$ rpki-client -vvf rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.mft File: JbCzFZvpDPGiOyUhpSER_wOQXvc.mft (raw, json) Hash identifier: DKY2gB12y5OlvzEGFqEx4LwLAi/Ty4BUXnhJIe+FYSc= Subject key identifier: D6:AB:C8:9E:C9:05:1F:93:8D:EC:43:31:C2:DF:A2:E5:3C:6B:8F:51 Authority key identifier: 25:B0:B3:15:9B:E9:0C:F1:A2:3B:25:21:A5:21:11:FF:03:90:5E:F7 Certificate issuer: /CN=A919A716/serialNumber=25B0B3159BE90CF1A23B2521A52111FF03905EF7 Certificate serial: 06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JbCzFZvpDPGiOyUhpSER_wOQXvc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.mft Manifest number: 05 Signing time: Sat 05 Apr 2025 07:30:16 +0000 Manifest this update: Sat 05 Apr 2025 07:30:16 +0000 Manifest next update: Sat 12 Apr 2025 07:30:16 +0000 Files and hashes: 1: JbCzFZvpDPGiOyUhpSER_wOQXvc.crl (hash: DNBxyjqDH4CVhymD7kl9M7BFhCaJlUNmjpsACyyspO0=) 2: 3051CA240FBB11F0B9C1D274C4F9AE02.roa (hash: LQXESBC03M55eTRwU/sXkaRTACDEQkRKoyFYlNpa2vw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.crl rsync://rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JbCzFZvpDPGiOyUhpSER_wOQXvc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:13:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A716 Validity Not Before: Apr 5 07:30:16 2025 GMT Not After : Apr 12 07:30:16 2025 GMT Subject: CN=67f0dc08-3bec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:3b:15:dd:10:46:9d:bb:86:72:e7:28:0a:42: f5:a2:c0:51:4d:d7:31:fe:b1:6f:ba:f0:46:12:35: 96:25:16:5a:49:cd:f4:c1:f9:97:e0:fd:54:76:5a: c2:6a:a3:82:ee:f4:7e:b5:24:43:9c:1e:17:10:d2: fd:b5:ef:dc:36:71:32:e6:7a:e7:d2:ff:dd:63:42: 12:b0:b8:71:a9:eb:ef:bf:ae:47:fc:e2:60:b2:c5: d4:72:73:67:93:34:a3:7c:4b:d2:93:6f:c3:3b:1b: 55:53:b4:7d:e4:7e:d0:90:a4:ab:ad:86:a6:bd:c0: b2:69:1b:28:19:d8:7c:05:60:d2:df:38:ef:a1:f1: 5c:ab:11:39:73:f9:15:8d:05:aa:b7:73:ab:ac:13: db:6b:3e:e6:48:12:31:ea:b3:44:3c:aa:d6:e5:2f: 76:94:67:ce:f9:e7:f8:08:2c:2d:d9:04:8b:6d:31: 52:00:29:88:80:de:48:67:2a:cf:59:67:58:f2:17: fa:6b:13:4e:0e:09:d0:4c:e1:85:d5:e5:e5:61:66: fd:0c:34:49:e4:65:d3:81:b6:6f:72:3e:89:24:bc: 70:ad:6f:5d:5f:fc:fb:84:f0:30:74:4c:fb:bd:4f: f4:b3:cc:3d:f0:8d:f1:8c:d8:86:4e:d0:56:aa:e4: 3b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:AB:C8:9E:C9:05:1F:93:8D:EC:43:31:C2:DF:A2:E5:3C:6B:8F:51 X509v3 Authority Key Identifier: