$ rpki-client -vvf rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.mft File: QbMaaMknik1EdI4t-MasqBV47LU.mft (raw, json) Hash identifier: 59ZyL+/k5AW7VzSMi/hZULsDu0/q2rY1bm6XxxknC5A= Subject key identifier: 68:57:B4:D1:2F:4B:8B:52:FF:5C:06:EF:74:F2:8C:60:08:7D:C0:05 Authority key identifier: 41:B3:1A:68:C9:27:8A:4D:44:74:8E:2D:F8:C6:AC:A8:15:78:EC:B5 Certificate issuer: /CN=A9120A29/serialNumber=41B31A68C9278A4D44748E2DF8C6ACA81578ECB5 Certificate serial: 0A14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QbMaaMknik1EdI4t-MasqBV47LU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.mft Manifest number: 0A0E Signing time: Sat 18 May 2024 20:36:46 +0000 Manifest this update: Sat 18 May 2024 20:36:46 +0000 Manifest next update: Sat 25 May 2024 20:36:46 +0000 Files and hashes: 1: QbMaaMknik1EdI4t-MasqBV47LU.crl (hash: qwUXad3069l84P/32r+NpPit3ucBj/PINGkD2OAwbQU=) 2: 73A346A24D5D11EAA811C368C4F9AE02.roa (hash: r+qFQ3fN+c4Grex+TON5FzY+8r6Nkc1WSkFRkqt8yC8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.crl rsync://rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QbMaaMknik1EdI4t-MasqBV47LU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2580 (0xa14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120A29/serialNumber=41B31A68C9278A4D44748E2DF8C6ACA81578ECB5 Validity Not Before: May 18 20:36:46 2024 GMT Not After : May 25 20:36:46 2024 GMT Subject: CN=6649115e-d399 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:24:48:f3:f3:c1:cc:58:66:e1:e5:0d:e9:33: b4:40:51:8f:75:7e:e5:ba:50:87:6f:cd:69:fc:bb: d5:89:6c:0e:dd:c1:cc:80:98:30:49:a2:0d:b5:3c: 08:b9:70:f9:02:e6:33:17:3b:34:65:f3:98:05:f5: 78:d6:30:16:7d:c0:57:fe:9c:81:6d:9b:ec:87:69: 6c:68:66:63:da:d3:ae:73:82:4a:09:24:4a:4c:03: d7:88:ae:ca:10:e2:0d:e9:02:59:12:37:51:e1:b0: 89:c8:04:41:de:3c:6c:2a:54:23:26:00:b4:70:d3: 6d:ed:12:72:d6:e3:90:16:3f:37:1f:12:84:fe:2b: 3b:74:1e:83:da:43:ff:ae:30:20:07:1a:9a:ce:8f: 68:d9:71:08:7a:5d:ce:e5:7a:c7:98:68:d3:c6:a1: 26:9b:f8:43:cf:e8:d0:55:ba:c8:a2:da:57:fe:8a: 03:77:e7:b9:8c:de:23:a8:f9:5f:88:fe:cc:fd:3d: 53:4d:d2:11:4f:a1:dc:ee:4b:e0:e3:f4:d9:ee:0a: dc:53:0d:38:4d:5d:1b:07:39:ff:e9:60:1f:ac:52: ab:21:10:66:c9:5b:44:df:25:f0:8d:a8:ab:af:f7: 3c:b3:83:d4:73:0a:fc:0b:8c:01:77:88:8a:ec:f4: 2b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:57:B4:D1:2F:4B:8B:52:FF:5C:06:EF:74:F2:8C:60:08:7D:C0:05 X509v3 Authority Key Identifier: