$ rpki-client -vvf rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft File: QN1mK29ul7NNO3WoAH3lOI2SclM.mft (raw, json) Hash identifier: 9C3m+a60OWrJC7TfedYwh/XGwx0RAzN4RlilHzeD23k= Subject key identifier: EE:BB:A4:B7:51:A2:9C:BB:D1:68:84:53:06:D7:83:0D:32:4D:5A:04 Authority key identifier: 40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 Certificate issuer: /CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Certificate serial: 058C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft Manifest number: 0586 Signing time: Sun 19 May 2024 00:31:40 +0000 Manifest this update: Sun 19 May 2024 00:31:40 +0000 Manifest next update: Sun 26 May 2024 00:31:40 +0000 Files and hashes: 1: QN1mK29ul7NNO3WoAH3lOI2SclM.crl (hash: i3Rp/T0pKXPlK+Xutl/5L8zbn/+Q2lxOX5H52ZmuASg=) 2: 85613B4E8C8411EBB68DD829C4F9AE02.roa (hash: QHP0aD4ImRkFLj+jX01YDeLCypyOMufG/+vYnm1Iw50=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1420 (0x58c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Validity Not Before: May 19 00:31:40 2024 GMT Not After : May 26 00:31:40 2024 GMT Subject: CN=6649486c-e7c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:de:a4:c7:f5:81:d8:70:3c:c9:d5:50:5e:ae: 79:f1:dd:df:97:73:b2:4b:4a:81:7e:cf:70:dd:1b: 7d:66:92:3b:8d:03:b2:26:79:54:f8:98:9d:be:c6: 88:66:ad:1d:e1:57:86:fa:95:33:76:41:3d:e7:51: fe:c4:cf:6c:bd:8b:94:01:16:6b:d1:6d:af:d4:97: 25:82:c8:74:ad:0d:59:bc:d1:29:e8:74:09:e0:7d: da:4e:8e:19:22:f6:ba:0c:62:e1:f3:67:92:5e:03: ba:f0:aa:9c:a9:ee:0b:54:be:f5:33:3f:cf:48:85: 9a:d4:fc:84:95:9c:99:e6:18:4f:f4:5e:e6:78:40: e4:b8:c4:bf:76:05:bf:9f:76:52:d4:de:6e:86:af: 49:df:57:87:2b:fb:6c:72:bd:92:e3:70:5d:a0:93: a4:4d:35:da:df:5e:7f:b9:64:57:4c:a5:2a:92:b8: ec:69:e0:90:cf:e6:2d:fd:a7:69:72:99:a5:08:a3: 11:eb:1d:ad:63:af:1d:c1:b0:af:64:56:62:30:92: f8:28:7e:8a:30:20:cc:8a:d4:78:39:05:c7:a9:05: 80:3f:c1:61:86:06:35:d1:62:a5:e7:a9:ed:ec:00: 60:0a:a6:df:7c:b8:5b:8c:7f:77:31:06:89:2e:1d: 14:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:BB:A4:B7:51:A2:9C:BB:D1:68:84:53:06:D7:83:0D:32:4D:5A:04 X509v3 Authority Key Identifier: keyid:40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:be:3a:1a:99:07:9f:e5:05:fa:86:01:11:f5:0b:13:3e:3e: b1:32:9f:5e:2a:90:0d:f1:a3:0d:be:30:ff:29:8b:d9:c1:0a: b1:40:3d:f0:1e:28:e6:a2:4f:cd:18:66:e9:fa:a3:f6:da:c7: 23:72:f1:3a:c4:48:ba:e3:7e:b5:a3:0e:b5:49:52:2a:ae:74: 80:5c:82:09:1c:18:7d:73:24:d3:1a:8d:4e:69:d4:2a:97:e6: fd:1d:e6:3c:5e:9b:b3:54:c4:7b:4e:aa:8c:3c:4b:7b:b0:66: 77:6d:0c:01:a8:46:4e:f2:b5:10:e7:1f:03:f2:2b:ce:48:a1: 45:2b:a6:64:0d:31:c0:7c:01:d7:8f:88:13:4e:8e:e5:b7:74: b1:34:46:fb:51:a0:e4:ae:8a:a7:b6:25:59:5c:7e:be:38:04: b7:28:59:c5:68:f2:bb:98:0d:06:a5:06:8f:f5:8c:fb:d9:9a: 97:84:32:eb:83:bf:53:d0:e6:01:b5:cf:3e:4b:fb:3b:4d:42: da:b9:bb:c5:55:4a:b8:5d:60:d9:29:74:02:4c:e9:58:c5:25: 78:94:e9:01:81:61:b8:83:1e:dd:dd:df:99:b6:72:83:15:1b: 2b:d9:0b:19:73:1b:be:d7:8d:62:a5:19:05:d7:49:86:18:0c: 97:2c:49:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNGNDQxMTAvBgNVBAUTKDQwREQ2NjJCNkY2RTk3QjM0RDNCNzVBODAwN0RFNTM4 OEQ5MjcyNTMwHhcNMjQwNTE5MDAzMTQwWhcNMjQwNTI2MDAzMTQwWjAYMRYwFAYD VQQDEw02NjQ5NDg2Yy1lN2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApN6kx/WB2HA8ydVQXq558d3fl3OyS0qBfs9w3Rt9ZpI7jQOyJnlU+JidvsaI Zq0d4VeG+pUzdkE951H+xM9svYuUARZr0W2v1Jclgsh0rQ1ZvNEp6HQJ4H3aTo4Z Iva6DGLh82eSXgO68Kqcqe4LVL71Mz/PSIWa1PyElZyZ5hhP9F7meEDkuMS/dgW/ n3ZS1N5uhq9J31eHK/tscr2S43BdoJOkTTXa315/uWRXTKUqkrjsaeCQz+Yt/adp cpmlCKMR6x2tY68dwbCvZFZiMJL4KH6KMCDMitR4OQXHqQWAP8FhhgY10WKl56nt 7ABgCqbffLhbjH93MQaJLh0UMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO67pLdR opy70WiEUwbXgw0yTVoEMB8GA1UdIwQYMBaAFEDdZitvbpezTTt1qAB95TiNknJT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0Y0NC82Njc3QkVCNjhD ODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3Tk5PM1dvQUgzbE9JMlNj bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOMW1LMjl1bDdOTk8zV29BSDNsT0kyU2NsTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0Y0NC82Njc3QkVCNjhDODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3 Tk5PM1dvQUgzbE9JMlNjbE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvvjoamQef5QX6hgER9QsTPj6xMp9eKpAN8aMNvjD/KYvZwQqxQD3w Hijmok/NGGbp+qP22scjcvE6xEi64361ow61SVIqrnSAXIIJHBh9cyTTGo1OadQq l+b9HeY8XpuzVMR7TqqMPEt7sGZ3bQwBqEZO8rUQ5x8D8ivOSKFFK6ZkDTHAfAHX j4gTTo7lt3SxNEb7UaDkroqntiVZXH6+OAS3KFnFaPK7mA0GpQaP9Yz72ZqXhDLr g79T0OYBtc8+S/s7TULaubvFVUq4XWDZKXQCTOlYxSV4lOkBgWG4gx7d3d+ZtnKD FRsr2QsZcxu+141ipRkF10mGGAyXLEkJ -----END CERTIFICATE-----Generated at Sun May 19 01:47:08 2024 by rpki-client on console-ams.rpki-client.org