$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.mft File: JzQEfW6XjVCbqKUabxBkh49Hddo.mft (raw, json) Hash identifier: ojYZoY/sWyXTtoSPAWcJ6Ib15mfgLxWSXY2WDhTlMU0= Subject key identifier: C6:65:67:F4:89:EA:DC:5F:DC:79:9D:2B:9B:78:CE:23:A8:8B:13:D4 Authority key identifier: 27:34:04:7D:6E:97:8D:50:9B:A8:A5:1A:6F:10:64:87:8F:47:75:DA Certificate issuer: /CN=A91C23C5/serialNumber=2734047D6E978D509BA8A51A6F1064878F4775DA Certificate serial: 1D1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JzQEfW6XjVCbqKUabxBkh49Hddo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.mft Manifest number: 1D10 Signing time: Thu 24 Apr 2025 16:09:45 +0000 Manifest this update: Thu 24 Apr 2025 16:09:45 +0000 Manifest next update: Thu 01 May 2025 16:09:45 +0000 Files and hashes: 1: JzQEfW6XjVCbqKUabxBkh49Hddo.crl (hash: qDtUJN9BacLa+ELLq2e6Zdoon8HM9Tc0/u18jWBDOuA=) 2: AC34FBD61C0111EC8ADBF80CC4F9AE02.roa (hash: 5WitENJnrkIaDKSZdGfav4jBMV1MXsoOLjamdvAz9SU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.crl rsync://rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JzQEfW6XjVCbqKUabxBkh49Hddo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7454 (0x1d1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23C5, serialNumber=2734047D6E978D509BA8A51A6F1064878F4775DA Validity Not Before: Apr 24 16:09:45 2025 GMT Not After : May 1 16:09:45 2025 GMT Subject: CN=680a6249-17a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:44:de:64:d6:c6:27:0e:a6:9e:ec:12:a8:d6: 47:63:cf:1c:e5:6c:07:93:8c:a4:0a:33:bb:21:68: f6:f7:9c:1e:c8:32:8e:63:ad:5c:99:b1:4a:57:52: 31:04:27:6f:f3:16:ca:12:63:f5:d7:02:bd:43:8f: 45:3c:74:1d:75:0b:1d:5b:0e:ed:eb:67:dc:f7:05: 09:6c:91:09:f4:ff:82:3e:bc:42:ca:f8:79:26:b9: ed:58:46:b5:cd:7b:c4:86:61:85:fa:aa:72:52:6a: 20:e9:86:14:fe:98:ad:10:d3:75:24:3b:32:45:55: 15:4b:3d:b8:dd:ac:82:b8:d8:43:0b:72:0b:8a:48: 1c:e5:d1:3f:e3:70:3f:e2:6f:f7:e3:03:89:fa:c6: a5:e9:c2:c1:cb:16:23:b8:d7:6f:d1:ea:b0:68:fd: 0d:d7:86:3a:4a:ed:d3:75:b2:0c:a0:11:b2:1e:aa: 72:89:28:85:e1:26:6a:14:f4:27:c1:c9:75:0a:a0: 8c:28:60:a1:57:b6:f1:7b:fa:47:2b:1d:c4:2b:56: 27:26:4d:07:31:cd:d2:7b:91:f8:94:47:26:37:fb: 43:c5:3b:0e:56:59:e9:c1:a9:72:28:25:e9:36:71: 84:28:99:57:20:e1:b4:2a:56:10:b2:d3:16:5e:91: f1:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:65:67:F4:89:EA:DC:5F:DC:79:9D:2B:9B:78:CE:23:A8:8B:13:D4 X509v3 Authority Key Identifier: