$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft File: yozvXh2MPaWsm67lsZbvBmCaOVk.mft (raw, json) Hash identifier: pucHukYTUInzsU3BsrhBNpt1OI0e74WHtwkkW1wzVNI= Subject key identifier: 2D:99:5C:A1:2C:A4:3D:24:40:6D:8F:DC:4E:9D:EB:71:35:29:C6:B5 Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 Certificate issuer: /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Certificate serial: 0A5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft Manifest number: 0A5A Signing time: Sat 18 May 2024 20:20:27 +0000 Manifest this update: Sat 18 May 2024 20:20:26 +0000 Manifest next update: Sat 25 May 2024 20:20:26 +0000 Files and hashes: 1: yozvXh2MPaWsm67lsZbvBmCaOVk.crl (hash: r2ckW90Qr+DNfUYLeIYOKNCzyx488EN4vjI6uStncd0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2650 (0xa5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959 Validity Not Before: May 18 20:20:26 2024 GMT Not After : May 25 20:20:26 2024 GMT Subject: CN=66490d8a-08d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1d:a1:3b:06:7c:dd:17:b2:bc:7d:2d:2a:46: 9e:ef:de:14:71:b8:36:74:08:a6:ff:0c:29:0c:75: ed:33:fd:96:fb:f2:aa:22:78:b9:d4:d1:fa:e2:eb: 48:83:05:47:c3:f0:13:5b:54:cd:2f:74:a5:c3:71: ae:49:e9:8e:25:f6:8e:b8:58:fc:4d:7a:fd:37:34: 5d:36:ca:f8:06:23:53:24:d1:51:e7:8c:11:e4:7e: 4d:e2:3b:e2:3d:31:59:a4:3d:90:14:32:7d:54:6d: a9:1c:bb:0b:50:66:9b:fa:91:b5:2c:aa:26:ea:1a: 23:82:57:4d:58:fa:ce:97:60:c1:23:4f:4d:c5:6a: 02:f2:d4:05:95:73:93:e9:34:ce:81:7a:4f:69:31: 05:b2:9a:73:dd:48:70:c9:ab:a5:49:6b:1f:11:ec: a9:dd:5e:a8:b0:41:6f:93:6e:f8:63:f1:7c:0c:64: 79:74:52:6b:4a:d8:94:31:a3:32:28:8a:92:bf:dc: 47:3a:b3:87:33:eb:0c:b6:8a:c6:f7:15:6a:57:dd: b2:7a:02:79:25:ca:4d:93:bf:b4:34:51:72:19:f9: bf:7e:6c:fa:eb:90:18:98:7e:70:8c:15:4a:7f:79: 2a:54:c2:7e:4b:91:df:c8:e4:4c:10:97:fd:a9:53: 8f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:99:5C:A1:2C:A4:3D:24:40:6D:8F:DC:4E:9D:EB:71:35:29:C6:B5 X509v3 Authority Key Identifier: keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:c3:3c:b8:e3:ce:a4:c4:ce:e3:17:9f:a2:9c:f8:9a:b1:c6: 36:a9:57:7e:f6:f5:c1:1a:10:b9:b9:8b:89:4d:f9:ee:d8:25: 7c:1a:bc:f4:3a:89:dd:fa:f9:ac:ec:f7:c9:6e:a7:d7:ef:c4: 77:92:aa:4f:f4:03:bc:fc:64:b9:af:c4:cc:f0:b8:55:81:ec: 31:7b:51:ef:6a:06:64:11:97:02:10:c4:df:05:cf:00:4d:b3: 5f:cd:95:00:ec:5e:2b:c1:c0:c0:8f:6a:d0:b3:1d:46:79:ad: 2d:5b:fa:d2:de:b0:79:2f:c9:6d:8e:02:cd:14:d1:cb:d2:d6: d9:cb:6f:03:ce:47:94:cb:9b:98:f7:1e:85:9b:07:32:13:5e: 5b:f2:75:4f:b9:63:72:3e:99:c1:35:7a:91:03:9a:5f:f1:58: 2b:2b:cc:0f:66:d5:41:7d:c9:b5:7d:a4:44:82:8a:a0:54:11: ba:0d:cf:fb:a5:6a:0d:92:3a:6e:7e:d2:95:d9:da:21:8a:91: e2:e8:b2:8d:ff:c6:b7:39:20:6b:5c:fa:6b:8e:5b:3f:2b:9f: b9:02:f9:e2:94:87:e2:df:43:7b:38:3d:39:20:24:57:38:52: 63:a8:1d:13:2b:b1:e5:88:4c:0f:bc:5e:15:52:f6:15:8f:af: ba:17:05:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2 NjA5QTM5NTkwHhcNMjQwNTE4MjAyMDI2WhcNMjQwNTI1MjAyMDI2WjAYMRYwFAYD VQQDEw02NjQ5MGQ4YS0wOGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyR2hOwZ83ReyvH0tKkae794Ucbg2dAim/wwpDHXtM/2W+/KqIni51NH64utI gwVHw/ATW1TNL3Slw3GuSemOJfaOuFj8TXr9NzRdNsr4BiNTJNFR54wR5H5N4jvi PTFZpD2QFDJ9VG2pHLsLUGab+pG1LKom6hojgldNWPrOl2DBI09NxWoC8tQFlXOT 6TTOgXpPaTEFsppz3UhwyaulSWsfEeyp3V6osEFvk274Y/F8DGR5dFJrStiUMaMy KIqSv9xHOrOHM+sMtorG9xVqV92yegJ5JcpNk7+0NFFyGfm/fmz665AYmH5wjBVK f3kqVMJ+S5HfyORMEJf9qVOP9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC2ZXKEs pD0kQG2P3E6d63E1Kca1MB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVCQS85M0UyRkIwQzNEQTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBh V3NtNjdsc1pidkJtQ2FPVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRwzy4486kxM7jF5+inPiascY2qVd+9vXBGhC5uYuJTfnu2CV8Grz0 Oond+vms7PfJbqfX78R3kqpP9AO8/GS5r8TM8LhVgewxe1HvagZkEZcCEMTfBc8A TbNfzZUA7F4rwcDAj2rQsx1Gea0tW/rS3rB5L8ltjgLNFNHL0tbZy28DzkeUy5uY 9x6FmwcyE15b8nVPuWNyPpnBNXqRA5pf8VgrK8wPZtVBfcm1faREgoqgVBG6Dc/7 pWoNkjpuftKV2dohipHi6LKN/8a3OSBrXPprjls/K5+5AvnilIfi30N7OD05ICRX OFJjqB0TK7HliEwPvF4VUvYVj6+6FwWk -----END CERTIFICATE-----Generated at Sat May 18 20:48:17 2024 by rpki-client on console-fra.rpki-client.org