$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: WW3o1F9DlP8mPBS/QLsaDGL4ZwuUn+lZRQGeonB2uKY= Subject key identifier: 64:F9:7E:C4:24:F7:34:25:D4:06:57:17:86:70:AB:3A:7B:52:46:D1 Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0150 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 0144 Signing time: Sun 19 May 2024 04:58:09 +0000 Manifest this update: Sun 19 May 2024 04:58:08 +0000 Manifest next update: Sun 26 May 2024 04:58:08 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: IjYUBy4LB8PJYs5f2VGzisRGDR/jBnves9U1rDJUma8=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: sUf036iD770CQ+b2X6bzvJNIpXhSwluP5hHx6+I2vxE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 336 (0x150) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: May 19 04:58:08 2024 GMT Not After : May 26 04:58:08 2024 GMT Subject: CN=664986e1-59b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:65:15:6e:e0:92:1f:21:29:e7:00:4a:03:35: db:33:03:d7:0a:6f:63:74:0c:b3:6f:90:76:f9:02: c9:4d:e4:89:8b:49:39:b0:1c:57:42:8a:cb:c4:6c: bf:dd:00:61:ed:5f:6a:0e:08:a4:24:39:f2:9f:f6: b8:fa:70:4d:70:9a:2c:74:0b:5f:69:d2:73:4b:3f: 0f:74:2a:e4:1c:da:f8:38:85:c3:0c:dd:1d:c7:c9: b2:47:a9:69:99:c8:11:15:ca:76:89:a1:b2:b7:88: 82:51:0c:9b:a6:24:0c:8c:59:05:b9:6f:a9:47:ce: 61:fe:d7:72:28:eb:62:cb:ca:96:e2:ff:84:e7:52: 1a:3f:f8:45:66:18:a9:a3:40:ba:98:36:3e:e8:b4: 85:48:b4:9d:9d:00:d4:15:b0:d4:24:b0:6b:71:95: ca:8a:08:b8:fe:7d:f1:e6:e0:c1:09:0b:88:3a:6b: 5d:e1:d4:97:88:fd:7b:db:fb:44:5e:d3:4f:2e:8d: a1:67:46:e7:22:1f:97:6a:4e:17:9e:04:39:be:8e: 77:d7:44:2a:c1:63:4a:be:e4:88:e8:01:2a:85:f3: 41:40:49:63:c0:1a:f2:fb:6d:b1:e6:90:a9:a7:2a: 2b:a6:67:94:e6:8c:4d:07:7f:de:ae:dc:61:a8:0d: 2d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:F9:7E:C4:24:F7:34:25:D4:06:57:17:86:70:AB:3A:7B:52:46:D1 X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:83:69:73:2f:14:97:83:fb:de:b9:38:fd:79:43:fb:9f:c9: 38:bf:b6:56:fe:9b:5a:10:15:5b:0b:9f:4b:bc:d1:5f:29:2e: 22:99:78:d2:dc:92:da:f3:97:ad:22:59:e1:ec:3e:e0:77:e2: 74:67:ca:5d:75:a7:9a:3b:ea:8e:5a:8d:ee:67:a0:57:b4:b9: cd:6e:15:cb:63:f8:26:70:db:f9:f2:f9:8a:e9:89:17:a4:05: 82:5e:50:fd:60:49:b9:95:5d:62:0f:47:f9:00:be:e3:52:b4: ca:be:63:f6:c1:0c:31:a6:cc:44:5f:1b:bd:5b:c0:23:aa:d1: c3:fa:4e:e0:0b:e2:50:eb:a8:de:0d:42:26:b4:a9:3d:6a:bb: 48:f4:bb:a3:90:4c:1f:4d:26:6b:97:60:6e:69:bf:6e:15:88: af:2c:46:69:6f:43:ec:d2:fb:b0:d0:45:7f:d1:44:0a:17:22: 2d:d1:ae:26:7a:be:fa:a0:9b:30:d6:ba:94:56:df:3f:bb:aa: bc:a3:b1:51:cf:d6:b4:22:e7:2f:1e:d3:77:82:43:40:64:4d: 29:a2:44:c7:e0:58:55:eb:cd:50:62:99:0a:83:b2:33:bc:dc: 99:a6:8e:d6:cf:5f:bc:27:64:ca:8d:b8:8c:7c:d5:1f:ad:80: 81:20:83:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjQwNTE5MDQ1ODA4WhcNMjQwNTI2MDQ1ODA4WjAYMRYwFAYD VQQDEw02NjQ5ODZlMS01OWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqGUVbuCSHyEp5wBKAzXbMwPXCm9jdAyzb5B2+QLJTeSJi0k5sBxXQorLxGy/ 3QBh7V9qDgikJDnyn/a4+nBNcJosdAtfadJzSz8PdCrkHNr4OIXDDN0dx8myR6lp mcgRFcp2iaGyt4iCUQybpiQMjFkFuW+pR85h/tdyKOtiy8qW4v+E51IaP/hFZhip o0C6mDY+6LSFSLSdnQDUFbDUJLBrcZXKigi4/n3x5uDBCQuIOmtd4dSXiP172/tE XtNPLo2hZ0bnIh+Xak4XngQ5vo5310QqwWNKvuSI6AEqhfNBQEljwBry+22x5pCp pyorpmeU5oxNB3/ertxhqA0tUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGT5fsQk 9zQl1AZXF4Zwqzp7UkbRMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKg2lzLxSXg/veuTj9eUP7n8k4v7ZW/ptaEBVbC59LvNFfKS4imXjS 3JLa85etIlnh7D7gd+J0Z8pddaeaO+qOWo3uZ6BXtLnNbhXLY/gmcNv58vmK6YkX pAWCXlD9YEm5lV1iD0f5AL7jUrTKvmP2wQwxpsxEXxu9W8AjqtHD+k7gC+JQ66je DUImtKk9artI9LujkEwfTSZrl2Buab9uFYivLEZpb0Ps0vuw0EV/0UQKFyIt0a4m er76oJsw1rqUVt8/u6q8o7FRz9a0IucvHtN3gkNAZE0pokTH4FhV681QYpkKg7Iz vNyZpo7Wz1+8J2TKjbiMfNUfrYCBIIO6 -----END CERTIFICATE-----Generated at Sun May 19 05:48:50 2024 by rpki-client on console-fra.rpki-client.org