keyid:27:34:04:7D:6E:97:8D:50:9B:A8:A5:1A:6F:10:64:87:8F:47:75:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JzQEfW6XjVCbqKUabxBkh49Hddo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23C5/831A20FEB5C311E6B5143A2AC4F9AE02/JzQEfW6XjVCbqKUabxBkh49Hddo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:5c:43:15:e0:c9:02:ba:4e:f6:84:4c:03:17:52:94:b5:90: a3:dc:8c:16:94:4f:1f:f0:83:18:3f:60:dc:db:85:de:1a:56: cf:f0:60:10:8d:80:9b:c1:85:c6:80:9f:9a:6a:29:5f:04:25: 30:03:df:3d:19:2a:55:84:11:f4:72:0b:3a:08:de:44:a5:9d: c9:b9:4f:0e:ef:56:c3:45:91:6c:5f:64:fb:dd:8f:f5:70:00: db:23:99:e3:53:e7:0e:ef:1f:17:64:a4:a7:0d:4f:d2:de:a4: ba:90:49:2d:b7:93:61:6a:64:df:4c:55:ea:2a:97:c1:fd:93: 7d:53:fd:fa:d0:89:ef:74:32:c3:34:c5:1e:b8:bc:1a:87:93: c7:e7:d5:93:61:df:bd:8d:5c:48:1b:9d:d5:4e:a5:f3:c9:cc: 35:11:91:60:ac:7a:b8:0c:89:23:23:bb:ec:2f:18:dc:3d:e6: 07:c1:93:08:8f:af:b1:d4:ad:82:42:e5:d0:5f:e6:86:83:96: 5d:ad:a3:d9:74:3b:0f:bc:16:46:4d:0c:40:84:26:69:df:4e: 4e:a9:d9:58:d0:f2:49:2e:76:ef:6e:64:ea:b1:c1:7c:e3:15: 3e:44:37:ea:33:5b:43:22:7a:9a:99:37:cf:18:e9:9c:6d:bd: 8c:2b:77:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzQzUxMTAvBgNVBAUTKDI3MzQwNDdENkU5NzhENTA5QkE4QTUxQTZGMTA2NDg3 OEY0Nzc1REEwHhcNMjUwNDI0MTYwOTQ1WhcNMjUwNTAxMTYwOTQ1WjAYMRYwFAYD VQQDEw02ODBhNjI0OS0xN2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAukTeZNbGJw6mnuwSqNZHY88c5WwHk4ykCjO7IWj295weyDKOY61cmbFKV1Ix BCdv8xbKEmP11wK9Q49FPHQddQsdWw7t62fc9wUJbJEJ9P+CPrxCyvh5JrntWEa1 zXvEhmGF+qpyUmog6YYU/pitENN1JDsyRVUVSz243ayCuNhDC3ILikgc5dE/43A/ 4m/34wOJ+sal6cLByxYjuNdv0eqwaP0N14Y6Su3TdbIMoBGyHqpyiSiF4SZqFPQn wcl1CqCMKGChV7bxe/pHKx3EK1YnJk0HMc3Se5H4lEcmN/tDxTsOVlnpwalyKCXp NnGEKJlXIOG0KlYQstMWXpHxyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMZlZ/SJ 6txf3HmdK5t4ziOoixPUMB8GA1UdIwQYMBaAFCc0BH1ul41Qm6ilGm8QZIePR3Xa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNDNS84MzFBMjBGRUI1 QzMxMUU2QjUxNDNBMkFDNEY5QUUwMi9KelFFZlc2WGpWQ2JxS1VhYnhCa2g0OUhk ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0p6UUVmVzZYalZDYnFLVWFieEJraDQ5SGRkby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MjNDNS84MzFBMjBGRUI1QzMxMUU2QjUxNDNBMkFDNEY5QUUwMi9KelFFZlc2WGpW Q2JxS1VhYnhCa2g0OUhkZG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGXEMV4MkCuk72hEwDF1KUtZCj3IwWlE8f8IMYP2Dc24XeGlbP8GAQ jYCbwYXGgJ+aailfBCUwA989GSpVhBH0cgs6CN5EpZ3JuU8O71bDRZFsX2T73Y/1 cADbI5njU+cO7x8XZKSnDU/S3qS6kEktt5NhamTfTFXqKpfB/ZN9U/360InvdDLD NMUeuLwah5PH59WTYd+9jVxIG53VTqXzycw1EZFgrHq4DIkjI7vsLxjcPeYHwZMI j6+x1K2CQuXQX+aGg5ZdraPZdDsPvBZGTQxAhCZp305OqdlY0PJJLnbvbmTqscF8 4xU+RDfqM1tDInqamTfPGOmcbb2MK3eK -----END CERTIFICATE-----Generated at Sat Apr 26 16:05:26 2025 by rpki-client