keyid:25:B0:B3:15:9B:E9:0C:F1:A2:3B:25:21:A5:21:11:FF:03:90:5E:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JbCzFZvpDPGiOyUhpSER_wOQXvc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A716/6019D3FC0F9B11F0ABC84074C4F9AE02/JbCzFZvpDPGiOyUhpSER_wOQXvc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:cb:9d:12:b7:ce:5d:bc:17:35:e2:b7:e1:de:79:61:8e:50: 53:a1:95:6f:da:a8:bb:39:3a:8c:3e:20:c1:2c:87:8f:72:55: 57:3c:86:09:c3:02:84:34:be:bc:1f:3d:73:a5:17:92:a3:e2: 5a:4a:4e:4c:26:90:2a:63:4d:12:9c:47:a1:f4:54:82:a7:06: bc:8f:b0:81:7f:30:d4:5a:ce:93:89:3a:e6:6f:56:26:39:16: ab:20:ce:2c:fb:65:2c:f6:74:0e:f8:59:41:7f:29:83:d6:04: 1f:db:82:b7:97:13:56:fa:a1:51:79:10:04:dc:69:ea:18:90: 92:e8:08:41:69:26:dc:76:e9:2d:ed:c9:0c:ce:dc:64:ec:6a: 28:09:9b:c7:e9:05:0c:96:61:47:a5:4d:4c:27:15:a6:1f:50: ab:0f:d0:a1:bc:e7:39:12:79:4d:38:e8:19:72:39:89:cf:7a: ab:cb:b0:c2:07:b0:c9:36:a6:44:21:20:1b:da:7b:0f:fb:a6: c3:76:1a:eb:02:b9:87:e1:03:3f:d5:57:86:7a:7e:3b:78:4d: dc:18:e0:25:25:a7:3a:f6:09:87:2a:1b:68:ad:1a:8a:c9:f7: 70:c6:27:4e:3c:8b:98:4d:7b:2c:fc:7c:c5:b2:4d:75:a3:74: 72:b8:49:fd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 QTcxNjExMC8GA1UEBRMoMjVCMEIzMTU5QkU5MENGMUEyM0IyNTIxQTUyMTExRkYw MzkwNUVGNzAeFw0yNTA0MDUwNzMwMTZaFw0yNTA0MTIwNzMwMTZaMBgxFjAUBgNV BAMTDTY3ZjBkYzA4LTNiZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDjOxXdEEadu4Zy5ygKQvWiwFFN1zH+sW+68EYSNZYlFlpJzfTB+Zfg/VR2WsJq o4Lu9H61JEOcHhcQ0v2179w2cTLmeufS/91jQhKwuHGp6++/rkf84mCyxdRyc2eT NKN8S9KTb8M7G1VTtH3kftCQpKuthqa9wLJpGygZ2HwFYNLfOO+h8VyrETlz+RWN Baq3c6usE9trPuZIEjHqs0Q8qtblL3aUZ8755/gILC3ZBIttMVIAKYiA3khnKs9Z Z1jyF/prE04OCdBM4YXV5eVhZv0MNEnkZdOBtm9yPokkvHCtb11f/PuE8DB0TPu9 T/SzzD3wjfGM2IZO0Faq5DuTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1qvInskF H5ON7EMxwt+i5Txrj1EwHwYDVR0jBBgwFoAUJbCzFZvpDPGiOyUhpSER/wOQXvcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlBNzE2LzYwMTlEM0ZDMEY5 QjExRjBBQkM4NDA3NEM0RjlBRTAyL0piQ3pGWnZwRFBHaU95VWhwU0VSX3dPUVh2 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSmJDekZadnBEUEdpT3lVaHBTRVJfd09RWHZjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlB NzE2LzYwMTlEM0ZDMEY5QjExRjBBQkM4NDA3NEM0RjlBRTAyL0piQ3pGWnZwRFBH aU95VWhwU0VSX3dPUVh2Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF3LnRK3zl28FzXit+HeeWGOUFOhlW/aqLs5Oow+IMEsh49yVVc8hgnD AoQ0vrwfPXOlF5Kj4lpKTkwmkCpjTRKcR6H0VIKnBryPsIF/MNRazpOJOuZvViY5 Fqsgziz7ZSz2dA74WUF/KYPWBB/bgreXE1b6oVF5EATcaeoYkJLoCEFpJtx26S3t yQzO3GTsaigJm8fpBQyWYUelTUwnFaYfUKsP0KG85zkSeU046BlyOYnPeqvLsMIH sMk2pkQhIBvaew/7psN2GusCuYfhAz/VV4Z6fjt4TdwY4CUlpzr2CYcqG2itGorJ 93DGJ048i5hNeyz8fMWyTXWjdHK4Sf0= -----END CERTIFICATE-----Generated at Sat Apr 5 13:48:34 2025 by rpki-client