$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: Z5uUQMwwYZSPSRKgOqgReTRdFLOGO0kJ/TecZCxe/QU= Subject key identifier: 86:E3:D8:31:06:BB:AA:96:81:55:9C:0E:61:6F:84:91:A4:14:E2:3B Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C55 Signing time: Wed 02 Jul 2025 18:42:19 +0000 Manifest this update: Wed 02 Jul 2025 18:42:19 +0000 Manifest next update: Wed 09 Jul 2025 18:42:19 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: jyy+3og+OcU80/12Cy5lR93XXzlF2lq/Obid4TtSTPQ=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: JkiQjxSrG6/RaUVfR49c5xHDDJTw7u5WZLOBsd3qe+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:42:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3168 (0xc60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Jul 2 18:42:19 2025 GMT Not After : Jul 9 18:42:19 2025 GMT Subject: CN=68657d8b-0a34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b0:59:74:2b:3e:d5:f2:17:dc:b9:0e:a9:c3: 3f:df:91:63:b9:ca:7a:38:72:c4:21:73:59:5f:0c: 0e:58:a7:8b:94:4d:49:4f:46:cc:c1:fc:ec:5c:b4: 2d:7a:81:d8:18:83:e8:b1:26:d0:ae:18:7c:e5:6a: 07:35:29:c1:04:83:66:f7:7b:b4:7d:d3:c8:c2:dd: 85:cc:67:3b:ce:ad:cb:a6:5b:9f:d6:16:ac:4f:1e: b1:3e:cf:c4:a1:e8:43:2f:63:b1:41:8b:c0:44:0f: 1f:36:dd:dd:8d:16:07:bd:5a:26:0b:07:6c:ac:f2: 20:dc:77:ad:3c:d9:af:53:b0:20:24:db:c7:2e:a5: 66:77:4a:d0:be:36:b9:93:9f:41:06:3d:29:37:34: 99:a2:6c:87:9c:88:ec:e1:53:87:11:4f:e4:00:aa: 8d:44:f7:f3:df:89:c8:11:80:d0:56:50:d5:c4:6d: bf:d2:ad:d3:29:1a:62:cc:b5:3d:a0:d5:86:89:b9: af:f0:4a:43:7a:ae:b7:8d:d3:90:21:d7:69:11:88: 4b:fd:5e:26:bb:09:93:aa:e0:8b:71:2e:7f:a6:94: 67:3d:a0:0f:0c:65:76:da:81:cf:0b:e8:88:ab:a8: bc:7e:63:94:84:13:d8:5b:ed:93:27:b0:cc:ca:51: d7:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:E3:D8:31:06:BB:AA:96:81:55:9C:0E:61:6F:84:91:A4:14:E2:3B X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:d7:ec:e9:b1:11:0d:0b:22:3e:b5:c2:5d:86:c0:80:b6:41: 4a:e5:ef:3f:ef:ff:13:0b:23:e7:e4:6d:10:a9:5f:96:95:f1: a1:3f:23:53:30:b9:2a:9d:ea:d0:8b:cf:24:24:55:72:a0:a5: 54:a2:28:03:75:71:4b:b8:75:0c:0d:74:bf:a3:bf:18:ae:08: 26:94:84:66:81:ba:12:32:a5:2e:f4:87:5c:5f:f7:24:b8:ce: 7c:c5:a0:35:2a:f7:00:ce:7e:61:26:a7:5d:83:7d:c4:3c:1e: 7d:dc:02:d2:bb:de:d0:1a:41:15:42:85:5a:b6:10:fb:4c:35: ee:18:53:22:3e:bd:14:fa:a3:35:08:af:7a:46:cf:e2:e9:f9: c1:d0:59:94:8b:94:01:42:e2:51:58:55:3f:14:52:c8:68:89: 8b:0a:1a:81:7a:90:13:7d:90:f1:85:ff:0b:04:d4:7a:ba:77: 6a:36:a7:59:a8:4c:ca:83:1e:b4:7c:65:d8:d0:de:a3:8f:b3: ef:fa:80:08:f8:e7:24:1f:5c:12:50:38:93:be:93:08:09:eb: 3a:e1:41:d1:f8:c6:0f:fe:7e:ce:2d:7b:dc:1f:75:89:4b:a8: 4b:b6:12:4c:9a:f1:96:9b:a2:9a:20:01:f7:5a:91:eb:bf:72: 0c:77:7c:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwNzAyMTg0MjE5WhcNMjUwNzA5MTg0MjE5WjAYMRYwFAYD VQQDEw02ODY1N2Q4Yi0wYTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAurBZdCs+1fIX3LkOqcM/35Fjucp6OHLEIXNZXwwOWKeLlE1JT0bMwfzsXLQt eoHYGIPosSbQrhh85WoHNSnBBINm93u0fdPIwt2FzGc7zq3Lpluf1hasTx6xPs/E oehDL2OxQYvARA8fNt3djRYHvVomCwdsrPIg3HetPNmvU7AgJNvHLqVmd0rQvja5 k59BBj0pNzSZomyHnIjs4VOHEU/kAKqNRPfz34nIEYDQVlDVxG2/0q3TKRpizLU9 oNWGibmv8EpDeq63jdOQIddpEYhL/V4muwmTquCLcS5/ppRnPaAPDGV22oHPC+iI q6i8fmOUhBPYW+2TJ7DMylHXgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIbj2DEG u6qWgVWcDmFvhJGkFOI7MB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAw1+zpsRENCyI+tcJdhsCAtkFK5e8/7/8TCyPn5G0QqV+WlfGhPyNT MLkqnerQi88kJFVyoKVUoigDdXFLuHUMDXS/o78YrggmlIRmgboSMqUu9IdcX/ck uM58xaA1KvcAzn5hJqddg33EPB593ALSu97QGkEVQoVathD7TDXuGFMiPr0U+qM1 CK96Rs/i6fnB0FmUi5QBQuJRWFU/FFLIaImLChqBepATfZDxhf8LBNR6undqNqdZ qEzKgx60fGXY0N6jj7Pv+oAI+OckH1wSUDiTvpMICes64UHR+MYP/n7OLXvcH3WJ S6hLthJMmvGWm6KaIAH3WpHrv3IMd3z3 -----END CERTIFICATE-----Generated at Thu Jul 3 00:28:12 2025 by rpki-client