$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft File: JSnIA8s451HjaWq3li2CMUX81lk.mft (raw, json) Hash identifier: To0ckjU2nJ2L09NdtyIX0O2oGxXQ2i+1YvdT4KIR1ik= Subject key identifier: 28:A1:BB:72:AA:2A:1E:55:A8:58:2F:F9:F9:F6:D7:13:05:03:59:96 Authority key identifier: 25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 Certificate issuer: /CN=A91B6CE4/serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Certificate serial: 12D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft Manifest number: 12CC Signing time: Sat 28 Jun 2025 16:54:11 +0000 Manifest this update: Sat 28 Jun 2025 16:54:11 +0000 Manifest next update: Sat 05 Jul 2025 16:54:11 +0000 Files and hashes: 1: JSnIA8s451HjaWq3li2CMUX81lk.crl (hash: 2SM/lM882GYu6herXH7g1+0AlYKGMtcJKgjlc4SqYH4=) 2: B3D4AEB8BFC011E8A7F4204CC4F9AE02.roa (hash: KCnIrYwfu7lFXb4I5Fn3ggrFhAeTiDDSoEEewMbwbp4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 16:54:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4825 (0x12d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6CE4, serialNumber=2529C803CB38E751E3696AB7962D823145FCD659 Validity Not Before: Jun 28 16:54:11 2025 GMT Not After : Jul 5 16:54:11 2025 GMT Subject: CN=68601e33-eeaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5c:64:6c:33:3c:5e:48:2e:a4:70:e4:51:3c: 66:d8:16:5f:d9:45:fd:ec:ba:e9:59:08:73:ca:5d: 0f:58:e2:ec:3d:11:0c:2d:6f:8c:4b:57:4a:0a:e7: 1a:47:0e:46:01:ef:2b:85:c0:8d:1f:0d:79:50:68: 1d:94:b9:6a:ec:0f:fd:74:ae:f2:fc:33:75:2b:46: ad:3f:d5:90:4a:31:c2:5b:0f:e2:46:29:2b:7d:ab: f9:38:d0:49:ed:41:dc:be:26:4a:82:17:41:d1:7a: aa:c5:05:de:eb:59:36:eb:c9:78:d2:f9:77:2d:be: 3e:8d:c4:11:a5:ca:9f:21:61:d5:3a:93:90:1a:2c: e2:1a:c0:84:aa:59:87:72:79:30:76:f3:b9:ae:07: 0b:e5:fb:53:89:14:f5:c0:16:11:7c:dc:d1:75:46: 41:8e:61:5c:0e:80:6e:3c:99:65:69:7d:98:b7:7f: df:ea:8d:9d:a6:53:28:b0:27:ce:f3:cd:08:ca:e6: 9a:db:62:67:ff:85:de:cd:2d:08:ca:3c:4c:b9:e7: 8c:5e:ad:1e:20:9f:34:a8:05:c9:2d:28:59:ab:5e: 19:86:e7:19:cc:96:07:68:08:21:c6:73:72:4b:f0: 2f:25:fd:1a:d2:e6:41:76:64:c1:83:a8:17:14:7f: 66:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:A1:BB:72:AA:2A:1E:55:A8:58:2F:F9:F9:F6:D7:13:05:03:59:96 X509v3 Authority Key Identifier: keyid:25:29:C8:03:CB:38:E7:51:E3:69:6A:B7:96:2D:82:31:45:FC:D6:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSnIA8s451HjaWq3li2CMUX81lk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6CE4/08ED1788BFC011E8A6A8554BC4F9AE02/JSnIA8s451HjaWq3li2CMUX81lk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:2f:95:5e:eb:c9:79:68:2d:fd:1c:de:66:72:e6:1f:3c:f8: 