$ rpki-client -vvf rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft File: hkxROVpl1d5w7NMKrSemn0ubIrw.mft (raw, json) Hash identifier: CVOHhC5IPuTXVeJA+BcY8TQckDUmv8b3yLANn2LNcso= Subject key identifier: 3C:DC:1D:9B:4D:79:7B:B7:98:81:00:77:2F:8E:43:97:BB:0B:0B:0C Authority key identifier: 86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC Certificate issuer: /CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Certificate serial: 69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft Manifest number: 65 Signing time: Sun 19 May 2024 07:37:14 +0000 Manifest this update: Sun 19 May 2024 07:37:13 +0000 Manifest next update: Sun 26 May 2024 07:37:13 +0000 Files and hashes: 1: hkxROVpl1d5w7NMKrSemn0ubIrw.crl (hash: 6blO0tiFSV4rNXExm/2EbXO7V5wPaBcCQPNpR88xWQw=) 2: BA3E92207D2311EEA3696814C4F9AE02.roa (hash: QCckKoHrm9e4eOGS9nr5xC5ujq5pBtfUnu0x7UGDanM=) 3: B9CAD7A47D2311EEA3696814C4F9AE02.roa (hash: fRtDuN/PZH7IUQwKVGV5NkTVNfXcpwMUrATdeN93WIw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 105 (0x69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Validity Not Before: May 19 07:37:13 2024 GMT Not After : May 26 07:37:13 2024 GMT Subject: CN=6649ac2a-283b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:5e:eb:53:cf:f0:71:eb:35:09:73:ac:2c:dd: e3:e5:38:b7:84:b8:84:54:01:7a:d4:06:5e:32:a4: 6f:cc:57:c2:7c:17:25:7e:8c:93:a5:55:38:1f:63: 83:22:30:4d:d4:42:c8:73:87:2b:3f:9f:09:93:b6: b4:6d:24:6f:d0:0d:19:db:31:05:f0:a1:48:24:2c: 7c:77:aa:06:cf:06:56:30:35:58:e0:b0:63:76:74: 60:cb:64:68:ea:3e:11:0d:c2:76:f6:a9:37:2f:31: 6d:33:49:cc:92:ce:3c:74:61:46:96:70:64:6c:02: d0:d8:db:1e:9e:1e:54:b7:91:04:7f:0d:5e:de:55: 87:0e:96:82:b2:be:16:21:74:cc:0d:f5:22:e2:59: b1:bf:71:50:cb:72:52:29:64:93:5c:ca:07:5b:ec: 09:30:f7:f8:f6:e7:f1:a8:eb:2c:1b:8d:0e:e2:9d: 6b:16:ed:49:c3:08:fb:57:ab:15:90:28:d8:ce:7c: 06:92:98:8a:30:98:6d:71:b1:4a:25:4e:d3:d7:82: cc:da:3e:80:7c:d2:23:99:23:d8:b0:0f:03:c7:e8: a7:1e:81:41:18:a6:ea:22:30:d8:cc:0e:7c:c8:c8: 8f:bd:5d:03:24:7e:5e:af:0e:6a:f2:89:db:06:5e: c7:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:DC:1D:9B:4D:79:7B:B7:98:81:00:77:2F:8E:43:97:BB:0B:0B:0C X509v3 Authority Key Identifier: keyid:86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:2a:b7:90:bb:b4:3f:a3:6a:4f:0d:38:44:d3:72:a2:68:82: f0:be:77:c4:6d:f1:a7:0e:9d:89:8f:2d:08:ff:63:9a:b6:6a: ff:72:2e:f2:45:90:c3:ec:84:aa:5b:ca:8f:29:2f:71:e8:2f: 77:aa:e5:a6:f8:0b:00:a1:aa:fe:20:fc:57:6a:2a:02:66:f6: d7:02:4a:bc:53:81:4d:97:50:b9:cf:ee:bd:84:ef:7e:f0:91: 7f:d1:d9:5f:b4:23:71:ab:fd:73:35:33:09:ee:45:89:54:40: d1:e5:6d:61:0b:0f:63:9d:46:e0:c0:03:72:a0:47:bc:ed:14: e4:95:24:75:a6:cf:67:25:a0:65:3e:83:22:50:87:51:db:7f: dd:6d:f9:29:b8:e9:83:ac:f8:ed:a3:44:14:86:c5:08:c1:a1: 46:7b:fe:8f:a3:f6:b8:4f:64:e7:d3:18:7a:57:07:f8:13:99: 35:15:25:b3:4a:81:9b:bf:36:01:73:b2:4c:ca:91:da:d1:09: d1:a2:88:7b:e0:bd:57:ed:ea:5a:ff:ce:29:17:44:5e:aa:10: e3:03:00:0a:1c:6b:83:50:08:07:31:70:1a:da:53:c6:1a:9d: a9:9a:0f:0c:b7:4f:cf:aa:8a:8a:fc:db:bd:3f:de:71:fa:75: 6e:74:b7:68 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NUUxQjExMC8GA1UEBRMoODY0QzUxMzk1QTY1RDVERTcwRUNEMzBBQUQyN0E2OUY0 QjlCMjJCQzAeFw0yNDA1MTkwNzM3MTNaFw0yNDA1MjYwNzM3MTNaMBgxFjAUBgNV BAMTDTY2NDlhYzJhLTI4M2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9XutTz/Bx6zUJc6ws3ePlOLeEuIRUAXrUBl4ypG/MV8J8FyV+jJOlVTgfY4Mi ME3UQshzhys/nwmTtrRtJG/QDRnbMQXwoUgkLHx3qgbPBlYwNVjgsGN2dGDLZGjq PhENwnb2qTcvMW0zScySzjx0YUaWcGRsAtDY2x6eHlS3kQR/DV7eVYcOloKyvhYh dMwN9SLiWbG/cVDLclIpZJNcygdb7Akw9/j25/Go6ywbjQ7inWsW7UnDCPtXqxWQ KNjOfAaSmIowmG1xsUolTtPXgszaPoB80iOZI9iwDwPH6KcegUEYpuoiMNjMDnzI yI+9XQMkfl6vDmryidsGXsdxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPNwdm015 e7eYgQB3L45Dl7sLCwwwHwYDVR0jBBgwFoAUhkxROVpl1d5w7NMKrSemn0ubIrww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1RTFCLzc0OTUyNTE0N0Qy MjExRUVBN0IwNzQ2MEM0RjlBRTAyL2hreFJPVnBsMWQ1dzdOTUtyU2VtbjB1Ykly dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGt4Uk9WcGwxZDV3N05NS3JTZW1uMHViSXJ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1 RTFCLzc0OTUyNTE0N0QyMjExRUVBN0IwNzQ2MEM0RjlBRTAyL2hreFJPVnBsMWQ1 dzdOTUtyU2VtbjB1Yklydy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABIqt5C7tD+jak8NOETTcqJogvC+d8Rt8acOnYmPLQj/Y5q2av9yLvJF kMPshKpbyo8pL3HoL3eq5ab4CwChqv4g/FdqKgJm9tcCSrxTgU2XULnP7r2E737w kX/R2V+0I3Gr/XM1MwnuRYlUQNHlbWELD2OdRuDAA3KgR7ztFOSVJHWmz2cloGU+ gyJQh1Hbf91t+Sm46YOs+O2jRBSGxQjBoUZ7/o+j9rhPZOfTGHpXB/gTmTUVJbNK gZu/NgFzskzKkdrRCdGiiHvgvVft6lr/zikXRF6qEOMDAAoca4NQCAcxcBraU8Ya namaDwy3T8+qior8270/3nH6dW50t2g= -----END CERTIFICATE-----Generated at Sun May 19 08:24:57 2024 by rpki-client on console-ams.rpki-client.org