$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: 8NuCRNksJ0hwbcUpqL30rmRjAaG/tsIrKPXOwv69R98= Subject key identifier: AE:F3:C0:EA:00:D8:9F:45:69:C2:A8:B2:AC:5D:17:02:59:E9:86:50 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C55 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C4A Signing time: Tue 10 Jun 2025 18:24:05 +0000 Manifest this update: Tue 10 Jun 2025 18:24:04 +0000 Manifest next update: Tue 17 Jun 2025 18:24:04 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: dZi4aHvIP7xFRViZV6BFH1VVZm0w6fH7z/l6tZ+j0Qc=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 18:24:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3157 (0xc55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Jun 10 18:24:04 2025 GMT Not After : Jun 17 18:24:04 2025 GMT Subject: CN=68487844-0fc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:26:8e:b4:a0:69:41:1c:e9:af:4f:50:fe:11: a2:44:ac:6b:f5:0d:2f:aa:07:32:03:ff:19:57:b7: 64:2b:0f:87:c1:f5:49:68:6d:fb:8c:02:6a:8e:e2: 90:a2:59:39:56:46:a5:0c:04:93:03:ea:7d:e3:51: 87:a9:c3:eb:31:02:76:d9:81:7b:bd:7e:1f:d3:e1: e8:e2:9b:cd:ff:31:02:57:31:6d:5e:3f:a6:d0:9a: aa:00:0f:67:9c:b0:3f:67:3a:1b:2b:1f:41:d0:39: b9:cf:1f:f6:2d:6f:57:41:3b:80:7b:42:89:82:c6: 41:27:f2:e3:66:8a:ed:61:86:9b:4c:f2:3f:c4:91: 42:70:13:61:15:f1:40:2d:74:4d:cc:0e:58:58:4d: 9f:79:2f:2e:f3:e2:35:5b:5a:a4:b0:d3:e2:d6:2e: f4:bf:97:1c:62:ee:61:0d:8a:eb:b5:90:3f:a9:40: 05:26:08:0c:00:a0:51:0f:89:eb:39:f4:e9:2d:70: f8:f9:72:ce:12:a9:e8:82:12:ad:c6:9c:09:74:64: 23:75:a3:2f:06:47:f5:e5:78:8c:20:93:bc:26:0d: 3f:6b:5b:1f:ea:7d:8c:88:fa:27:b1:b0:f2:ba:9b: 69:21:6c:0f:10:9f:82:cb:0c:93:3f:3a:74:99:04: 8f:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:F3:C0:EA:00:D8:9F:45:69:C2:A8:B2:AC:5D:17:02:59:E9:86:50 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:15:a4:96:e9:01:be:a1:49:1d:21:51:8a:c5:f2:2e:72:49: 35:03:9c:bb:3a:36:ea:2b:37:8e:03:7a:21:c1:a0:50:3b:78: 12:89:95:b5:26:38:1e:86:df:a0:f0:d2:b6:74:6e:0d:1b:0d: 9a:d7:ad:ff:c8:73:dc:02:65:81:70:88:40:7d:a3:e6:2e:c3: 20:79:c2:48:d7:91:d2:2e:b3:b4:3a:1a:f2:89:d2:2d:a8:68: 16:92:70:2c:89:2f:d5:08:91:39:17:f5:34:e3:5d:ba:61:e2: c7:6a:58:f5:c1:10:d8:90:5f:ef:9f:17:e6:51:5c:63:d5:32: ed:67:e8:93:54:a8:b1:0a:ab:22:67:f4:db:9d:30:eb:cf:17: 29:36:3c:03:c8:cf:a4:eb:ce:b5:c5:54:34:6b:1c:e7:be:68: 98:49:3d:14:75:c8:19:90:c9:67:1f:5a:ef:10:90:07:e7:a9: e4:55:ed:6a:4c:ba:38:3a:80:f4:68:d6:ee:19:89:66:9f:60: d2:9e:ae:6b:6b:2b:14:8f:42:b4:bf:f4:8c:5f:f0:c6:e1:43: 38:11:7d:5d:28:d5:30:e7:33:fa:96:79:b6:eb:53:21:ff:17: 4c:5e:f8:33:f2:af:1c:51:9c:05:f0:82:59:04:a6:17:5b:ef: a5:1e:a2:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwNjEwMTgyNDA0WhcNMjUwNjE3MTgyNDA0WjAYMRYwFAYD VQQDEw02ODQ4Nzg0NC0wZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0iaOtKBpQRzpr09Q/hGiRKxr9Q0vqgcyA/8ZV7dkKw+HwfVJaG37jAJqjuKQ olk5VkalDASTA+p941GHqcPrMQJ22YF7vX4f0+Ho4pvN/zECVzFtXj+m0JqqAA9n nLA/ZzobKx9B0Dm5zx/2LW9XQTuAe0KJgsZBJ/LjZortYYabTPI/xJFCcBNhFfFA LXRNzA5YWE2feS8u8+I1W1qksNPi1i70v5ccYu5hDYrrtZA/qUAFJggMAKBRD4nr OfTpLXD4+XLOEqnoghKtxpwJdGQjdaMvBkf15XiMIJO8Jg0/a1sf6n2MiPonsbDy uptpIWwPEJ+CywyTPzp0mQSPBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK7zwOoA 2J9FacKosqxdFwJZ6YZQMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNFaSW6QG+oUkdIVGKxfIuckk1A5y7OjbqKzeOA3ohwaBQO3gSiZW1 Jjgeht+g8NK2dG4NGw2a163/yHPcAmWBcIhAfaPmLsMgecJI15HSLrO0OhryidIt qGgWknAsiS/VCJE5F/U04126YeLHalj1wRDYkF/vnxfmUVxj1TLtZ+iTVKixCqsi Z/TbnTDrzxcpNjwDyM+k6861xVQ0axznvmiYST0UdcgZkMlnH1rvEJAH56nkVe1q TLo4OoD0aNbuGYlmn2DSnq5raysUj0K0v/SMX/DG4UM4EX1dKNUw5zP6lnm261Mh /xdMXvgz8q8cUZwF8IJZBKYXW++lHqJN -----END CERTIFICATE-----Generated at Wed Jun 11 07:21:44 2025 by rpki-client