keyid:41:B3:1A:68:C9:27:8A:4D:44:74:8E:2D:F8:C6:AC:A8:15:78:EC:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QbMaaMknik1EdI4t-MasqBV47LU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120A29/0E06DBA24D5C11EAA8088A66C4F9AE02/QbMaaMknik1EdI4t-MasqBV47LU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:ee:f7:06:f1:e9:d4:1a:5f:a9:e0:08:ce:f8:52:aa:cb:2d: 75:e6:19:50:4d:b4:4d:99:eb:6c:2c:75:59:79:6f:af:be:73: e7:47:f6:0b:ad:ee:36:11:1e:2f:a2:59:61:8f:68:e1:1c:f6: 04:ab:e6:0c:4d:fd:cd:4f:8d:61:7e:3f:2c:02:8a:a0:a1:19: 58:83:3a:18:a3:ed:2f:ae:a1:96:56:4f:25:ff:10:b5:58:89: aa:94:c5:ab:41:de:0e:e2:5d:b3:9b:ea:84:ea:e7:6e:b4:fd: 4a:8a:43:89:a0:2f:70:7a:fe:59:3e:6c:ce:78:78:d5:c5:06: 0a:6c:ba:e1:ac:95:d1:86:f3:e4:de:2a:a0:75:b3:20:8b:47: fd:15:6b:c4:fe:b8:a8:38:1a:28:7e:74:14:9a:5f:23:09:2b: d2:e1:44:fd:3a:30:09:df:ba:4f:5f:ab:92:4a:57:c2:e0:c2: b8:e2:91:ae:f1:d6:07:e6:ac:1c:b5:54:ca:66:7f:e4:91:5c: 89:2d:de:84:c2:3f:d5:72:a3:3d:fe:04:6d:ef:c6:74:59:72: 12:4c:71:13:55:27:a0:43:85:eb:f5:8f:7b:b4:7c:1d:90:21: 4f:28:24:01:2f:97:34:d7:aa:84:a0:04:10:08:d3:90:f2:42: 7d:9e:a7:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICChQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBMjkxMTAvBgNVBAUTKDQxQjMxQTY4QzkyNzhBNEQ0NDc0OEUyREY4QzZBQ0E4 MTU3OEVDQjUwHhcNMjQwNTE4MjAzNjQ2WhcNMjQwNTI1MjAzNjQ2WjAYMRYwFAYD VQQDEw02NjQ5MTE1ZS1kMzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2yRI8/PBzFhm4eUN6TO0QFGPdX7lulCHb81p/LvViWwO3cHMgJgwSaINtTwI uXD5AuYzFzs0ZfOYBfV41jAWfcBX/pyBbZvsh2lsaGZj2tOuc4JKCSRKTAPXiK7K EOIN6QJZEjdR4bCJyARB3jxsKlQjJgC0cNNt7RJy1uOQFj83HxKE/is7dB6D2kP/ rjAgBxqazo9o2XEIel3O5XrHmGjTxqEmm/hDz+jQVbrIotpX/ooDd+e5jN4jqPlf iP7M/T1TTdIRT6Hc7kvg4/TZ7grcUw04TV0bBzn/6WAfrFKrIRBmyVtE3yXwjair r/c8s4PUcwr8C4wBd4iK7PQrcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGhXtNEv S4tS/1wG73TyjGAIfcAFMB8GA1UdIwQYMBaAFEGzGmjJJ4pNRHSOLfjGrKgVeOy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEEyOS8wRTA2REJBMjRE NUMxMUVBQTgwODhBNjZDNEY5QUUwMi9RYk1hYU1rbmlrMUVkSTR0LU1hc3FCVjQ3 TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FiTWFhTWtuaWsxRWRJNHQtTWFzcUJWNDdMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEEyOS8wRTA2REJBMjRENUMxMUVBQTgwODhBNjZDNEY5QUUwMi9RYk1hYU1rbmlr MUVkSTR0LU1hc3FCVjQ3TFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBl7vcG8enUGl+p4AjO+FKqyy115hlQTbRNmetsLHVZeW+vvnPnR/YL re42ER4vollhj2jhHPYEq+YMTf3NT41hfj8sAoqgoRlYgzoYo+0vrqGWVk8l/xC1 WImqlMWrQd4O4l2zm+qE6udutP1KikOJoC9wev5ZPmzOeHjVxQYKbLrhrJXRhvPk 3iqgdbMgi0f9FWvE/rioOBoofnQUml8jCSvS4UT9OjAJ37pPX6uSSlfC4MK44pGu 8dYH5qwctVTKZn/kkVyJLd6Ewj/VcqM9/gRt78Z0WXISTHETVSegQ4Xr9Y97tHwd kCFPKCQBL5c016qEoAQQCNOQ8kJ9nqdS -----END CERTIFICATE-----Generated at Sat May 18 21:24:21 2024 by rpki-client on console-fra.rpki-client.org