$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: +DeuhBNKd3xWhgir02445IfCLgjS6HFcoqBGSkAVHPg= Subject key identifier: 51:FB:46:E5:03:58:FA:23:C2:DA:44:7D:98:C2:8D:4E:EA:E2:E7:2D Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C56 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C4B Signing time: Thu 12 Jun 2025 18:19:22 +0000 Manifest this update: Thu 12 Jun 2025 18:19:22 +0000 Manifest next update: Thu 19 Jun 2025 18:19:22 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: 9IGofAFzFCJgMerVvCf4OUhU57kZ3vQnbrUNkW6Cmoc=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 18:19:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3158 (0xc56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Jun 12 18:19:22 2025 GMT Not After : Jun 19 18:19:22 2025 GMT Subject: CN=684b1a2a-b351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:5a:a2:7b:b6:ff:0e:13:3a:bc:37:15:2e:b1: 9f:c7:f6:1a:0f:8e:e1:03:08:27:5f:1b:ca:36:78: 74:58:30:5e:45:d0:80:b4:44:c9:19:dc:8b:de:61: 91:db:0a:9c:d5:26:ed:5b:e0:d3:0c:d4:f0:db:eb: 4e:82:12:7d:12:53:da:b8:09:23:81:9f:dd:7a:85: 21:69:1d:e2:54:d1:a1:29:99:0d:bb:aa:69:70:f1: 9c:da:f5:31:70:ac:05:fd:e4:6b:40:33:76:e7:bd: 6d:5d:3f:bb:06:cb:0b:52:6a:ad:a6:8b:66:95:5e: 37:10:28:4f:36:b2:9a:83:ce:6f:ed:aa:85:bd:9e: 96:a7:2a:4d:03:9d:2d:b5:06:69:b3:52:29:12:e7: 9d:5e:16:b3:63:1a:31:68:34:ff:d3:89:d8:66:6a: 0a:b4:95:ae:e5:92:55:30:37:b1:2b:ca:51:9d:16: 08:bc:d6:f3:86:f7:72:b0:69:35:98:f4:1a:5b:42: 17:8d:76:d4:73:7e:53:cf:76:4d:a8:ad:fe:83:00: eb:f9:6a:6c:8c:a0:9b:1e:a3:21:7a:b8:89:5f:b5: d6:08:0a:f7:c6:71:3d:45:bc:63:1d:8f:e1:64:30: ef:16:73:29:bb:5f:df:59:db:86:f8:a7:89:9a:86: 6d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:FB:46:E5:03:58:FA:23:C2:DA:44:7D:98:C2:8D:4E:EA:E2:E7:2D X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:5d:4f:f9:a2:d2:75:97:01:1c:a9:9b:32:12:eb:00:de:fa: 32:01:f5:a6:d7:53:4e:67:e9:b3:7e:bb:d1:6a:e5:14:50:77: b7:ae:bd:04:69:96:09:e0:e4:e0:4c:93:c2:8d:40:a8:c5:1c: ac:de:2d:a3:3a:ba:a5:97:fd:09:f6:b3:a3:44:35:65:2d:19: d1:43:72:e2:2b:01:2f:fb:62:40:66:9a:43:1d:5e:be:53:3d: 04:1b:c9:61:3b:53:ab:f9:6d:4c:92:7a:20:40:f5:4e:8e:9c: a9:40:d9:18:22:b9:aa:dd:cd:70:0b:16:d9:df:11:f7:66:a4: 94:5a:b8:e6:2d:3b:c2:ed:ea:ae:d5:f1:34:21:96:ef:e2:19: d2:47:c6:a9:07:7d:d3:d0:e0:5d:bc:fd:2f:91:0d:5c:71:51: d6:cf:14:33:7b:7f:35:74:a8:28:36:1f:51:36:81:2d:b5:bd: 3a:89:98:e5:bb:77:d6:f6:8d:af:01:8a:e7:27:35:e7:d5:9c: 3b:4a:a2:ac:e7:c7:ab:c9:5d:cc:79:a8:1b:24:be:6e:cb:a2: bc:a2:66:b6:90:01:5b:1f:ac:35:86:40:a5:24:1e:69:52:54: 87:a5:35:47:9f:1e:45:43:5d:e5:78:14:57:6f:c2:52:b0:c5: d2:c6:50:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwNjEyMTgxOTIyWhcNMjUwNjE5MTgxOTIyWjAYMRYwFAYD VQQDEw02ODRiMWEyYS1iMzUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzFqie7b/DhM6vDcVLrGfx/YaD47hAwgnXxvKNnh0WDBeRdCAtETJGdyL3mGR 2wqc1SbtW+DTDNTw2+tOghJ9ElPauAkjgZ/deoUhaR3iVNGhKZkNu6ppcPGc2vUx cKwF/eRrQDN2571tXT+7BssLUmqtpotmlV43EChPNrKag85v7aqFvZ6WpypNA50t tQZps1IpEuedXhazYxoxaDT/04nYZmoKtJWu5ZJVMDexK8pRnRYIvNbzhvdysGk1 mPQaW0IXjXbUc35Tz3ZNqK3+gwDr+WpsjKCbHqMheriJX7XWCAr3xnE9RbxjHY/h ZDDvFnMpu1/fWduG+KeJmoZtrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFH7RuUD WPojwtpEfZjCjU7q4uctMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoXU/5otJ1lwEcqZsyEusA3voyAfWm11NOZ+mzfrvRauUUUHe3rr0E aZYJ4OTgTJPCjUCoxRys3i2jOrqll/0J9rOjRDVlLRnRQ3LiKwEv+2JAZppDHV6+ Uz0EG8lhO1Or+W1MknogQPVOjpypQNkYIrmq3c1wCxbZ3xH3ZqSUWrjmLTvC7equ 1fE0IZbv4hnSR8apB33T0OBdvP0vkQ1ccVHWzxQze381dKgoNh9RNoEttb06iZjl u3fW9o2vAYrnJzXn1Zw7SqKs58eryV3MeagbJL5uy6K8oma2kAFbH6w1hkClJB5p UlSHpTVHnx5FQ13leBRXb8JSsMXSxlA/ -----END CERTIFICATE-----Generated at Fri Jun 13 02:23:33 2025 by rpki-client