$ rpki-client -vvf rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft File: ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft (raw, json) Hash identifier: v8Q4EnMjz9o1CdVN9xLQXZzBwdlmPrJqrKW2dpKUZnw= Subject key identifier: B6:96:7C:5B:D3:19:AD:61:87:1C:95:8F:7A:DF:02:2F:86:1C:7E:6F Authority key identifier: 21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC Certificate issuer: /CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Certificate serial: 17DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft Manifest number: 17D8 Signing time: Sat 18 May 2024 16:59:07 +0000 Manifest this update: Sat 18 May 2024 16:59:07 +0000 Manifest next update: Sat 25 May 2024 16:59:07 +0000 Files and hashes: 1: ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl (hash: o9SB/xdhtV2oB66zPvCmjs2HAyw0OEMMVfvefoTXOPE=) 2: BD843CCE984011E79A256C82C4F9AE02.roa (hash: 9o3PzclvpnBg2lRAwn/BzGlT0NhAuk70j3EBaFmerbI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6111 (0x17df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Validity Not Before: May 18 16:59:07 2024 GMT Not After : May 25 16:59:07 2024 GMT Subject: CN=6648de5b-3aa8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0e:80:e3:3e:6c:a9:ef:35:56:63:9b:a3:ec: 90:1a:0e:e6:73:e2:9f:f5:19:b5:ed:90:61:64:db: 29:b5:3b:32:90:ab:c9:60:8e:57:99:4e:ff:d8:49: 80:0c:bd:ce:6d:3b:a2:93:54:f6:61:90:4a:b8:b4: b7:49:d1:12:97:23:dd:f2:85:b8:84:9f:49:42:6e: 4b:81:e0:b6:96:6b:e2:e8:b4:c8:16:ad:d3:6c:50: c7:12:0c:b7:1f:89:d5:37:3e:2e:ef:8b:4e:23:3a: 6b:2b:8c:ba:10:63:80:99:73:e9:92:d4:5c:b8:bf: d6:38:3c:20:38:4d:d7:83:c5:d2:57:22:9a:6f:8c: 7e:17:2d:ce:38:a8:fd:98:4a:58:7a:ac:5f:88:89: 70:e9:f8:66:3f:75:d2:65:38:31:c1:33:1d:be:18: 49:64:03:44:48:24:22:a9:49:27:f8:55:05:3d:c3: 5b:b7:13:00:bd:ff:d0:fd:b2:12:8d:70:90:83:51: c0:37:6d:25:ef:02:d7:51:e3:04:43:c8:fa:03:57: 7a:9d:70:29:af:0d:c8:ea:8f:59:4d:50:e0:5c:e9: cb:fd:8c:a0:55:6f:2f:90:cd:b4:36:01:e8:99:ba: f6:41:4c:0f:c2:29:09:8c:0c:d8:78:0f:e7:f8:24: ed:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:96:7C:5B:D3:19:AD:61:87:1C:95:8F:7A:DF:02:2F:86:1C:7E:6F X509v3 Authority Key Identifier: keyid:21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:c5:77:9a:2c:47:0d:65:72:d5:fd:c9:e3:cb:7e:ad:82:52: 0a:dd:c6:be:d4:1d:b2:ed:42:11:cf:43:fe:21:be:af:c0:90: 4b:02:44:66:44:52:6d:8b:cb:f0:7b:32:c9:a5:1a:21:f0:ae: f6:20:03:6a:a0:8d:76:f7:e1:c0:46:4c:34:9c:18:08:bd:3a: cd:d3:ee:79:3a:a8:eb:a3:d5:04:c9:33:16:eb:26:48:d4:f5: c7:a0:9d:c4:cd:fd:2d:db:69:83:e5:02:fa:65:72:42:4a:3c: d5:27:28:12:85:38:45:63:25:df:bd:d7:31:28:9c:6b:07:f6: fa:58:88:6c:2b:3a:e3:4b:e0:20:58:75:0c:57:9b:1a:dc:0f: 07:42:92:53:5a:ff:2a:3c:9d:ab:1b:69:ab:46:83:17:67:13: de:fc:bb:e4:b0:39:04:58:9e:97:9b:2e:fd:94:14:80:9e:92: a9:b4:25:92:45:93:d9:82:f9:60:dd:95:6e:95:3c:f2:ed:b2: fc:91:03:a4:6f:f5:08:ae:58:18:a1:89:ce:0c:a5:0c:65:e6: db:b3:9a:05:8a:3d:ba:da:36:a7:d9:27:f8:e4:11:84:04:e9: 6a:5b:e0:0e:33:55:20:2c:7a:ba:2d:4f:13:50:f7:45:59:81: 89:22:10:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4MkUxMTAvBgNVBAUTKDIxMzQzNkJBMjNBOUFGMjUwQkYyNURERUE1MEM3NjIy MTlGOTA2QkMwHhcNMjQwNTE4MTY1OTA3WhcNMjQwNTI1MTY1OTA3WjAYMRYwFAYD VQQDEw02NjQ4ZGU1Yi0zYWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyw6A4z5sqe81VmObo+yQGg7mc+Kf9Rm17ZBhZNsptTsykKvJYI5XmU7/2EmA DL3ObTuik1T2YZBKuLS3SdESlyPd8oW4hJ9JQm5LgeC2lmvi6LTIFq3TbFDHEgy3 H4nVNz4u74tOIzprK4y6EGOAmXPpktRcuL/WODwgOE3Xg8XSVyKab4x+Fy3OOKj9 mEpYeqxfiIlw6fhmP3XSZTgxwTMdvhhJZANESCQiqUkn+FUFPcNbtxMAvf/Q/bIS jXCQg1HAN20l7wLXUeMEQ8j6A1d6nXAprw3I6o9ZTVDgXOnL/YygVW8vkM20NgHo mbr2QUwPwikJjAzYeA/n+CTtNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLaWfFvT Ga1hhxyVj3rfAi+GHH5vMB8GA1UdIwQYMBaAFCE0Nrojqa8lC/Jd3qUMdiIZ+Qa8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgyRS8zMTFFQUM1Njk4 NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5VUw4bDNlcFF4MklobjVC cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lUUTJ1aU9wcnlVTDhsM2VwUXgySWhuNUJydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgyRS8zMTFFQUM1Njk4NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5 VUw4bDNlcFF4MklobjVCcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgxXeaLEcNZXLV/cnjy36tglIK3ca+1B2y7UIRz0P+Ib6vwJBLAkRm RFJti8vwezLJpRoh8K72IANqoI129+HARkw0nBgIvTrN0+55Oqjro9UEyTMW6yZI 1PXHoJ3Ezf0t22mD5QL6ZXJCSjzVJygShThFYyXfvdcxKJxrB/b6WIhsKzrjS+Ag WHUMV5sa3A8HQpJTWv8qPJ2rG2mrRoMXZxPe/LvksDkEWJ6Xmy79lBSAnpKptCWS RZPZgvlg3ZVulTzy7bL8kQOkb/UIrlgYoYnODKUMZebbs5oFij262jan2Sf45BGE BOlqW+AOM1UgLHq6LU8TUPdFWYGJIhCq -----END CERTIFICATE-----Generated at Sat May 18 17:37:32 2024 by rpki-client on console-fra.rpki-client.org