29:e4:4c:a9:81:62:06:6d:c0:4e:05:08:a5:0b:e1:0c:5e:44: 20:54:90:23:6b:b9:2a:e6:77:47:2f:13:4c:53:ab:07:f4:0b: 9e:a1:53:3a:6c:a0:ed:01:c8:e6:07:2b:aa:cd:a1:c8:0b:1a: 75:a3:f3:e9:35:be:2b:7d:c3:fd:04:a0:a4:e9:70:73:63:6a: a0:a5:e5:6f:05:d4:30:47:8a:4e:8e:f9:b0:1d:1b:4d:d1:8d: e5:e4:50:8c:9d:f5:18:05:f2:bb:b6:f8:52:ec:7d:08:ab:a0: e2:70:43:b5:4a:c0:70:b1:7c:2d:20:c2:dd:4f:46:d9:b6:fd: 1c:73:af:aa:93:0a:64:96:f8:bc:ac:fa:e2:fb:8d:5e:0e:55: 0b:ca:d5:ff:c0:32:9f:67:56:e2:5c:5e:c7:cd:0b:7c:f4:2d: 15:e4:fc:27:50:de:0d:02:4f:d0:50:a0:b5:b7:cf:1c:2d:58: 47:eb:bc:93:78:c1:83:4d:69:e3:5d:cb:72:85:32:5f:b2:51: 6d:a1:22:c1:6d:62:79:69:2e:e7:ea:dc:d8:e1:3d:72:88:85: 7e:0c:1e:52:bd:e7:34:a9:11:02:cd:1a:ba:f4:30:89:49:e0: c0:95:5a:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZDRTQxMTAvBgNVBAUTKDI1MjlDODAzQ0IzOEU3NTFFMzY5NkFCNzk2MkQ4MjMx NDVGQ0Q2NTkwHhcNMjUwNjI4MTY1NDExWhcNMjUwNzA1MTY1NDExWjAYMRYwFAYD VQQDEw02ODYwMWUzMy1lZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvlxkbDM8XkgupHDkUTxm2BZf2UX97LrpWQhzyl0PWOLsPREMLW+MS1dKCuca Rw5GAe8rhcCNHw15UGgdlLlq7A/9dK7y/DN1K0atP9WQSjHCWw/iRikrfav5ONBJ 7UHcviZKghdB0XqqxQXe61k268l40vl3Lb4+jcQRpcqfIWHVOpOQGiziGsCEqlmH cnkwdvO5rgcL5ftTiRT1wBYRfNzRdUZBjmFcDoBuPJllaX2Yt3/f6o2dplMosCfO 880Iyuaa22Jn/4XezS0IyjxMueeMXq0eIJ80qAXJLShZq14ZhucZzJYHaAghxnNy S/AvJf0a0uZBdmTBg6gXFH9mPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCihu3Kq Kh5VqFgv+fn21xMFA1mWMB8GA1UdIwQYMBaAFCUpyAPLOOdR42lqt5YtgjFF/NZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkNFNC8wOEVEMTc4OEJG QzAxMUU4QTZBODU1NEJDNEY5QUUwMi9KU25JQThzNDUxSGphV3EzbGkyQ01VWDgx bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pTbklBOHM0NTFIamFXcTNsaTJDTVVYODFsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkNFNC8wOEVEMTc4OEJGQzAxMUU4QTZBODU1NEJDNEY5QUUwMi9KU25JQThzNDUx SGphV3EzbGkyQ01VWDgxbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPL5Ve68l5aC39HN5mcuYfPPgp5EypgWIGbcBOBQilC+EMXkQgVJAj a7kq5ndHLxNMU6sH9AueoVM6bKDtAcjmByuqzaHICxp1o/PpNb4rfcP9BKCk6XBz Y2qgpeVvBdQwR4pOjvmwHRtN0Y3l5FCMnfUYBfK7tvhS7H0Iq6DicEO1SsBwsXwt IMLdT0bZtv0cc6+qkwpklvi8rPri+41eDlULytX/wDKfZ1biXF7HzQt89C0V5Pwn UN4NAk/QUKC1t88cLVhH67yTeMGDTWnjXctyhTJfslFtoSLBbWJ5aS7n6tzY4T1y iIV+DB5Svec0qRECzRq69DCJSeDAlVqm -----END CERTIFICATE-----Generated at Sun Jun 29 10:43:04 2025 by rpki-client