$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: gAKOWvoB4ZhGUMP37NO9g3cexYFw69Lco1PX4gHDbtg= Subject key identifier: 18:2D:E5:00:99:93:8B:CC:46:93:E0:9A:5C:F6:9E:96:F9:A0:01:FD Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C2D Signing time: Mon 14 Apr 2025 18:27:08 +0000 Manifest this update: Mon 14 Apr 2025 18:27:08 +0000 Manifest next update: Mon 21 Apr 2025 18:27:08 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: ojDlGMflvtOUzYo1WxwES0+Sdds31rLx1DqRmFgas6w=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 18:27:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3128 (0xc38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Apr 14 18:27:08 2025 GMT Not After : Apr 21 18:27:08 2025 GMT Subject: CN=67fd537c-2c4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:aa:c2:de:bf:a4:a0:9c:84:38:8f:b3:2f:da: 72:d3:66:ef:d7:a6:6c:26:3b:1a:b6:69:02:72:24: 10:18:92:b1:3b:11:7d:c3:ab:83:a7:1d:a4:8b:bd: 26:c9:93:58:94:04:b9:4a:f3:a3:5c:de:69:c4:8f: bf:d4:46:e8:27:1b:a0:f6:b8:53:c6:25:e2:f0:1c: 31:d2:65:7d:7f:af:c0:b7:bf:b4:88:29:39:e3:4a: 45:1f:31:4c:0e:5a:5d:43:ac:8d:9f:9a:cf:2c:2e: 65:90:1f:67:da:dd:8e:93:29:fa:f1:11:f7:9c:9e: 67:4f:1c:f5:0c:39:e2:52:0e:41:64:db:62:cf:9f: f5:c3:2e:59:22:00:e0:f5:ed:e7:c8:6f:a0:a3:f3: 6e:13:33:b0:9c:35:1a:ee:da:cd:58:3d:28:01:63: a0:24:14:fa:76:e3:9e:e5:37:13:1d:1e:c3:f7:57: 0e:2e:37:94:e7:fc:5c:22:56:64:51:19:b7:e9:b5: cd:ab:43:47:43:a3:46:7e:51:1a:c5:4a:55:4d:4b: 68:f5:fa:70:65:9b:ca:f4:51:f6:fa:e7:07:f2:b8: 48:78:72:0a:c2:bf:94:d2:59:eb:f6:41:d5:97:ed: 93:88:a8:b7:f4:d4:51:a8:df:63:27:ac:5e:4e:be: 87:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:2D:E5:00:99:93:8B:CC:46:93:E0:9A:5C:F6:9E:96:F9:A0:01:FD X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:05:6d:ac:6b:ac:10:42:5a:05:c1:15:72:a3:07:85:e6:ac: 93:69:a5:b1:03:0e:d1:d1:c0:a9:4d:01:d4:a3:d4:2b:a3:72: 6d:b4:95:d0:c9:34:d5:6a:98:07:aa:65:80:9c:35:89:f4:25: 2d:ac:b6:56:a2:35:79:ff:d0:63:8c:20:22:40:4a:f9:51:f7: 23:07:84:68:73:84:84:1b:c3:88:eb:f1:4e:5f:86:f9:9a:7e: c3:e6:54:47:cd:1c:da:44:0c:c4:57:30:36:78:89:36:4e:2d: 81:64:5c:b0:42:bb:ce:cc:5f:a2:12:94:fc:f2:36:8b:d4:0f: c0:9e:35:5c:74:6e:cb:83:c0:77:78:72:e4:4b:3c:75:53:18: 13:8e:77:6f:a1:24:30:1d:a9:1f:3a:3f:b9:9a:8c:b8:a5:4c: fd:92:d9:e0:96:7b:ea:6c:3b:f4:dd:9f:18:ea:75:d7:a8:9f: b0:0b:13:3f:ea:d0:71:8c:ab:fe:38:d0:4c:db:95:c6:b5:d5: ca:f8:03:77:d9:fa:de:77:94:94:0b:19:46:49:ad:00:75:08: c8:2d:0d:99:7b:04:d3:60:94:7d:9a:ef:2a:84:19:ce:98:2c: 56:ae:0c:a8:e3:7d:75:d4:b3:96:9f:21:b4:f9:12:f4:ac:da: 12:c3:f1:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwNDE0MTgyNzA4WhcNMjUwNDIxMTgyNzA4WjAYMRYwFAYD VQQDEw02N2ZkNTM3Yy0yYzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1arC3r+koJyEOI+zL9py02bv16ZsJjsatmkCciQQGJKxOxF9w6uDpx2ki70m yZNYlAS5SvOjXN5pxI+/1EboJxug9rhTxiXi8Bwx0mV9f6/At7+0iCk540pFHzFM DlpdQ6yNn5rPLC5lkB9n2t2Okyn68RH3nJ5nTxz1DDniUg5BZNtiz5/1wy5ZIgDg 9e3nyG+go/NuEzOwnDUa7trNWD0oAWOgJBT6duOe5TcTHR7D91cOLjeU5/xcIlZk URm36bXNq0NHQ6NGflEaxUpVTUto9fpwZZvK9FH2+ucH8rhIeHIKwr+U0lnr9kHV l+2TiKi39NRRqN9jJ6xeTr6HmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBgt5QCZ k4vMRpPgmlz2npb5oAH9MB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5BW2sa6wQQloFwRVyoweF5qyTaaWxAw7R0cCpTQHUo9Qro3JttJXQ yTTVapgHqmWAnDWJ9CUtrLZWojV5/9BjjCAiQEr5UfcjB4Roc4SEG8OI6/FOX4b5 mn7D5lRHzRzaRAzEVzA2eIk2Ti2BZFywQrvOzF+iEpT88jaL1A/AnjVcdG7Lg8B3 eHLkSzx1UxgTjndvoSQwHakfOj+5moy4pUz9ktnglnvqbDv03Z8Y6nXXqJ+wCxM/ 6tBxjKv+ONBM25XGtdXK+AN32fred5SUCxlGSa0AdQjILQ2ZewTTYJR9mu8qhBnO mCxWrgyo43111LOWnyG0+RL0rNoSw/Ho -----END CERTIFICATE-----Generated at Wed Apr 16 22:19:12 2025 by rpki-client