$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.mft File: pOlXbOhgyP9flyr1k7QFTngj5kI.mft (raw, json) Hash identifier: M1FNPx2RRI3SE25CLyhk8bXAMnGx5xWptQR8b/YOkRM= Subject key identifier: 27:70:FE:9F:6A:5A:8E:E7:EF:A1:6B:38:4C:99:DC:F6:BA:57:5E:67 Authority key identifier: A4:E9:57:6C:E8:60:C8:FF:5F:97:2A:F5:93:B4:05:4E:78:23:E6:42 Certificate issuer: /CN=A9117E4D/serialNumber=A4E9576CE860C8FF5F972AF593B4054E7823E642 Certificate serial: 2B79 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/pOlXbOhgyP9flyr1k7QFTngj5kI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.mft Manifest number: 2B76 Signing time: Mon 20 May 2024 14:28:37 +0000 Manifest this update: Mon 20 May 2024 14:28:37 +0000 Manifest next update: Mon 27 May 2024 14:28:37 +0000 Files and hashes: 1: pOlXbOhgyP9flyr1k7QFTngj5kI.crl (hash: A06IR44pyz9e3Dkb2Zl860gmTB2hvqwigMpa3VLvl7c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.crl rsync://rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/pOlXbOhgyP9flyr1k7QFTngj5kI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 14:28:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11129 (0x2b79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117E4D/serialNumber=A4E9576CE860C8FF5F972AF593B4054E7823E642 Validity Not Before: May 20 14:28:37 2024 GMT Not After : May 27 14:28:37 2024 GMT Subject: CN=664b5e15-1541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:2e:23:99:0c:20:e9:67:89:92:e7:e9:ae:ea: ce:1f:62:d0:e2:8e:d2:09:7c:dc:52:07:bd:37:74: 47:03:52:8b:a5:a1:a2:e2:aa:a3:d4:82:45:91:31: 03:a9:6d:fc:14:1f:36:d6:22:a1:8c:8d:10:0e:aa: 3a:74:a5:2e:78:b4:cc:e5:83:41:b0:34:62:30:a2: 27:7f:61:70:67:0b:ec:62:47:73:13:04:01:57:83: 04:f5:d4:67:d8:ab:72:0b:7d:e5:5a:8f:66:a4:01: 00:43:f8:ef:d2:a1:c4:31:98:00:55:cc:5d:59:80: a1:25:16:96:e8:50:3b:7c:c2:c3:44:7f:76:00:a5: 79:0b:9f:a0:d9:24:22:7d:05:43:40:ac:0d:da:35: 57:fd:1a:18:a6:77:e3:90:3b:74:ee:00:76:32:4b: 7d:5e:93:03:20:df:e8:d4:74:d9:e0:df:10:a0:be: 54:8c:be:81:a9:a2:a3:73:0b:01:19:38:e7:f5:ba: c3:32:d0:50:92:46:1f:b1:9a:f4:ad:9a:76:c0:1a: 81:45:3a:22:11:d6:0b:a2:d3:c7:0f:2a:99:f1:fa: 2c:9e:ea:1b:c5:b3:5a:8e:e9:45:9d:c9:77:2f:cc: b0:a3:21:ee:1e:eb:40:c2:a3:ea:e8:93:0c:a3:c4: 97:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:70:FE:9F:6A:5A:8E:E7:EF:A1:6B:38:4C:99:DC:F6:BA:57:5E:67 X509v3 Authority Key Identifier: keyid:A4:E9:57:6C:E8:60:C8:FF:5F:97:2A:F5:93:B4:05:4E:78:23:E6:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/pOlXbOhgyP9flyr1k7QFTngj5kI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E4D/A64FBCE0C05811E39D8A06645911EA32/pOlXbOhgyP9flyr1k7QFTngj5kI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:79:9a:56:5b:36:44:52:a4:db:79:33:09:8b:72:7a:d7:2a: 