$ rpki-client -vvf rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft File: JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft (raw, json) Hash identifier: 0QkWlv/nuadE6Mx4eDbGM4Z1lgZeQjB//LijA2OcCQ4= Subject key identifier: 5A:63:7D:46:16:17:63:19:7A:52:86:95:1E:BB:C6:A4:9F:AA:BC:EC Authority key identifier: 24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 Certificate issuer: /CN=A91820CC/serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Certificate serial: 1B Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft Manifest number: 1A Signing time: Sun 11 May 2025 06:42:37 +0000 Manifest this update: Sun 11 May 2025 06:42:37 +0000 Manifest next update: Sun 18 May 2025 06:42:37 +0000 Files and hashes: 1: JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl (hash: WcPMUIlXct8f62duG2nr9GAdEJf2Xpg3JMjZMyrWvL8=) 2: D9D9E8C0191511F092B86383C4F9AE02.roa (hash: QZ2cZMYkPm+jK9/JMXPVcucYU0NqHDxW+giSXfrxEfc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27 (0x1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91820CC, serialNumber=2453CE7C4253DBB2C7AC3D29013E90D5F53C5D09 Validity Not Before: May 11 06:42:37 2025 GMT Not After : May 18 06:42:37 2025 GMT Subject: CN=682046dd-3389 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:f2:0e:51:86:63:ca:d8:54:b7:00:55:0a:2f: c4:61:ae:aa:64:81:41:37:57:15:58:de:e5:ab:e3: cf:54:0d:a8:7b:27:cf:b6:83:bd:33:03:53:7c:73: 8e:98:2e:1c:dc:71:79:c2:12:57:6b:6d:69:a8:a6: b3:63:8c:d5:3b:74:14:36:0a:e9:fa:df:23:49:e9: f2:56:34:91:9d:80:29:55:56:54:ef:70:8f:3c:a6: e9:fc:95:b6:db:df:47:ec:6f:ec:8a:61:c0:8a:99: 7b:b2:a8:33:99:e2:66:ae:5b:8f:5e:7c:a1:35:e4: 62:30:1f:e6:db:8a:4f:3c:49:a0:c9:55:6c:fb:24: 50:72:67:38:48:01:68:4e:18:57:6f:c6:98:58:26: 87:1b:66:6f:e4:94:64:6e:09:a0:95:b8:61:03:48: f5:94:21:57:71:c6:ef:5e:29:28:2b:4c:9d:0c:59: 3d:a9:02:2b:ef:a2:d6:0c:92:b4:0a:0a:e4:65:4a: 97:92:76:f7:50:82:d3:71:88:61:85:2b:d0:3b:04: 82:dc:fc:ee:ee:70:a4:ff:9c:12:4a:8a:a1:4c:3d: 82:85:12:8d:93:fa:80:c5:b2:86:2b:63:a5:6f:a6: 3b:04:19:75:fa:16:08:ef:f6:a9:dc:ad:aa:c6:b1: 56:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:63:7D:46:16:17:63:19:7A:52:86:95:1E:BB:C6:A4:9F:AA:BC:EC X509v3 Authority Key Identifier: keyid:24:53:CE:7C:42:53:DB:B2:C7:AC:3D:29:01:3E:90:D5:F5:3C:5D:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/JFPOfEJT27LHrD0pAT6Q1fU8XQk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91820CC/BDD4AF3C0BD911F08C607F87C4F9AE02/JFPOfEJT27LHrD0pAT6Q1fU8XQk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:db:d9:aa:6b:e9:43:91:a5:00:d5:66:dd:6c:0c:0b:60:b4: 