apr 25 07:04:07 2025 GMT Not After : May 2 07:04:07 2025 GMT Subject: CN=680b33e7-1174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:a8:86:87:e1:62:08:82:42:55:1a:68:46:da: a1:bc:da:60:66:1d:2d:c1:ec:3b:11:ce:44:2c:0d: ad:7d:74:44:ba:ee:4f:5d:aa:05:01:a5:1c:54:1f: 12:61:2e:0e:2d:30:28:1a:b7:64:0f:c1:e2:a3:c8: e3:39:a2:2f:ef:cc:a6:86:b2:3c:4a:29:0d:d2:e0: 3a:fd:a5:7a:08:dc:6c:b3:ab:1b:32:c9:56:e8:fe: a1:40:c6:01:6b:7a:76:58:dd:4c:ba:ea:a0:35:91: 81:30:01:92:f4:e5:ab:7b:ec:1e:68:cb:07:33:58: e3:37:02:cd:cd:42:d0:50:92:f4:8f:26:9d:80:fe: 43:e4:2c:14:eb:ce:d8:35:bb:24:80:0d:97:83:cf: 50:3d:b3:04:a1:3b:ae:fa:c4:f5:c9:de:6f:13:0f: 19:e9:52:36:76:fc:26:de:ce:26:83:fe:79:cc:8e: 07:6a:43:92:84:f5:ab:54:59:f5:e5:26:a0:34:3a: 51:d6:40:44:2a:8b:f9:b6:fb:98:71:d9:2e:61:eb: 3b:b9:5b:e0:d9:40:51:92:f1:61:46:a6:e2:30:b8: ac:ce:e5:07:24:e7:c9:18:36:ed:b5:7e:72:ed:82: 79:c7:44:89:74:c2:af:13:55:70:4c:8d:0d:c6:c4: fd:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:3E:B6:DC:D7:87:8C:85:2B:27:07:2E:4F:45:C4:43:D3:06:37:BF X509v3 Authority Key Identifier: keyid:24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:dc:b2:fb:d6:ca:bd:52:46:58:20:09:69:95:76:b7:14:81: 1c:11:2f:63:96:8d:17:68:6e:10:5a:cd:06:22:2f:d0:af:f7: 07:b5:d4:72:0a:36:fa:f1:52:67:8f:71:14:b8:e8:d5:36:37: db:7d:39:37:c5:80:17:ae:e9:0f:94:c9:fa:76:06:80:79:e2: ac:28:19:92:8b:d8:8a:d1:a5:4d:53:7a:dd:04:19:fd:25:cb: 38:67:88:5a:d6:95:e1:96:39:1d:c6:9e:13:f3:14:f7:ac:7a: e2:84:37:6c:3a:37:d0:38:72:c4:f1:b4:4f:78:26:7e:6b:7b: 2c:f9:56:de:2e:bf:4f:d4:16:ba:b6:ae:20:a8:6e:64:a4:4f: 1e:20:e2:fe:9f:45:55:3c:0b:04:03:13:ff:65:34:58:19:71: 77:c0:30:59:47:3f:e1:30:b6:1f:e6:b4:55:8b:84:57:6b:f8: ff:61:cf:c3:b0:d1:88:db:a5:3d:e2:72:88:6b:03:15:08:89: 4f:5f:ae:87:f8:02:a5:fd:d1:4f:84:08:d2:9d:a7:39:c0:97: ba:e2:36:ae:cf:1d:57:35:71:16:ae:4a:9c:6a:98:8d:5d:7c: 74:73:61:5b:7b:37:3a:b9:0d:ce:52:ae:fa:e2:bf:1c:18:78: db:17:70:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MjBDQzExMC8GA1UEBRMoMjQ1M0NFN0M0MjUzREJCMkM3QUMzRDI5MDEzRTkwRDVG NTNDNUQwOTAeFw0yNTA0MjUwNzA0MDdaFw0yNTA1MDIwNzA0MDdaMBgxFjAUBgNV BAMTDTY4MGIzM2U3LTExNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDpqIaH4WIIgkJVGmhG2qG82mBmHS3B7DsRzkQsDa19dES67k9dqgUBpRxUHxJh Lg4tMCgat2QPweKjyOM5oi/vzKaGsjxKKQ3S4Dr9pXoI3GyzqxsyyVbo/qFAxgFr enZY3Uy66qA1kYEwAZL05at77B5oywczWOM3As3NQtBQkvSPJp2A/kPkLBTrztg1 uySADZeDz1A9swShO676xPXJ3m8TDxnpUjZ2/CbeziaD/nnMjgdqQ5KE9atUWfXl JqA0OlHWQEQqi/m2+5hx2S5h6zu5W+DZQFGS8WFGpuIwuKzO5Qck58kYNu21fnLt gnnHRIl0wq8TVXBMjQ3GxP2FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnT623NeH jIUrJwcuT0XEQ9MGN78wHwYDVR0jBBgwFoAUJFPOfEJT27LHrD0pAT6Q1fU8XQkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgyMENDL0JERDRBRjNDMEJE OTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdMSHJEMHBBVDZRMWZVOFhR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvSkZQT2ZFSlQyN0xIckQwcEFUNlExZlU4WFFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgy MENDL0JERDRBRjNDMEJEOTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdM SHJEMHBBVDZRMWZVOFhRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALPcsvvWyr1SRlggCWmVdrcUgRwRL2OWjRdobhBazQYiL9Cv9we11HIK NvrxUmePcRS46NU2N9t9OTfFgBeu6Q+Uyfp2BoB54qwoGZKL2IrRpU1Tet0EGf0l yzhniFrWleGWOR3GnhPzFPeseuKEN2w6N9A4csTxtE94Jn5reyz5Vt4uv0/UFrq2 riCobmSkTx4g4v6fRVU8CwQDE/9lNFgZcXfAMFlHP+Ewth/mtFWLhFdr+P9hz8Ow 0YjbpT3icohrAxUIiU9frof4AqX90U+ECNKdpznAl7riNq7PHVc1cRauSpxqmI1d fHRzYVt7Nzq5Dc5SrvrivxwYeNsXcJc= -----END CERTIFICATE-----Generated at Sat Apr 26 13:34:14 2025 by rpki-client