$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft File: bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft (raw, json) Hash identifier: 58BW5wOLSPGe3v9Zbv20q0JIE2ZBFnIJFHntyW1yvyY= Subject key identifier: 70:97:06:32:3F:E3:BF:72:FC:3D:05:E5:76:50:73:6B:B6:D5:66:95 Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65 Certificate issuer: /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65 Certificate serial: 2553 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft Manifest number: 253D Signing time: Sat 18 May 2024 16:00:52 +0000 Manifest this update: Sat 18 May 2024 16:00:52 +0000 Manifest next update: Sat 25 May 2024 16:00:52 +0000 Files and hashes: 1: bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl (hash: p/X+aSVBeh+5kqRQTrd8P06i0AUE7sDq4ZfOPuTVEho=) 2: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (hash: zjFPN9IlvbUvgrK4TiEnI3P674oOFqbeO/VgwKwjEUk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9555 (0x2553) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65 Validity Not Before: May 18 16:00:52 2024 GMT Not After : May 25 16:00:52 2024 GMT Subject: CN=6648d0b4-beee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:87:0f:b1:01:20:f6:e9:65:b3:2b:a0:75:de: 76:87:c7:2f:15:fc:3f:04:6f:bf:f9:21:fb:e8:3d: 18:ac:c0:2d:d0:a8:17:7f:df:dc:a3:73:f7:b9:a1: 7a:79:50:b7:38:3a:74:a6:7c:bd:7a:96:f2:54:e8: 07:e0:fc:0c:0a:a6:3b:00:77:a7:0f:e1:af:12:4a: ea:36:60:da:0e:85:b7:9c:d3:0d:b7:7e:77:0d:11: 05:fe:a0:66:35:57:c7:e1:14:d9:d5:b8:8e:fb:64: a2:1d:4f:1f:4b:7c:ed:b2:e1:eb:76:f4:32:7e:90: 03:34:6b:62:51:45:85:f8:65:48:1d:bc:ae:31:28: 79:83:06:86:03:6d:65:9c:c9:ea:9e:fb:17:59:03: b5:8b:98:08:cf:72:1d:ef:68:28:a9:4a:6a:e4:08: 2b:94:cd:51:20:e6:92:03:ba:c6:40:c9:a2:c6:11: 7b:55:72:b9:8a:6c:43:83:19:73:30:64:a1:ec:59: e1:c6:fc:ef:b2:01:15:c2:91:9e:f9:61:ef:1d:d3: d4:89:8b:41:62:b3:a7:e5:dd:85:30:c0:e6:6d:77: 95:9c:68:4c:62:91:ec:89:1b:2f:0b:d2:61:96:ba: 7e:51:fa:7a:03:89:e4:e1:fe:45:0c:7a:8b:28:2b: 26:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:97:06:32:3F:E3:BF:72:FC:3D:05:E5:76:50:73:6B:B6:D5:66:95 X509v3 Authority Key Identifier: keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:48:12:34:48:46:25:33:c5:8b:43:31:e5:de:fc:ca:dd:fd: db:31:ff:26:72:c0:3b:5d:b0:d2:c0:da:be:ba:d5:bc:ba:c5: 52:2c:8f:44:b9:04:33:3b:c0:51:14:a6:a0:3d:da:be:15:9b: f8:81:e7:30:94:62:f1:d0:38:68:ba:60:01:88:75:91:a5:32: d2:c4:16:5c:08:2e:f9:98:f5:82:0d:89:19:5f:17:73:ee:de: 33:17:4b:e0:3a:2b:28:7b:e8:a1:b0:03:d1:8d:e3:7b:e7:dd: 33:58:49:e2:51:ce:14:24:ae:c6:c3:f5:4f:e5:da:ef:89:69: 25:5a:89:b5:55:41:f8:d7:a2:cd:ff:ca:28:1f:d2:b2:b9:af: 33:8a:d3:83:f1:3e:6e:bd:b7:5b:80:27:58:57:91:7b:1e:7c: 39:8c:02:bd:fb:a9:e8:76:c3:07:6a:15:33:50:ff:bc:91:89: 90:15:71:54:86:27:6b:74:ac:a4:18:e5:f1:1f:49:74:f7:dc: 32:9e:05:1b:e3:f5:54:cf:8f:30:50:c2:61:18:d2:ca:bd:7f: c4:27:79:d4:2c:20:63:d2:20:0f:ad:24:45:fd:67:99:82:e0: 55:54:39:ae:02:c9:15:8b:11:67:3e:97:8c:4d:5d:8e:ec:3b: 59:df:c3:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy Njg0ODdCNjUwHhcNMjQwNTE4MTYwMDUyWhcNMjQwNTI1MTYwMDUyWjAYMRYwFAYD VQQDEw02NjQ4ZDBiNC1iZWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz4cPsQEg9ullsyugdd52h8cvFfw/BG+/+SH76D0YrMAt0KgXf9/co3P3uaF6 eVC3ODp0pny9epbyVOgH4PwMCqY7AHenD+GvEkrqNmDaDoW3nNMNt353DREF/qBm NVfH4RTZ1biO+2SiHU8fS3ztsuHrdvQyfpADNGtiUUWF+GVIHbyuMSh5gwaGA21l nMnqnvsXWQO1i5gIz3Id72goqUpq5AgrlM1RIOaSA7rGQMmixhF7VXK5imxDgxlz MGSh7FnhxvzvsgEVwpGe+WHvHdPUiYtBYrOn5d2FMMDmbXeVnGhMYpHsiRsvC9Jh lrp+Ufp6A4nk4f5FDHqLKCsmZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHCXBjI/ 479y/D0F5XZQc2u21WaVMB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDBFNi82NjA3NDJDOEZEMjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lf YnpETlZkUXpoTkVtaEllMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqSBI0SEYlM8WLQzHl3vzK3f3bMf8mcsA7XbDSwNq+utW8usVSLI9E uQQzO8BRFKagPdq+FZv4gecwlGLx0DhoumABiHWRpTLSxBZcCC75mPWCDYkZXxdz 7t4zF0vgOisoe+ihsAPRjeN7590zWEniUc4UJK7Gw/VP5drviWklWom1VUH416LN /8ooH9Kyua8zitOD8T5uvbdbgCdYV5F7Hnw5jAK9+6nodsMHahUzUP+8kYmQFXFU hidrdKykGOXxH0l099wyngUb4/VUz48wUMJhGNLKvX/EJ3nULCBj0iAPrSRF/WeZ guBVVDmuAskVixFnPpeMTV2O7DtZ38Oi -----END CERTIFICATE-----Generated at Sat May 18 17:20:03 2024 by rpki-client on console-ams.rpki-client.org