53:2f:45:7c:a8:42:7f:d7:3a:9b:6e:33:a3:ff:76:2a:42:45: cc:f8:80:26:94:cd:f5:4b:d2:44:e0:34:c0:3b:be:61:0a:7c: 04:17:fd:ca:c7:cd:63:47:98:97:64:e7:40:a7:40:59:db:e3: f7:5e:64:f2:1b:f3:e2:a9:ef:76:f3:23:99:24:b9:cd:e2:2f: 94:65:2b:29:8c:dc:83:43:e5:fb:08:34:96:70:9c:5b:32:c8: 16:64:ff:e4:3a:7d:3b:ad:bd:be:94:0a:69:03:5e:f5:a4:a0: 49:b2:77:01:fd:aa:75:b7:09:1e:97:1f:56:e7:5c:ec:b9:4c: b8:ab:a4:9d:dd:38:3e:0d:67:f7:8f:46:ac:6c:a1:71:1c:4e: f5:45:1d:5c:19:12:35:35:3b:da:12:21:ff:dc:7c:c5:06:02: 1e:ad:74:96:b2:64:b9:92:16:cd:ff:14:65:c4:0a:00:4a:d8: 20:1b:bb:58:46:29:f4:c3:20:3f:e1:fd:6a:5f:10:cc:7c:29: 93:10:44:d2:58:53:07:4a:ae:28:6a:ca:c5:d3:c3:42:9a:5e: 51:05:fe:e6:cd:db:0b:5f:cb:8d:d2:9f:ce:63:92:54:7d:e7: 2d:fb:aa:99 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MjBDQzExMC8GA1UEBRMoMjQ1M0NFN0M0MjUzREJCMkM3QUMzRDI5MDEzRTkwRDVG NTNDNUQwOTAeFw0yNTA1MTEwNjQyMzdaFw0yNTA1MTgwNjQyMzdaMBgxFjAUBgNV BAMTDTY4MjA0NmRkLTMzODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCh8g5RhmPK2FS3AFUKL8RhrqpkgUE3VxVY3uWr489UDah7J8+2g70zA1N8c46Y LhzccXnCEldrbWmoprNjjNU7dBQ2Cun63yNJ6fJWNJGdgClVVlTvcI88pun8lbbb 30fsb+yKYcCKmXuyqDOZ4mauW49efKE15GIwH+bbik88SaDJVWz7JFByZzhIAWhO GFdvxphYJocbZm/klGRuCaCVuGEDSPWUIVdxxu9eKSgrTJ0MWT2pAivvotYMkrQK CuRlSpeSdvdQgtNxiGGFK9A7BILc/O7ucKT/nBJKiqFMPYKFEo2T+oDFsoYrY6Vv pjsEGXX6Fgjv9qncrarGsVYbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWmN9RhYX Yxl6UoaVHrvGpJ+qvOwwHwYDVR0jBBgwFoAUJFPOfEJT27LHrD0pAT6Q1fU8XQkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgyMENDL0JERDRBRjNDMEJE OTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdMSHJEMHBBVDZRMWZVOFhR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvSkZQT2ZFSlQyN0xIckQwcEFUNlExZlU4WFFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgy MENDL0JERDRBRjNDMEJEOTExRjA4QzYwN0Y4N0M0RjlBRTAyL0pGUE9mRUpUMjdM SHJEMHBBVDZRMWZVOFhRay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJHb2apr6UORpQDVZt1sDAtgtFMvRXyoQn/XOptuM6P/dipCRcz4gCaU zfVL0kTgNMA7vmEKfAQX/crHzWNHmJdk50CnQFnb4/deZPIb8+Kp73bzI5kkuc3i L5RlKymM3IND5fsINJZwnFsyyBZk/+Q6fTutvb6UCmkDXvWkoEmydwH9qnW3CR6X H1bnXOy5TLirpJ3dOD4NZ/ePRqxsoXEcTvVFHVwZEjU1O9oSIf/cfMUGAh6tdJay ZLmSFs3/FGXECgBK2CAbu1hGKfTDID/h/WpfEMx8KZMQRNJYUwdKrihqysXTw0Ka XlEF/ubN2wtfy43Sn85jklR95y37qpk= -----END CERTIFICATE-----Generated at Sun May 11 15:33:40 2025 by rpki-client