$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft File: JSnIA8s451HjaWq3li2CMUX81lk.mft (raw, json) Hash identifier: KF5HzlYAIxyfMtgkwSKiexvr8JZCX1B6pt7N0Z6Faak= Subject key identifier: C6:E7:58:3D:89:1E:73:39:C2:DF:0A:F3:AA:80:6C:14:BB:45:40:91 Authority key identifier: 25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 Certificate issuer: /CN=A91B6CE4/serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Certificate serial: 12F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft Manifest number: 12EA Signing time: Fri 22 Aug 2025 17:10:16 +0000 Manifest this update: Fri 22 Aug 2025 17:10:15 +0000 Manifest next update: Fri 29 Aug 2025 17:10:15 +0000 Files and hashes: 1: JSnIA8s451HjaWq3li2CMUX81lk.crl (hash: H3nqM7wnjRk/qWJm/SD6aA7ca0NeMmJzYduWpYjp78s=) 2: B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa (hash: 6hOTp4SmpuhM6odO1i0HOQXN93az6Qa4OUEoe22Ijvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:10:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4856 (0x12f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6CE4, serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Validity Not Before: Aug 22 17:10:15 2025 GMT Not After : Aug 29 17:10:15 2025 GMT Subject: CN=68a8a478-e3b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2b:31:8e:7c:26:6f:bb:c4:7b:b6:82:46:e9: 1a:ab:7c:b2:6f:72:c7:aa:9a:32:3c:8a:02:ec:c0: 0f:5d:dd:a8:f9:b9:80:f5:df:ac:7a:1a:cb:db:5f: db:e3:eb:a2:e8:cf:81:de:61:29:e4:0f:39:34:a8: e9:f2:b8:a8:65:0c:5a:35:5d:c4:bd:4e:ee:87:42: 50:68:fb:b3:42:5b:7f:ab:61:7c:4d:0d:e1:3e:ef: 7f:0e:b5:89:8a:3f:18:06:f3:ba:e7:99:af:0a:8f: 4d:1d:77:83:57:dc:b4:b0:d1:fd:3f:6b:2b:35:9c: 10:db:a0:b2:19:09:33:52:da:97:2f:9e:de:40:b5: 15:76:63:c4:78:25:8b:ce:3e:15:5e:b2:73:d0:76: 27:ae:13:1f:9e:90:28:4d:20:f5:5c:42:58:f1:53: 56:5f:64:2e:a2:ea:6d:49:b2:d9:71:ff:55:1d:1c: 77:42:04:a2:25:53:99:73:05:ac:fb:5f:1d:44:b0: 99:bd:8b:d2:78:69:9c:bd:00:b1:d5:d5:30:fc:41: cd:56:22:33:b1:3f:2e:89:89:c9:83:6c:8f:91:f3: f3:dd:da:f2:f2:85:c6:68:c9:93:ac:d9:a3:e0:75: e4:8c:4f:97:d2:c2:90:d1:8a:9f:91:33:07:0c:1f: 0a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:E7:58:3D:89:1E:73:39:C2:DF:0A:F3:AA:80:6C:14:BB:45:40:91 X509v3 Authority Key Identifier: keyid:25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:12:14:d4:85:33:31:54:44:4f:23:90:31:f9:0c:dc:49:ad: da:e4:9d:d1:32:69:00:38:d2:61:e7:6f:85:1b:92:4e:86:1a: 49:4e:a2:d0:67:e2:3c:cf:b2:48:13:c8:d6:92:a5:25:a7:0e: 99:9a:51:13:58:4c:4f:7d:20:3a:ba:c5:d1:0c:18:4a:ff:3b: f3:b1:bb:ff:8f:a5:75:f6:c1:11:97:07:63:bc:3e:1b:8a:22: 07:56:b2:c1:b7:a0:7e:05:1a:ed:aa:9a:32:73:90:f6:5a:43: f2:c3:8d:48:57:c7:b9:2d:78:d6:7d:0f:84:43:f9:36:26:ce: 86:14:b9:c6:98:de:1b:17:09:cd:77:d1:63:1d:3a:df:5e:cb: 8d:0d:26:a4:b0:5a:ee:e4:6d:95:a9:47:c5:e6:f4:ed:d7:18: 2c:87:c3:06:1a:79:39:c8:ec:12:8e:6c:72:d0:ad:81:ed:45: 5b:7c:f6:b2:ee:1d:7c:fd:8d:ab:3d:18:ef:89:98:05:af:fc: 64:81:50:46:8a:af:9b:6c:a0:4a:55:ba:67:86:08:75:8e:48: 03:aa:84:a0:5c:84:41:e0:f4:15:a8:91:44:d9:2b:31:fd:74: cc:05:9f:f6:83:0a:cb:b5:1c:65:22:57:43:67:62:21:2d:95: e9:1b:0f:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZDRTQxMTAvBgNVBAUTKDI1MjlDODAzQ0IzOEU3NTFFMzY5NkFCNzk2MkQ4MjMx NDVGQ0Q2NTkwHhcNMjUwODIyMTcxMDE1WhcNMjUwODI5MTcxMDE1WjAYMRYwFAYD VQQDEw02OGE4YTQ3OC1lM2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqysxjnwmb7vEe7aCRukaq3yyb3LHqpoyPIoC7MAPXd2o+bmA9d+sehrL21/b 4+ui6M+B3mEp5A85NKjp8rioZQxaNV3EvU7uh0JQaPuzQlt/q2F8TQ3hPu9/DrWJ ij8YBvO655mvCo9NHXeDV9y0sNH9P2srNZwQ26CyGQkzUtqXL57eQLUVdmPEeCWL zj4VXrJz0HYnrhMfnpAoTSD1XEJY8VNWX2QuouptSbLZcf9VHRx3QgSiJVOZcwWs +18dRLCZvYvSeGmcvQCx1dUw/EHNViIzsT8uiYnJg2yPkfPz3dry8oXGaMmTrNmj 4HXkjE+X0sKQ0YqfkTMHDB8K1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMbnWD2J HnM5wt8K86qAbBS7RUCRMB8GA1UdIwQYMBaAFCUpyAPLOOdR42lqt5YtgjFF/NZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkNFNC8wOEVEMTc4OEJG QzAxMUU4QTZBODU1NEJDNEY5QUUwMi9KU25JQThzNDUxSGphV3EzbGkyQ01VWDgx bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pTbklBOHM0NTFIamFXcTNsaTJDTVVYODFsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkNFNC8wOEVEMTc4OEJGQzAxMUU4QTZBODU1NEJDNEY5QUUwMi9KU25JQThzNDUx SGphV3EzbGkyQ01VWDgxbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdEhTUhTMxVERPI5Ax+QzcSa3a5J3RMmkAONJh52+FG5JOhhpJTqLQ Z+I8z7JIE8jWkqUlpw6ZmlETWExPfSA6usXRDBhK/zvzsbv/j6V19sERlwdjvD4b iiIHVrLBt6B+BRrtqpoyc5D2WkPyw41IV8e5LXjWfQ+EQ/k2Js6GFLnGmN4bFwnN d9FjHTrfXsuNDSaksFru5G2VqUfF5vTt1xgsh8MGGnk5yOwSjmxy0K2B7UVbfPay 7h18/Y2rPRjviZgFr/xkgVBGiq+bbKBKVbpnhgh1jkgDqoSgXIRB4PQVqJFE2Ssx /XTMBZ/2gwrLtRxlIldDZ2IhLZXpGw8R -----END CERTIFICATE-----Generated at Sat Aug 23 15:35:43 2025 by rpki-client