$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft File: AO-zr_90_WIfS42RFpt6HEOzlBc.mft (raw, json) Hash identifier: gWwUEwwxQHGesKE41Mu0NDlr+kbm1qP1siDbFyMQD4k= Subject key identifier: 96:E6:3C:66:02:CB:7F:5E:6E:B4:3D:6F:25:4E:E6:8F:80:8F:DF:EE Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Certificate serial: 8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft Manifest number: 88 Signing time: Sun 19 May 2024 07:13:57 +0000 Manifest this update: Sun 19 May 2024 07:13:56 +0000 Manifest next update: Sun 26 May 2024 07:13:56 +0000 Files and hashes: 1: AO-zr_90_WIfS42RFpt6HEOzlBc.crl (hash: TysMP/Yz16NQgklpODiHuYlf4WWqt/3a/Jr2Qg2V3jU=) 2: A80498FABAAB11EEBA024655C4F9AE02.roa (hash: Ys1bWxUU1Q27MLi9PA78rftLXNvIC29MFW+JEu4ijfc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417 Validity Not Before: May 19 07:13:56 2024 GMT Not After : May 26 07:13:56 2024 GMT Subject: CN=6649a6b4-d2b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b8:41:a3:49:89:0b:03:f3:6e:55:8b:5b:be: 45:e3:ad:46:df:77:e4:cd:60:81:5e:c0:6a:f4:7c: c8:7f:1b:9a:63:da:d2:24:d4:29:93:c3:48:26:c1: ce:35:fe:ee:10:6d:3d:20:f9:50:49:00:80:82:94: 7c:3f:d6:ac:3a:73:2f:31:c9:22:6a:7a:ad:7c:f4: 81:47:0a:54:b8:0d:e3:79:88:55:8f:69:ee:b6:5b: 2f:74:85:13:5d:69:20:ee:3f:e8:e4:27:f3:3b:f2: b4:64:d7:66:ee:e6:57:1f:ac:c8:61:d6:e4:83:cf: 57:8a:bc:70:70:01:d4:4f:a4:82:f8:e3:f5:de:76: 24:2e:2d:f7:62:1f:cd:c7:87:b3:aa:e5:20:df:f9: 13:fa:61:41:d8:62:ee:83:1b:34:c1:ce:b5:85:8c: 01:1c:b7:3e:03:c4:c7:c5:e3:f7:32:d7:74:28:d2: bb:11:4c:46:db:48:33:fc:46:19:08:fd:c5:02:e6: 1d:3b:e8:a7:ec:f8:52:67:24:29:38:cd:55:d1:98: d6:3a:e2:53:46:34:c1:9e:21:19:48:c7:e6:67:c4: 98:88:c4:7d:8e:83:4c:82:2a:e5:79:d8:25:e0:eb: d4:be:06:0a:b0:88:7a:86:4e:0e:8b:fd:c5:ca:5f: d1:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:E6:3C:66:02:CB:7F:5E:6E:B4:3D:6F:25:4E:E6:8F:80:8F:DF:EE X509v3 Authority Key Identifier: keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:0b:3a:17:40:7f:04:65:e7:ba:77:2a:60:7f:b6:07:8e:1c: 1b:f0:5f:c2:e6:ab:b6:97:db:54:13:92:14:1c:04:3c:f3:73: 1e:34:cd:03:c5:5c:9e:3c:a2:e5:34:93:0d:4b:d3:9b:11:f9: 9e:98:07:82:66:04:c5:67:b1:d4:29:ef:fa:11:fa:6c:84:f2: 15:a0:b5:6b:b2:8c:de:f3:a9:61:f3:f8:de:64:c0:99:c2:a4: 1b:5f:bf:25:2a:fe:af:da:a6:64:22:c9:42:ab:31:4e:4f:9b: 28:0f:15:86:c5:33:98:17:93:6c:eb:3d:34:bd:b3:89:ff:ce: 76:ed:ad:f3:20:46:30:db:9b:42:81:80:7a:bb:8d:8f:37:a8: 42:a5:9f:d2:a5:7d:4a:f1:aa:76:39:0f:9d:09:0d:2e:ad:ca: 57:d2:df:ee:db:31:32:fd:1c:a8:e0:62:41:1e:a6:20:d1:44: ed:7d:4d:1c:b6:9a:33:8a:63:dc:8d:07:2e:45:26:d2:89:ee: d4:43:df:af:bc:87:a3:13:be:69:8d:5e:98:9d:45:e7:76:5e: e0:0f:db:1b:39:f0:4b:40:05:37:f5:6e:c9:b8:be:6d:8b:ea: 1e:04:1a:45:f0:fe:5f:53:c1:2c:09:3c:d1:42:6e:4b:1b:aa: 36:4e:2b:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4RkExMTAvBgNVBAUTKDAwRUZCM0FGRkY3NEZENjIxRjRCOEQ5MTE2OUI3QTFD NDNCMzk0MTcwHhcNMjQwNTE5MDcxMzU2WhcNMjQwNTI2MDcxMzU2WjAYMRYwFAYD VQQDEw02NjQ5YTZiNC1kMmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7hBo0mJCwPzblWLW75F461G33fkzWCBXsBq9HzIfxuaY9rSJNQpk8NIJsHO Nf7uEG09IPlQSQCAgpR8P9asOnMvMckianqtfPSBRwpUuA3jeYhVj2nutlsvdIUT XWkg7j/o5CfzO/K0ZNdm7uZXH6zIYdbkg89XirxwcAHUT6SC+OP13nYkLi33Yh/N x4ezquUg3/kT+mFB2GLugxs0wc61hYwBHLc+A8THxeP3Mtd0KNK7EUxG20gz/EYZ CP3FAuYdO+in7PhSZyQpOM1V0ZjWOuJTRjTBniEZSMfmZ8SYiMR9joNMgirledgl 4OvUvgYKsIh6hk4Oi/3Fyl/RCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJbmPGYC y39ebrQ9byVO5o+Aj9/uMB8GA1UdIwQYMBaAFADvs6//dP1iH0uNkRabehxDs5QX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhGQS80MDAzRjkzMDU0 QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9XSWZTNDJSRnB0NkhFT3ps QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi9BTy16cl85MF9X SWZTNDJSRnB0NkhFT3psQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARCzoXQH8EZee6dypgf7YHjhwb8F/C5qu2l9tUE5IUHAQ883MeNM0D xVyePKLlNJMNS9ObEfmemAeCZgTFZ7HUKe/6EfpshPIVoLVrsoze86lh8/jeZMCZ wqQbX78lKv6v2qZkIslCqzFOT5soDxWGxTOYF5Ns6z00vbOJ/8527a3zIEYw25tC gYB6u42PN6hCpZ/SpX1K8ap2OQ+dCQ0urcpX0t/u2zEy/Ryo4GJBHqYg0UTtfU0c tpozimPcjQcuRSbSie7UQ9+vvIejE75pjV6YnUXndl7gD9sbOfBLQAU39W7JuL5t i+oeBBpF8P5fU8EsCTzRQm5LG6o2Tivj -----END CERTIFICATE-----Generated at Sun May 19 08:24:59 2024 by rpki-client on console-ams.rpki-client.org