$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft File: JCmj7lCI89RTcqjjs2g0x16ubSk.mft (raw, json) Hash identifier: KIOPItbOvOcVl6rIcLrk+Sm4fHhgfkkk9BRNKsSxhqw= Subject key identifier: 87:03:49:2D:55:34:29:7D:7D:71:2A:23:7B:22:76:80:3C:5B:22:69 Authority key identifier: 24:29:A3:EE:50:88:F3:D4:53:72:A8:E3:B3:68:34:C7:5E:AE:6D:29 Certificate issuer: /CN=A91EE96E/serialNumber=2429A3EE5088F3D45372A8E3B36834C75EAE6D29 Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCmj7lCI89RTcqjjs2g0x16ubSk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft Manifest number: 28 Signing time: Sun 27 Apr 2025 06:36:45 +0000 Manifest this update: Sun 27 Apr 2025 06:36:45 +0000 Manifest next update: Sun 04 May 2025 06:36:45 +0000 Files and hashes: 1: JCmj7lCI89RTcqjjs2g0x16ubSk.crl (hash: qADKRcCZbR3IDV27cn/2JxhBGwXSLRMcAdre8Rn/jXM=) 2: FD36CD26EC2211EFAE200F79C4F9AE02.roa (hash: 31Dxym1vHZAUuP9HrMGwdQy+0zNPX5MVVrv3CWlz3bg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.crl rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCmj7lCI89RTcqjjs2g0x16ubSk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE96E, serialNumber=2429A3EE5088F3D45372A8E3B36834C75EAE6D29 Validity Not Before: Apr 27 06:36:45 2025 GMT Not After : May 4 06:36:45 2025 GMT Subject: CN=680dd07d-923e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:17:de:7a:b4:3a:0d:49:c1:ce:19:58:80:04: 86:ce:b6:34:15:e4:56:0b:a4:33:f4:23:4d:e5:4c: 5c:8c:27:39:b9:11:fb:18:ee:45:39:63:77:84:1c: 67:12:26:78:d5:59:bc:30:1e:cd:c1:0d:df:80:58: a4:05:ad:5f:6e:69:44:81:94:3f:f1:bf:6f:eb:26: d7:8b:88:c9:c9:fd:e0:1b:a4:14:78:59:07:27:57: a4:d3:5e:30:fd:32:ca:c4:ab:d3:f0:e1:8e:81:ac: 0a:5e:0d:45:1f:68:dd:ed:b0:64:4d:90:cd:8f:db: 52:40:a9:41:29:5d:c0:29:ca:30:77:8a:f3:80:22: 5f:2b:74:78:88:1f:04:26:c1:50:94:15:e5:b9:67: c7:42:93:b0:91:04:5f:4f:43:59:ed:41:e4:79:14: 52:5a:9d:45:12:57:93:61:27:0d:34:e9:70:ad:03: 8a:1e:c2:c9:32:dc:04:07:32:cb:66:38:0d:f0:c6: 23:dd:92:cc:ba:cf:91:1b:86:a6:c8:65:58:c7:5b: 86:18:be:ee:ac:ff:1a:be:fa:7e:7c:3b:29:99:1a: 17:6a:e8:b0:66:6f:52:79:c9:34:d5:7a:89:e1:15: a3:01:57:a0:1c:4f:40:45:eb:55:6b:63:ec:f6:b4: e5:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:03:49:2D:55:34:29:7D:7D:71:2A:23:7B:22:76:80:3C:5B:22:69 X509v3 Authority Key Identifier: keyid:24:29:A3:EE:50:88:F3:D4:53:72:A8:E3:B3:68:34:C7:5E:AE:6D:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCmj7lCI89RTcqjjs2g0x16ubSk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:34:44:bf:e8:02:b7:f9:a5:80:a3:8c:62:8a:9b:1c:65:86: