$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: qIRQM5DBN5YlDz8zGMpKAaMNK8a+ZRN/j+WCSZTsSVw= Subject key identifier: 50:10:F2:01:CB:A5:C7:C0:B4:12:3E:B8:22:B5:54:1D:67:CA:B3:9B Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 01A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 019F Signing time: Sun 19 May 2024 04:39:19 +0000 Manifest this update: Sun 19 May 2024 04:39:18 +0000 Manifest next update: Sun 26 May 2024 04:39:18 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: 5Bjw7MjoYHvOx8lpzVrS+KnAj51LrlsfHilsnBFkEd4=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: 2PqJdzm4+rKQKtxyDM7E1nFD4A9EAD2S30HfC2pixCk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 418 (0x1a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: May 19 04:39:18 2024 GMT Not After : May 26 04:39:18 2024 GMT Subject: CN=66498277-c2d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:99:22:6b:1b:c8:1f:c0:80:04:5d:f0:25:fa: 4c:18:b7:73:38:4b:27:92:45:a8:6e:76:8f:0f:fc: 9f:c4:e1:e3:4d:48:26:97:17:9c:34:d6:4b:d7:5d: ca:50:47:bb:51:0f:87:b3:c3:3b:e8:b8:9d:00:c9: ea:1a:a1:46:a2:f4:ce:02:d1:de:8a:86:45:32:8a: fd:a0:dc:39:dd:45:7e:8a:c1:fb:db:b8:db:73:aa: dc:e3:23:b1:68:0a:d8:b3:52:41:ec:b9:0b:e2:d2: aa:0a:bb:ad:6d:f8:0c:3e:5d:dc:d6:7b:f4:31:ab: ee:86:35:c3:15:6c:a9:97:12:b7:1e:f7:ab:64:e7: 5c:9a:79:93:ed:ee:f6:1b:08:a4:44:c2:13:bf:14: 29:63:6d:b5:82:d6:49:09:83:fa:09:2e:2c:44:5e: f2:c9:88:cf:7a:f7:92:4f:bc:c1:9b:9a:a9:ce:95: 26:2d:e8:ef:15:62:65:73:d9:65:6a:1e:b8:c5:e6: cc:e6:a0:87:a0:d4:1c:d1:c2:30:6e:25:54:28:db: cd:cb:5b:fa:86:a7:4e:eb:3e:c1:73:b1:5b:e6:40: c3:25:40:cb:b0:4f:0b:58:9e:f3:d6:cb:b7:d8:f0: 4c:fb:ae:d6:aa:34:f8:b2:b6:21:6a:2d:1b:c7:b3: 63:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:10:F2:01:CB:A5:C7:C0:B4:12:3E:B8:22:B5:54:1D:67:CA:B3:9B X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:40:db:28:de:83:43:d2:60:80:a6:1a:7f:01:d9:14:4d:47: 23:60:98:60:29:0e:72:86:eb:7b:41:60:e3:64:47:19:18:ee: c6:d1:17:e6:1a:dc:9c:66:18:53:e1:21:6e:17:56:cf:38:4a: 21:ec:34:46:09:52:22:fe:07:d4:1c:8c:5a:e1:93:40:88:12: 0e:47:7a:0b:95:b4:58:d5:62:8a:3c:eb:af:52:fb:d1:34:90: 14:21:7b:d1:91:11:e2:b4:bd:bf:95:d2:96:7b:d6:53:b9:58: 62:a1:52:33:5f:a8:2a:5f:7b:cb:1a:57:de:11:6f:90:36:7e: 99:b9:46:f6:65:6f:1e:c5:8a:be:d9:60:36:0e:12:ed:8c:0e: f2:8c:9c:0a:07:e7:a9:4b:e9:ed:7f:74:5b:40:76:17:97:8b: b9:db:25:1c:3f:90:13:cc:80:ea:27:73:39:03:c2:78:17:2b: 08:51:a5:4c:40:b1:7f:8b:36:19:1b:c6:30:67:a8:38:85:56: 7d:74:2d:b4:44:ba:d8:2f:7d:82:0c:a9:93:71:e1:32:7f:bd: ff:ef:af:16:a7:e4:7b:79:25:9e:fb:9e:5d:15:d7:35:c1:bb: 21:14:74:02:23:b5:d1:83:77:6e:2d:6e:58:60:c3:81:5e:e0: ba:9c:73:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjQwNTE5MDQzOTE4WhcNMjQwNTI2MDQzOTE4WjAYMRYwFAYD VQQDEw02NjQ5ODI3Ny1jMmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr5kiaxvIH8CABF3wJfpMGLdzOEsnkkWobnaPD/yfxOHjTUgmlxecNNZL113K UEe7UQ+Hs8M76LidAMnqGqFGovTOAtHeioZFMor9oNw53UV+isH727jbc6rc4yOx aArYs1JB7LkL4tKqCrutbfgMPl3c1nv0MavuhjXDFWyplxK3HverZOdcmnmT7e72 GwikRMITvxQpY221gtZJCYP6CS4sRF7yyYjPeveST7zBm5qpzpUmLejvFWJlc9ll ah64xebM5qCHoNQc0cIwbiVUKNvNy1v6hqdO6z7Bc7Fb5kDDJUDLsE8LWJ7z1su3 2PBM+67WqjT4srYhai0bx7Nj1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFAQ8gHL pcfAtBI+uCK1VB1nyrObMB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDLQNso3oND0mCAphp/AdkUTUcjYJhgKQ5yhut7QWDjZEcZGO7G0Rfm GtycZhhT4SFuF1bPOEoh7DRGCVIi/gfUHIxa4ZNAiBIOR3oLlbRY1WKKPOuvUvvR NJAUIXvRkRHitL2/ldKWe9ZTuVhioVIzX6gqX3vLGlfeEW+QNn6ZuUb2ZW8exYq+ 2WA2DhLtjA7yjJwKB+epS+ntf3RbQHYXl4u52yUcP5ATzIDqJ3M5A8J4FysIUaVM QLF/izYZG8YwZ6g4hVZ9dC20RLrYL32CDKmTceEyf73/768Wp+R7eSWe+55dFdc1 wbshFHQCI7XRg3duLW5YYMOBXuC6nHOs -----END CERTIFICATE-----Generated at Sun May 19 06:14:33 2024 by rpki-client on console-ams.rpki-client.org