$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: lpRjAmFgtNCr8/kWAonqFrKSUN3XnUc0ukLv7IFA07k= Subject key identifier: 29:F4:A3:34:11:E5:57:F5:73:24:17:8D:5A:70:2D:09:30:48:CE:8F Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0C7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C71 Signing time: Fri 22 Aug 2025 18:33:53 +0000 Manifest this update: Fri 22 Aug 2025 18:33:52 +0000 Manifest next update: Fri 29 Aug 2025 18:33:52 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: 28mOmVWhjel3+6iGAy9Xn8ot+Fyqh+dzqfElYUXiCDM=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: fmgPgYqBF9oBKC2f0IYHXXUOKdyTPKcBMpy4SVGahtc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:33:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3197 (0xc7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Aug 22 18:33:52 2025 GMT Not After : Aug 29 18:33:52 2025 GMT Subject: CN=68a8b811-94d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ef:67:6e:3e:a5:c4:54:c8:d8:24:8f:bf:2a: dd:1e:09:23:fe:87:35:d4:92:e7:48:b7:6a:eb:2c: 56:dc:9b:e9:df:9a:f5:a1:ec:70:bc:e5:16:f9:59: e6:e6:80:ab:7f:99:43:49:3d:e3:64:b5:3a:10:1c: 82:da:84:4d:e6:1f:10:bb:71:06:3f:ea:dd:40:ff: 5a:e4:f9:7b:ee:aa:10:bd:2a:0f:06:50:45:0d:b6: a7:5d:2b:2c:0e:17:1f:9c:72:c7:d3:89:cc:46:f6: 09:8e:58:bc:d2:ce:c5:5e:5e:ba:d3:12:c6:ef:5e: 95:91:3b:5c:eb:4f:29:a0:3c:17:9e:46:95:de:fa: 95:09:04:2b:b8:5c:d5:12:80:f6:ab:08:1e:d8:e3: 5a:74:fd:d0:b4:f9:b6:6f:8c:57:fe:2b:58:95:b7: 22:60:bc:af:64:f4:92:0c:aa:2b:9c:e2:d5:40:e5: b5:43:3e:82:8d:d7:cd:19:f3:ea:7d:34:60:cd:72: da:86:10:15:c2:8d:b3:0d:f1:ce:0d:29:b8:18:9c: 9b:45:0b:ae:ab:72:e1:36:18:d0:22:cb:59:47:60: 76:71:38:ce:6c:87:c2:20:ba:bb:19:4c:1b:2e:44: 24:f7:b5:fe:ae:13:11:25:61:d0:92:86:27:12:7a: 70:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F4:A3:34:11:E5:57:F5:73:24:17:8D:5A:70:2D:09:30:48:CE:8F X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:9c:7c:ed:5e:2d:a3:bf:54:ec:84:9b:dd:a1:c3:29:f8:4d: 3c:fd:fa:cb:53:8f:bd:86:82:5d:22:e7:a2:7b:c2:43:cf:46: 2d:9c:f4:f2:53:72:76:ec:4d:bc:14:0b:2a:1b:a9:6b:85:90: b4:38:aa:59:0b:b1:16:17:ed:d6:f5:4b:fe:8f:39:76:28:bd: 75:d9:d4:24:e2:fb:b4:63:ce:4f:b0:c3:34:72:86:38:75:bb: 91:e2:a8:41:bb:0e:7d:d0:2a:27:49:5c:29:79:5b:29:26:f5: 40:53:d6:5c:78:40:2b:4a:7f:89:9d:2d:ee:b3:e5:00:6e:af: 2a:26:87:75:d7:18:1c:cb:7d:a0:c9:52:68:39:59:30:ee:3a: b6:75:6a:8b:98:3d:39:66:d1:8c:d3:7c:29:1e:7c:c4:84:a5: 7d:ec:98:9a:96:cd:35:39:12:68:81:dc:14:f1:aa:04:76:b4: 0f:9d:6a:2f:fd:b0:43:48:63:94:21:f6:75:dc:08:4b:77:4e: 30:37:51:06:d6:29:6f:14:79:19:19:61:6b:fa:0a:9d:0d:73: 61:2d:43:69:d5:7a:d5:f2:de:a2:bc:f2:9b:2d:78:bc:f9:f6: 3b:83:c8:da:83:0d:26:8a:bc:e7:ac:ce:0b:8d:44:9b:94:74: 82:6d:40:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUwODIyMTgzMzUyWhcNMjUwODI5MTgzMzUyWjAYMRYwFAYD VQQDEw02OGE4YjgxMS05NGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnu9nbj6lxFTI2CSPvyrdHgkj/oc11JLnSLdq6yxW3Jvp35r1oexwvOUW+Vnm 5oCrf5lDST3jZLU6EByC2oRN5h8Qu3EGP+rdQP9a5Pl77qoQvSoPBlBFDbanXSss DhcfnHLH04nMRvYJjli80s7FXl660xLG716VkTtc608poDwXnkaV3vqVCQQruFzV EoD2qwge2ONadP3QtPm2b4xX/itYlbciYLyvZPSSDKornOLVQOW1Qz6CjdfNGfPq fTRgzXLahhAVwo2zDfHODSm4GJybRQuuq3LhNhjQIstZR2B2cTjObIfCILq7GUwb LkQk97X+rhMRJWHQkoYnEnpwHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCn0ozQR 5Vf1cyQXjVpwLQkwSM6PMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfnHztXi2jv1TshJvdocMp+E08/frLU4+9hoJdIueie8JDz0YtnPTy U3J27E28FAsqG6lrhZC0OKpZC7EWF+3W9Uv+jzl2KL112dQk4vu0Y85PsMM0coY4 dbuR4qhBuw590ConSVwpeVspJvVAU9ZceEArSn+JnS3us+UAbq8qJod11xgcy32g yVJoOVkw7jq2dWqLmD05ZtGM03wpHnzEhKV97Jials01ORJogdwU8aoEdrQPnWov /bBDSGOUIfZ13AhLd04wN1EG1ilvFHkZGWFr+gqdDXNhLUNp1XrV8t6ivPKbLXi8 +fY7g8jagw0mirznrM4LjUSblHSCbUDe -----END CERTIFICATE-----Generated at Sat Aug 23 19:34:14 2025 by rpki-client