29:95:8e:3d:67:48:87:b3:78:bc:d5:00:f0:02:63:37:90:95: 1d:3c:53:28:3f:da:74:b0:95:d3:60:68:04:dd:74:cd:1e:c0: cc:6c:85:ed:59:8f:3f:b6:0d:d7:3d:6b:a9:26:ca:48:13:83: 6c:b6:84:cc:6a:71:15:30:c3:be:d2:11:2e:63:b1:c5:46:bc: 84:c9:fe:bd:48:36:0e:08:d0:3c:ae:1e:e3:af:1c:17:e7:cc: 72:c3:a9:94:f0:ba:66:ab:fd:31:86:63:db:2c:22:c1:fa:73: 97:85:6c:3f:b2:02:51:af:45:a3:b0:37:50:de:bc:91:58:63: 60:01:54:ad:eb:04:b0:c9:df:fc:7e:54:7f:24:82:6c:c6:45: e0:77:4b:b0:3c:f6:a8:b4:e5:25:56:ce:b2:de:a9:7b:af:54: ef:9d:48:92:d3:c2:1f:ea:72:5e:fd:54:0f:0d:1c:4a:5f:9d: 8c:3d:af:c8:47:e0:e1:ef:2f:d4:ad:60:06:32:8c:73:df:ba: 5d:fd:82:93:ed:2d:f4:b8:32:86:de:37:f8:9c:db:5f:af:84: 94:41:06:0e:0f:4c:f3:11:51:6b:e6:81:69:6d:5d:57:9e:22: 6d:00:cf:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICK3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdFNEQxMTAvBgNVBAUTKEE0RTk1NzZDRTg2MEM4RkY1Rjk3MkFGNTkzQjQwNTRF NzgyM0U2NDIwHhcNMjQwNTIwMTQyODM3WhcNMjQwNTI3MTQyODM3WjAYMRYwFAYD VQQDEw02NjRiNWUxNS0xNTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtS4jmQwg6WeJkufprurOH2LQ4o7SCXzcUge9N3RHA1KLpaGi4qqj1IJFkTED qW38FB821iKhjI0QDqo6dKUueLTM5YNBsDRiMKInf2FwZwvsYkdzEwQBV4ME9dRn 2KtyC33lWo9mpAEAQ/jv0qHEMZgAVcxdWYChJRaW6FA7fMLDRH92AKV5C5+g2SQi fQVDQKwN2jVX/RoYpnfjkDt07gB2Mkt9XpMDIN/o1HTZ4N8QoL5UjL6BqaKjcwsB GTjn9brDMtBQkkYfsZr0rZp2wBqBRToiEdYLotPHDyqZ8fosnuobxbNajulFncl3 L8ywoyHuHutAwqPq6JMMo8SXTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCdw/p9q Wo7n76FrOEyZ3Pa6V15nMB8GA1UdIwQYMBaAFKTpV2zoYMj/X5cq9ZO0BU54I+ZC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0RC9BNjRGQkNFMEMw NTgxMUUzOUQ4QTA2NjQ1OTExRUEzMi9wT2xYYk9oZ3lQOWZseXIxazdRRlRuZ2o1 a0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3BPbFhiT2hneVA5Zmx5cjFrN1FGVG5najVrSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx N0U0RC9BNjRGQkNFMEMwNTgxMUUzOUQ4QTA2NjQ1OTExRUEzMi9wT2xYYk9oZ3lQ OWZseXIxazdRRlRuZ2o1a0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAeZpWWzZEUqTbeTMJi3J61yoplY49Z0iHs3i81QDwAmM3kJUdPFMo P9p0sJXTYGgE3XTNHsDMbIXtWY8/tg3XPWupJspIE4NstoTManEVMMO+0hEuY7HF RryEyf69SDYOCNA8rh7jrxwX58xyw6mU8Lpmq/0xhmPbLCLB+nOXhWw/sgJRr0Wj sDdQ3ryRWGNgAVSt6wSwyd/8flR/JIJsxkXgd0uwPPaotOUlVs6y3ql7r1TvnUiS 08If6nJe/VQPDRxKX52MPa/IR+Dh7y/UrWAGMoxz37pd/YKT7S30uDKG3jf4nNtf r4SUQQYOD0zzEVFr5oFpbV1XniJtAM+G -----END CERTIFICATE-----Generated at Mon May 20 17:23:06 2024 by rpki-client on console-ams.rpki-client.org