$ rpki-client -vvf rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft File: hnHJZ--Azj0S3OowSRuUb9cGh8A.mft (raw, json) Hash identifier: RTX2lo+6YatyXhQH3g5Ypm2yX+0yrPjE6EvwPRCkm0s= Subject key identifier: 05:0B:4F:11:76:A9:86:11:DA:9E:8D:A7:74:21:A0:F8:27:C5:3E:2F Authority key identifier: 86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 Certificate issuer: /CN=A9138D0E/serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Certificate serial: 12E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft Manifest number: 12B8 Signing time: Sat 18 May 2024 17:37:39 +0000 Manifest this update: Sat 18 May 2024 17:37:39 +0000 Manifest next update: Sat 25 May 2024 17:37:39 +0000 Files and hashes: 1: hnHJZ--Azj0S3OowSRuUb9cGh8A.crl (hash: kFsS2/7TTXCXnNZ2iRJ36XMkeuavjMbdJtOOucmViPg=) 2: 12383D760AF011ECB7243C0FC4F9AE02.roa (hash: bpcEzHc+dsrBIGhfURjg1Q4WDXIFyeK81x74s7OgvpE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4835 (0x12e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138D0E/serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0 Validity Not Before: May 18 17:37:39 2024 GMT Not After : May 25 17:37:39 2024 GMT Subject: CN=6648e763-cbca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b2:f7:c0:04:e4:7a:83:9f:ae:d0:ca:61:3d: 47:17:61:55:0d:76:48:e0:24:b9:3f:ef:9d:74:f3: 0b:7d:e4:ba:a3:bf:22:98:a8:84:3d:e7:3f:9f:8a: c2:86:fc:61:fc:01:a8:52:10:6e:24:3a:d7:f8:aa: f0:1d:ed:dc:dc:3b:b3:e6:41:9f:c4:74:70:39:57: 6c:a8:3d:59:be:1d:b2:b6:4f:20:dc:32:44:c3:92: 6f:b8:b7:c3:f9:e1:4a:c3:14:51:9c:5e:18:12:3f: 70:83:59:41:1c:da:ae:83:31:cc:5f:45:59:eb:1c: 42:65:91:a3:3e:8d:4c:3e:8e:49:bd:53:16:e2:44: c2:c4:e4:28:00:a9:21:4a:47:fd:8d:d8:a0:eb:e8: 72:4e:57:a4:b0:b2:dc:41:fc:7e:44:2b:fe:f0:72: c3:ae:59:61:8f:a4:4a:a1:9f:64:e3:c6:87:8a:27: 17:5c:1d:5a:f6:38:c6:a4:e4:0b:f5:4d:7d:89:1a: 7d:a9:0d:8f:a6:42:b9:1e:54:ef:93:36:7c:55:7d: 5b:96:d7:5b:7d:b6:d9:5e:7d:6e:8d:66:1e:67:69: 47:20:3b:e7:a7:c1:1b:07:04:c7:7a:77:f5:25:fa: 06:47:d1:38:60:4c:43:a0:60:7f:b1:b2:b2:65:d5: 8c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:0B:4F:11:76:A9:86:11:DA:9E:8D:A7:74:21:A0:F8:27:C5:3E:2F X509v3 Authority Key Identifier: keyid:86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:8d:e8:e8:16:6d:90:80:48:12:39:c0:b6:3b:d6:20:e0:10: aa:81:a8:e6:8c:7f:bc:3b:50:55:36:e4:fb:52:df:83:41:13: a8:e4:b1:8f:6e:de:e9:27:8d:32:5a:80:a2:81:e3:a3:5e:d9: df:ed:33:f6:fc:cd:30:49:0a:ba:ca:2d:3a:15:43:f1:93:05: c9:5c:e5:67:27:85:91:3f:c6:d9:00:2e:a9:c0:4d:ef:b6:f5: 46:ba:14:b0:26:f4:56:b5:d1:a0:7f:6f:50:43:7f:ab:aa:19: 0c:16:2e:41:59:88:5b:91:70:3d:38:37:29:86:0b:be:d6:f4: 93:ab:9a:f9:7c:38:ed:52:49:9b:8e:ea:7a:c7:35:2e:18:52: 0f:9d:2e:68:58:de:6e:e5:55:ab:58:88:5a:f6:19:54:d9:07: a0:7f:ef:a3:21:32:b3:85:ed:81:fc:da:ff:97:ff:82:52:70: 19:6b:26:ef:d3:a3:ae:df:79:d9:0b:67:9b:40:58:32:c4:06: 3a:73:35:2a:9f:d9:b6:9a:17:8d:c4:7a:28:fa:b5:1c:b2:1c: a0:df:4f:08:7c:e5:5a:e3:fe:c1:3f:e6:ba:9c:61:5d:14:ef: 78:4d:4f:40:94:c7:7f:95:35:70:0a:ff:6a:95:73:c9:f1:09: f7:f3:96:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEuMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzhEMEUxMTAvBgNVBAUTKDg2NzFDOTY3RUY4MENFM0QxMkRDRUEzMDQ5MUI5NDZG RDcwNjg3QzAwHhcNMjQwNTE4MTczNzM5WhcNMjQwNTI1MTczNzM5WjAYMRYwFAYD VQQDEw02NjQ4ZTc2My1jYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzrL3wATkeoOfrtDKYT1HF2FVDXZI4CS5P++ddPMLfeS6o78imKiEPec/n4rC hvxh/AGoUhBuJDrX+KrwHe3c3Duz5kGfxHRwOVdsqD1Zvh2ytk8g3DJEw5JvuLfD +eFKwxRRnF4YEj9wg1lBHNqugzHMX0VZ6xxCZZGjPo1MPo5JvVMW4kTCxOQoAKkh Skf9jdig6+hyTleksLLcQfx+RCv+8HLDrllhj6RKoZ9k48aHiicXXB1a9jjGpOQL 9U19iRp9qQ2PpkK5HlTvkzZ8VX1bltdbfbbZXn1ujWYeZ2lHIDvnp8EbBwTHenf1 JfoGR9E4YExDoGB/sbKyZdWMIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAULTxF2 qYYR2p6Np3QhoPgnxT4vMB8GA1UdIwQYMBaAFIZxyWfvgM49EtzqMEkblG/XBofA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEQwRS84RTcxNDk4NEEz NUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpqMFMzT293U1J1VWI5Y0do OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2huSEpaLS1BemowUzNPb3dTUnVVYjljR2g4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OEQwRS84RTcxNDk4NEEzNUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpq MFMzT293U1J1VWI5Y0doOEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIjejoFm2QgEgSOcC2O9Yg4BCqgajmjH+8O1BVNuT7Ut+DQROo5LGP bt7pJ40yWoCigeOjXtnf7TP2/M0wSQq6yi06FUPxkwXJXOVnJ4WRP8bZAC6pwE3v tvVGuhSwJvRWtdGgf29QQ3+rqhkMFi5BWYhbkXA9ODcphgu+1vSTq5r5fDjtUkmb jup6xzUuGFIPnS5oWN5u5VWrWIha9hlU2Qegf++jITKzhe2B/Nr/l/+CUnAZaybv 06Ou33nZC2ebQFgyxAY6czUqn9m2mheNxHoo+rUcshyg308IfOVa4/7BP+a6nGFd FO94TU9AlMd/lTVwCv9qlXPJ8Qn385Zj -----END CERTIFICATE-----Generated at Sat May 18 18:21:35 2024 by rpki-client on console-ams.rpki-client.org