$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: MTq6o6/k80yvEnWI96ExdNMoRo9pMBS4UbkXo3+pEEI= Subject key identifier: 17:91:9D:83:06:8A:C3:6C:BB:6F:A6:DB:5E:93:E6:71:F1:97:B5:56 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C32 Signing time: Thu 24 Apr 2025 18:27:48 +0000 Manifest this update: Thu 24 Apr 2025 18:27:48 +0000 Manifest next update: Thu 01 May 2025 18:27:48 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: fE/xy2Na8ks7blM/xMluAVHeeJzzZZzBTftAXUHV0kM=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:27:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3133 (0xc3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Apr 24 18:27:48 2025 GMT Not After : May 1 18:27:48 2025 GMT Subject: CN=680a82a4-6051 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:71:cc:22:d5:ea:12:7a:4c:e3:a9:9b:02:3d: bc:93:3d:06:4c:06:ed:fa:ea:8b:37:7a:7c:e5:8a: f1:c0:b5:07:10:22:cf:f7:e8:1a:07:40:90:1b:2f: 5a:6a:92:b1:ce:eb:88:08:ea:5d:f7:7a:dc:3d:c2: de:b9:6e:5d:5a:51:a8:1a:4e:80:26:76:e9:d5:e0: b1:92:5c:db:41:5a:e3:48:b2:e0:f6:f8:9b:49:59: 54:88:df:6b:87:9d:36:59:ea:1a:41:ba:d5:2e:38: 31:22:18:29:de:20:c1:98:8b:f4:3c:5c:80:f0:a0: a4:0b:fc:a8:0c:20:f8:d0:a1:36:cd:e2:e1:b8:c9: f1:fe:15:1f:91:47:e4:2a:59:fb:f8:bb:6d:3e:e6: 9f:67:8a:d1:91:b5:0a:87:6e:be:9b:df:d5:c8:33: ed:58:30:fb:d0:fc:88:51:58:c0:4d:58:d2:55:ad: 6f:73:24:fd:a5:2d:12:e5:31:80:53:4f:eb:6c:c2: 7e:03:8d:fb:10:d0:2f:80:2e:ab:52:c2:e2:62:76: 1f:d9:37:34:27:95:99:b3:70:91:c4:af:76:3d:9f: 3d:45:00:cb:92:ac:0c:de:9c:c3:17:92:73:b2:19: 46:2b:7e:57:11:1a:ea:c0:bf:99:c1:3e:7b:ef:a3: 5c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:91:9D:83:06:8A:C3:6C:BB:6F:A6:DB:5E:93:E6:71:F1:97:B5:56 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:d5:07:d1:a8:bb:3b:4b:31:b9:f7:16:e7:28:04:15:76:72: 73:11:9f:db:a8:33:5c:e4:57:13:b9:38:7a:c7:b6:39:04:64: 55:fa:ae:36:cd:dd:91:e1:9a:aa:85:ee:a0:9b:ce:f9:d9:af: 44:4d:0c:da:ce:4e:e2:0f:1a:94:4f:d5:be:c6:ad:38:b2:78: fd:79:5d:55:fb:f7:7e:e3:93:0f:bf:60:91:d4:74:4f:d0:13: 89:25:db:82:67:92:d8:7c:c0:f5:d2:21:62:1f:ad:cf:d6:dd: 45:36:e9:b0:f4:40:55:12:c1:ed:4e:6d:58:70:fd:d4:52:ed: 48:6a:49:84:89:c1:f6:6c:39:d9:ee:98:1c:b9:4e:7f:a0:39: f4:c0:cb:d5:bb:f5:6c:d5:95:41:93:36:7b:10:7e:62:7d:11: bb:06:0d:b6:ad:6d:98:49:34:6f:e8:b2:c4:a6:34:b4:24:b9: de:b8:42:46:67:52:b5:43:81:79:ee:af:1e:4a:93:55:e3:ca: c4:ff:94:17:5d:46:9b:a9:60:62:ce:d4:d9:68:d2:16:8e:2d: 15:33:f1:50:e1:2d:68:c9:19:52:12:e9:87:a0:5c:e0:1a:a9: 26:c0:9d:0a:59:aa:14:dc:6b:11:fe:f4:f2:d3:f6:54:ba:78: 21:06:1a:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwNDI0MTgyNzQ4WhcNMjUwNTAxMTgyNzQ4WjAYMRYwFAYD VQQDEw02ODBhODJhNC02MDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm3HMItXqEnpM46mbAj28kz0GTAbt+uqLN3p85YrxwLUHECLP9+gaB0CQGy9a apKxzuuICOpd93rcPcLeuW5dWlGoGk6AJnbp1eCxklzbQVrjSLLg9vibSVlUiN9r h502WeoaQbrVLjgxIhgp3iDBmIv0PFyA8KCkC/yoDCD40KE2zeLhuMnx/hUfkUfk Kln7+LttPuafZ4rRkbUKh26+m9/VyDPtWDD70PyIUVjATVjSVa1vcyT9pS0S5TGA U0/rbMJ+A437ENAvgC6rUsLiYnYf2Tc0J5WZs3CRxK92PZ89RQDLkqwM3pzDF5Jz shlGK35XERrqwL+ZwT5776Nc8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBeRnYMG isNsu2+m216T5nHxl7VWMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCK1QfRqLs7SzG59xbnKAQVdnJzEZ/bqDNc5FcTuTh6x7Y5BGRV+q42 zd2R4Zqqhe6gm8752a9ETQzazk7iDxqUT9W+xq04snj9eV1V+/d+45MPv2CR1HRP 0BOJJduCZ5LYfMD10iFiH63P1t1FNumw9EBVEsHtTm1YcP3UUu1IakmEicH2bDnZ 7pgcuU5/oDn0wMvVu/Vs1ZVBkzZ7EH5ifRG7Bg22rW2YSTRv6LLEpjS0JLneuEJG Z1K1Q4F57q8eSpNV48rE/5QXXUabqWBiztTZaNIWji0VM/FQ4S1oyRlSEumHoFzg GqkmwJ0KWaoU3GsR/vTy0/ZUunghBhoS -----END CERTIFICATE-----Generated at Sat Apr 26 15:04:03 2025 by rpki-client