c7:b3:8b:fa:ac:de:56:1f:f2:f7:2b:e3:6d:89:1c:07:4d:8e: d9:f2:2a:2d:b3:1c:dd:df:22:c4:f2:d4:17:9f:20:69:48:5c: d4:83:e8:d1:28:9a:50:9c:22:49:8e:0e:18:3e:19:86:03:45: e1:d6:12:63:82:86:a6:7a:84:f5:51:98:2e:d2:6a:59:79:d4: 15:fd:58:5c:1b:e4:15:1a:40:20:39:1f:46:9c:72:1c:8c:db: a1:fd:f5:aa:ab:cf:cb:54:57:a7:d9:38:a6:04:c1:65:20:d3: 76:0a:77:1a:5b:2e:2a:03:f7:bf:3e:18:6e:69:78:04:b6:63: 00:a7:c5:73:ac:cf:fc:09:3a:66:43:74:ee:de:6b:9f:d7:9a: f8:66:11:fa:4d:53:97:d8:39:ec:9e:d7:bb:55:94:8d:69:43: 3c:9b:06:41:6e:6a:ab:f1:b4:8a:72:7d:b2:bc:63:4f:5c:80: 3b:a5:1c:ff:4a:55:d0:f1:1f:2a:e5:09:8f:a4:84:ce:08:ef: 27:ae:ef:44:ed:eb:17:0d:cd:26:0c:c8:1d:fd:c0:63:c8:c1: b5:7c:9d:e6:9c:c9:cb:ca:2c:04:ac:34:1d:2c:a6:03:d2:5e: 6d:28:e8:a5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF RTk2RTExMC8GA1UEBRMoMjQyOUEzRUU1MDg4RjNENDUzNzJBOEUzQjM2ODM0Qzc1 RUFFNkQyOTAeFw0yNTA0MjcwNjM2NDVaFw0yNTA1MDQwNjM2NDVaMBgxFjAUBgNV BAMTDTY4MGRkMDdkLTkyM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/F956tDoNScHOGViABIbOtjQV5FYLpDP0I03lTFyMJzm5EfsY7kU5Y3eEHGcS JnjVWbwwHs3BDd+AWKQFrV9uaUSBlD/xv2/rJteLiMnJ/eAbpBR4WQcnV6TTXjD9 MsrEq9Pw4Y6BrApeDUUfaN3tsGRNkM2P21JAqUEpXcApyjB3ivOAIl8rdHiIHwQm wVCUFeW5Z8dCk7CRBF9PQ1ntQeR5FFJanUUSV5NhJw006XCtA4oewsky3AQHMstm OA3wxiPdksy6z5EbhqbIZVjHW4YYvu6s/xq++n58OymZGhdq6LBmb1J5yTTVeonh FaMBV6AcT0BF61VrY+z2tOUTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhwNJLVU0 KX19cSojeyJ2gDxbImkwHwYDVR0jBBgwFoAUJCmj7lCI89RTcqjjs2g0x16ubSkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFOTZFLzIzRDJGMTZFRUMy MTExRUZBMzU1NjA1RkM0RjlBRTAyL0pDbWo3bENJODlSVGNxampzMmcweDE2dWJT ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSkNtajdsQ0k4OVJUY3FqanMyZzB4MTZ1YlNrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVF OTZFLzIzRDJGMTZFRUMyMTExRUZBMzU1NjA1RkM0RjlBRTAyL0pDbWo3bENJODlS VGNxampzMmcweDE2dWJTay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALA0RL/oArf5pYCjjGKKmxxlhsezi/qs3lYf8vcr422JHAdNjtnyKi2z HN3fIsTy1BefIGlIXNSD6NEomlCcIkmODhg+GYYDReHWEmOChqZ6hPVRmC7Sall5 1BX9WFwb5BUaQCA5H0acchyM26H99aqrz8tUV6fZOKYEwWUg03YKdxpbLioD978+ GG5peAS2YwCnxXOsz/wJOmZDdO7ea5/XmvhmEfpNU5fYOeye17tVlI1pQzybBkFu aqvxtIpyfbK8Y09cgDulHP9KVdDxHyrlCY+khM4I7yeu70Tt6xcNzSYMyB39wGPI wbV8neacycvKLASsNB0spgPSXm0o6KU= -----END CERTIFICATE-----Generated at Sun Apr 27 10:27:19 2025 by rpki-client on console.sobornost.net