$ rpki-client -vvf rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft File: JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft (raw, json) Hash identifier: ab4p1NqWTPmsLvsy+E7icvT+X/UZiDFqY9YT3Go1mN8= Subject key identifier: A2:87:32:A9:6F:0F:E8:86:46:82:5E:DA:7F:55:7E:0C:9B:27:56:3A Authority key identifier: 24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 Certificate issuer: /CN=A91820CC/serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft Manifest number: 35 Signing time: Tue 01 Jul 2025 08:43:11 +0000 Manifest this update: Tue 01 Jul 2025 08:43:10 +0000 Manifest next update: Tue 08 Jul 2025 08:43:10 +0000 Files and hashes: 1: JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl (hash: bQKHmZ1eVJ7RqsWnN46KnL+oQj4ONrJgrv3rJZuvVjM=) 2: D9D9E8C0191511F092B86383C4F9AE02.roa (hash: gLLXVBbnqOuYpmPZP1sg2HQN+ZDT78K787nO1Ano868=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:27:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91820CC, serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Validity Not Before: Jul 1 08:43:10 2025 GMT Not After : Jul 8 08:43:10 2025 GMT Subject: CN=68639f9f-9606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9c:49:9e:7c:00:f0:35:ae:5c:b8:71:0c:24: d2:bd:99:f5:8e:50:94:8e:b8:11:42:f9:25:83:f9: 43:b1:ad:9f:86:94:4a:77:c6:c4:86:b9:cb:f0:ae: 5d:92:fd:35:26:57:1e:a3:a0:7d:b5:13:a2:92:0f: 76:d7:9e:fd:eb:aa:f7:52:24:68:cf:a1:86:fa:9b: 45:08:0f:48:ba:45:2e:03:a3:1f:bf:9b:6a:02:65: 99:f5:19:04:bd:69:d9:4b:d6:48:67:da:85:c0:7c: 76:cb:b1:c8:9b:2a:41:c4:a0:95:30:99:a3:bb:3f: eb:a1:08:4a:bd:6c:bd:14:d8:61:e8:24:64:fa:f1: 10:f2:d5:16:75:95:be:08:65:b1:92:a5:f7:3a:8d: 71:8c:8c:4f:cd:4d:1b:ec:2e:7d:26:99:ca:bb:ac: 64:46:f7:1e:a4:28:27:3e:fd:55:af:26:78:06:b3: 33:eb:f3:27:d4:4a:3e:12:65:10:d1:f1:1c:d6:0e: c4:50:80:d9:0e:ac:72:c0:9a:11:f5:4b:98:d6:66: 5f:42:17:ac:82:09:f3:80:cc:c2:26:ac:26:93:88: 47:1c:fd:7d:08:9c:a5:25:52:2e:c3:de:ff:9e:2a: 13:a7:70:cc:35:3e:46:00:6d:a3:dd:bb:be:bf:57: b9:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:87:32:A9:6F:0F:E8:86:46:82:5E:DA:7F:55:7E:0C:9B:27:56:3A X509v3 Authority Key Identifier: keyid:24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:d8:bd:9c:ec:93:56:64:4d:f6:fd:b9:af:67:1f:cf:f6:2c: 68:f5:47:ab:65:55:95:65:e1:50:25:01:ce:ce:b0:5f:f1:45: 59:0d:5a:71:2c:32:3e:84:5a:a3:3b:2b:9b:68:ad:d2:11:0b: 88:b9:a0:95:11:ec:ad:f5:f4:26:93:84:57:55:71:5c:e3:0d: f3:6f:12:87:4c:98:43:94:89:94:da:f5:df:30:8c:63:c3:73: b6:19:94:27:7f:7f:fc:3a:4a:5e:c2:54:aa:c3:32:c1:ae:93: 00:84:32:d0:9a:ba:bd:6b:72:a9:64:b7:18:24:65:74:d0:43: 75:bb:6a:6c:c2:57:03:d9:e5:d7:12:17:f0:b9:03:24:e9:08: db:52:ad:1e:4c:4a:fe:65:a2:02:2f:8e:99:87:fb:5e:4f:e5: b0:13:54:08:71:87:f3:ca:40:8a:23:d0:e3:35:9b:f8:b3:5c: bb:60:2e:5a:47:11:a8:56:b8:87:d8:c8:a8:33:8e:4c:37:ec: d4:97:e6:e8:ef:e8:56:d6:e7:9f:1d:11:c8:f4:04:fa:c3:72: 74:86:eb:bf:e7:de:0b:06:f5:d9:a6:8b:fd:f8:bc:40:28:ca: 4c:21:39:ad:1a:09:34:38:bd:d9:ed:f3:16:2a:8d:96:f7:aa: 25:2e:c2:61 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MjBDQzExMC8GA1UEBRMoMjQ1M0NFN0M0MjUzREJCMkM3QUMzRDI5MDEzRTkwRDVG NTNDNUQwOTAeFw0yNTA3MDEwODQzMTBaFw0yNTA3MDgwODQzMTBaMBgxFjAUBgNV BAMTDTY4NjM5ZjlmLTk2MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCunEmefADwNa5cuHEMJNK9mfWOUJSOuBFC+SWD+UOxrZ+GlEp3xsSGucvwrl2S /TUmVx6joH21E6KSD3bXnv3rqvdSJGjPoYb6m0UID0i6RS4Dox+/m2oCZZn1GQS9 adlL1khn2oXAfHbLscibKkHEoJUwmaO7P+uhCEq9bL0U2GHoJGT68RDy1RZ1lb4I ZbGSpfc6jXGMjE/NTRvsLn0mmcq7rGRG9x6kKCc+/VWvJngGszPr8yfUSj4SZRDR 8RzWDsRQgNkOrHLAmhH1S5jWZl9CF6yCCfOAzMImrCaTiEcc/X0InKUlUi7D3v+e KhOncMw1PkYAbaPdu76/V7nzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUoocyqW8P 6IZGgl7af1V+DJsnVjowHwYDVR0jBBgwFoAUJFPOfEJT27LHrD0pAT6Q1fU8XQkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgyMENDL0JERDRBRjNDMEJE OTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdMSHJEMHBBVDZRMWZVOFhR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvSkZQT2ZFSlQyN0xIckQwcEFUNlExZlU4WFFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgy MENDL0JERDRBRjNDMEJEOTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdM SHJEMHBBVDZRMWZVOFhRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGXYvZzsk1ZkTfb9ua9nH8/2LGj1R6tlVZVl4VAlAc7OsF/xRVkNWnEs Mj6EWqM7K5tordIRC4i5oJUR7K319CaThFdVcVzjDfNvEodMmEOUiZTa9d8wjGPD c7YZlCd/f/w6Sl7CVKrDMsGukwCEMtCaur1rcqlktxgkZXTQQ3W7amzCVwPZ5dcS F/C5AyTpCNtSrR5MSv5logIvjpmH+15P5bATVAhxh/PKQIoj0OM1m/izXLtgLlpH EahWuIfYyKgzjkw37NSX5ujv6FbW558dEcj0BPrDcnSG67/n3gsG9dmmi/34vEAo ykwhOa0aCTQ4vdnt8xYqjZb3qiUuwmE= -----END CERTIFICATE-----Generated at Tue Jul 1 18:19:46 2025 by rpki-client