$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.mft File: JfnbYAet9vV-xO_3piv01C2nXsU.mft (raw, json) Hash identifier: newvSH11ub9Z07OT3JHjmd5jNbwUqCSu9XXdfEFu5cs= Subject key identifier: 27:19:75:3F:A7:00:E5:E8:88:15:8F:14:D4:89:1A:33:60:D2:68:34 Authority key identifier: 25:F9:DB:60:07:AD:F6:F5:7E:C4:EF:F7:A6:2B:F4:D4:2D:A7:5E:C5 Certificate issuer: /CN=A91D3F79/serialNumber=25F9DB6007ADF6F57EC4EFF7A62BF4D42DA75EC5 Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JfnbYAet9vV-xO_3piv01C2nXsU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.mft Manifest number: 0125 Signing time: Sun 11 May 2025 03:33:01 +0000 Manifest this update: Sun 11 May 2025 03:33:00 +0000 Manifest next update: Sun 18 May 2025 03:33:00 +0000 Files and hashes: 1: JfnbYAet9vV-xO_3piv01C2nXsU.crl (hash: dd65bxqyJSEtCjePzsuJDH8MQRu45Wq3tZKD2fbghhE=) 2: F4CDCE666F1C11EE8CA3F26AC4F9AE02.roa (hash: fsgwXlrQI8Xf5Rjyp/4eVuAgbFz37cGdGAMKHjxGUCY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.crl rsync://rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JfnbYAet9vV-xO_3piv01C2nXsU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:33:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3F79, serialNumber=25F9DB6007ADF6F57EC4EFF7A62BF4D42DA75EC5 Validity Not Before: May 11 03:33:00 2025 GMT Not After : May 18 03:33:00 2025 GMT Subject: CN=68201a6c-835f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:8c:37:ff:74:86:05:33:cc:95:c1:62:63:19: 13:37:c9:bc:a0:c6:98:71:41:b0:c7:13:e9:cc:8d: 3c:3a:ff:67:0b:05:57:a0:69:49:44:61:9d:26:7a: 83:5a:22:2b:2f:54:03:45:ff:dd:5f:52:94:d9:fa: 48:fc:73:4f:7f:3b:f0:d5:0a:ca:36:e6:46:5b:43: 82:e5:32:4a:14:55:aa:d5:89:d7:8a:61:a4:b6:a4: e5:da:d3:ff:5f:a3:85:54:d3:37:9f:4e:af:e7:fe: ef:e1:71:a3:74:a9:29:6f:d0:79:5f:a3:16:7f:75: 91:c9:92:22:73:f2:22:d9:84:8e:0a:84:fc:1a:32: 5a:90:ee:c2:fb:cb:c1:2e:bd:9b:fb:e7:b5:b9:6d: b4:3e:31:32:fa:34:c7:7c:be:31:9b:73:16:c0:1d: 47:58:77:0f:5d:ae:e1:2f:49:7a:c9:b2:a7:14:22: c8:a5:17:60:d0:8b:2f:67:3f:47:8d:ab:66:6b:bc: 0d:50:14:be:31:80:df:e4:c5:34:e2:88:00:93:cf: b1:f5:2d:29:bf:8e:3d:86:3d:53:0f:42:d0:7c:e4: 91:77:93:fc:72:38:14:e2:f0:bf:bd:18:1b:df:53: 17:fa:73:04:ac:f9:59:5b:17:a6:1a:d6:05:55:9a: 24:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:19:75:3F:A7:00:E5:E8:88:15:8F:14:D4:89:1A:33:60:D2:68:34 X509v3 Authority Key Identifier: keyid:25:F9:DB:60:07:AD:F6:F5:7E:C4:EF:F7:A6:2B:F4:D4:2D:A7:5E:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JfnbYAet9vV-xO_3piv01C2nXsU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3F79/FA31A2B26F1A11EE8D32E064C4F9AE02/JfnbYAet9vV-xO_3piv01C2nXsU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:93:74:27:30:61:c7:02:1c:ae:b2:a0:d5:fb:60:ef:9c:3a: 4c:de:87:6d:a4:38:76:aa:a2:1e:35:23:14:11:41:03:a3:31: 92:26:54:1d:da:ac:dc:9a:35:5a:a9:03:ab:56:6b:98:cd:56: 5e:89:75:79:94:dc:cf:cf:ef:51:35:d4:78:2a:9e:bc:6e:bb: 45:3b:5b:2b:de:d1:17:ee:21:8b:59:e8:c0:e2:da:d0:0b:ed: bb:5d:26:2a:ee:fa:73:97:7f:18:ac:2b:47:fc:09:4d:bf:19: f5:bb:7f:bf:d8:5a:6a:fe:96:40:13:7d:8a:b5:b9:4e:23:48: 25:89:c9:98:4a:49:c5:c8:bb:71:45:43:fe:9a:0f:31:0d:5f: 2d:eb:b2:74:75:0a:b0:f6:94:77:13:21:6a:f9:8e:39:dd:00: 53:3e:1d:5e:c3:17:25:6a:6d:c1:18:5b:ea:e5:10:23:71:43: 81:ab:d4:ad:ae:ef:38:95:73:5f:1a:4d:09:f3:eb:1e:b5:5d: fd:f8:a4:22:7a:37:70:9f:c8:ca:f7:dc:08:49:9c:e3:25:c3: 3c:a8:56:28:2d:f0:0c:ca:a5:09:3d:7d:28:53:f7:77:60:b9: a0:9b:7e:9e:4d:00:f0:a0:f3:11:fa:89:cf:da:64:57:23:63: 43:51:56:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNGNzkxMTAvBgNVBAUTKDI1RjlEQjYwMDdBREY2RjU3RUM0RUZGN0E2MkJGNEQ0 MkRBNzVFQzUwHhcNMjUwNTExMDMzMzAwWhcNMjUwNTE4MDMzMzAwWjAYMRYwFAYD VQQDEw02ODIwMWE2Yy04MzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxYw3/3SGBTPMlcFiYxkTN8m8oMaYcUGwxxPpzI08Ov9nCwVXoGlJRGGdJnqD WiIrL1QDRf/dX1KU2fpI/HNPfzvw1QrKNuZGW0OC5TJKFFWq1YnXimGktqTl2tP/ X6OFVNM3n06v5/7v4XGjdKkpb9B5X6MWf3WRyZIic/Ii2YSOCoT8GjJakO7C+8vB Lr2b++e1uW20PjEy+jTHfL4xm3MWwB1HWHcPXa7hL0l6ybKnFCLIpRdg0IsvZz9H jatma7wNUBS+MYDf5MU04ogAk8+x9S0pv449hj1TD0LQfOSRd5P8cjgU4vC/vRgb 31MX+nMErPlZWxemGtYFVZokxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCcZdT+n AOXoiBWPFNSJGjNg0mg0MB8GA1UdIwQYMBaAFCX522AHrfb1fsTv96Yr9NQtp17F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Y3OS9GQTMxQTJCMjZG MUExMUVFOEQzMkUwNjRDNEY5QUUwMi9KZm5iWUFldDl2Vi14T18zcGl2MDFDMm5Y c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pmbmJZQWV0OXZWLXhPXzNwaXYwMUMyblhzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE M0Y3OS9GQTMxQTJCMjZGMUExMUVFOEQzMkUwNjRDNEY5QUUwMi9KZm5iWUFldDl2 Vi14T18zcGl2MDFDMm5Yc1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfk3QnMGHHAhyusqDV+2DvnDpM3odtpDh2qqIeNSMUEUEDozGSJlQd 2qzcmjVaqQOrVmuYzVZeiXV5lNzPz+9RNdR4Kp68brtFO1sr3tEX7iGLWejA4trQ C+27XSYq7vpzl38YrCtH/AlNvxn1u3+/2Fpq/pZAE32KtblOI0glicmYSknFyLtx RUP+mg8xDV8t67J0dQqw9pR3EyFq+Y453QBTPh1ewxclam3BGFvq5RAjcUOBq9St ru84lXNfGk0J8+setV39+KQiejdwn8jK99wISZzjJcM8qFYoLfAMyqUJPX0oU/d3 YLmgm36eTQDwoPMR+onP2mRXI2NDUVYC -----END CERTIFICATE-----Generated at Mon May 12 16:02:54 2025 by rpki-client