$ rpki-client -vvf rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft File: ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft (raw, json) Hash identifier: sHGU12PO0xmA8Ot6pR3jS8o6w2jzBrjpyMA75h9WCg4= Subject key identifier: E3:7A:1E:63:79:76:56:E1:08:1A:46:A4:D6:E0:F2:62:BB:9E:EC:38 Authority key identifier: 72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3 Certificate issuer: /CN=A913C91D/serialNumber=72D65BB3CAD4A098F36F4137594CC7FEC2FA28A3 Certificate serial: 0FAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft Manifest number: 0FA6 Signing time: Sat 18 May 2024 18:05:18 +0000 Manifest this update: Sat 18 May 2024 18:05:17 +0000 Manifest next update: Sat 25 May 2024 18:05:17 +0000 Files and hashes: 1: ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl (hash: 1GzkQ4BYPkaMRpOL0nnDVft6S6S4GEWIXJu+yi7dOwU=) 2: 39C6EF3688BF11EABC04973FC4F9AE02.roa (hash: WsFnnJ9tOKw92AuHWBqArMTWSmjEnxiOvKWkqqpRfVk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4014 (0xfae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913C91D/serialNumber=72D65BB3CAD4A098F36F4137594CC7FEC2FA28A3 Validity Not Before: May 18 18:05:17 2024 GMT Not After : May 25 18:05:17 2024 GMT Subject: CN=6648edde-713e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:91:0b:6c:3d:ab:df:7d:d7:1b:f1:10:a0:ea: 4d:e5:7f:5d:90:56:22:26:da:61:10:65:bc:9f:ac: 8f:16:61:6a:77:a8:7b:82:f5:a1:ff:a3:c8:0a:e0: 37:d4:ef:8d:72:91:2e:df:7c:e2:58:72:ac:1b:8a: 5b:22:75:e8:5c:7f:d3:34:de:b3:ae:56:42:62:e4: 31:c2:cc:42:b6:a4:96:56:7f:17:a4:f4:7e:0f:55: 2b:73:e8:4c:c2:f9:ab:a5:91:1d:47:94:90:ea:01: 76:53:61:0b:07:a5:f4:77:3e:06:38:4f:66:01:68: 3a:16:00:90:35:cf:b1:4b:15:c3:dd:af:58:1a:3a: 71:a7:f1:c2:e6:43:1e:1a:b1:46:bc:b0:8e:ce:57: 34:bd:2e:dc:66:30:59:68:37:9a:00:85:b6:8c:d0: 9e:e3:37:c2:13:4a:77:c2:03:13:d0:fe:7a:f1:68: 2f:f0:6a:48:3f:93:8e:14:3d:68:58:a8:4e:04:cc: 36:43:91:65:c6:b5:b5:42:bd:28:96:a6:1b:90:d9: cc:88:e1:d1:11:80:29:f7:c1:be:86:d0:fc:7c:09: e3:43:a6:77:96:5e:fd:fa:e0:77:87:a5:b6:0c:bf: 6a:dc:50:ed:ca:b9:aa:bd:15:bb:4b:f8:ea:62:5c: bb:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:7A:1E:63:79:76:56:E1:08:1A:46:A4:D6:E0:F2:62:BB:9E:EC:38 X509v3 Authority Key Identifier: keyid:72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:30:47:1a:e9:5d:a8:c2:dc:e2:af:44:f5:87:d9:73:e6:df: f7:a7:fb:69:7e:d6:b6:b9:0d:15:c9:6b:b9:4a:f5:2b:46:02: 7b:b5:9a:75:26:f7:9f:46:97:ea:9a:a6:b3:e0:4d:df:7c:a7: 01:1e:b2:8c:26:3e:12:d8:73:71:23:b8:b4:3b:68:d7:e7:45: 2e:ed:42:1b:2f:a2:f1:da:9f:d4:fe:4f:de:98:dd:92:4b:a4: d2:3b:a4:ab:cb:0e:28:b1:d8:d8:7e:b7:cc:1a:be:d0:77:39: b9:49:a7:ab:c2:2b:a5:f9:c7:56:f3:5e:78:0f:d6:8f:7b:a7: b3:3b:e5:06:a7:49:67:f5:74:2c:6d:89:ec:35:f1:86:31:20: ba:2b:e6:7f:8d:92:1e:c2:c6:df:5a:a1:1b:37:b7:da:4e:4f: 20:b2:c3:77:88:14:40:ee:87:b7:6b:a8:7d:0e:1b:9b:a4:24: 0c:6d:83:b7:f7:b1:36:1c:bd:4c:d2:ef:be:0f:84:6a:58:7d: 8b:11:82:b9:cb:21:fb:26:f1:89:96:7b:01:47:3b:63:72:0e: be:f2:86:2c:6c:9a:b6:43:5a:29:76:5e:7f:76:ad:7f:da:18: 8c:70:a7:a5:11:88:a3:dc:fa:1d:0d:dd:45:8c:8a:44:7a:b0: 5a:30:ac:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0M5MUQxMTAvBgNVBAUTKDcyRDY1QkIzQ0FENEEwOThGMzZGNDEzNzU5NENDN0ZF QzJGQTI4QTMwHhcNMjQwNTE4MTgwNTE3WhcNMjQwNTI1MTgwNTE3WjAYMRYwFAYD VQQDEw02NjQ4ZWRkZS03MTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupELbD2r333XG/EQoOpN5X9dkFYiJtphEGW8n6yPFmFqd6h7gvWh/6PICuA3 1O+NcpEu33ziWHKsG4pbInXoXH/TNN6zrlZCYuQxwsxCtqSWVn8XpPR+D1Urc+hM wvmrpZEdR5SQ6gF2U2ELB6X0dz4GOE9mAWg6FgCQNc+xSxXD3a9YGjpxp/HC5kMe GrFGvLCOzlc0vS7cZjBZaDeaAIW2jNCe4zfCE0p3wgMT0P568Wgv8GpIP5OOFD1o WKhOBMw2Q5FlxrW1Qr0olqYbkNnMiOHREYAp98G+htD8fAnjQ6Z3ll79+uB3h6W2 DL9q3FDtyrmqvRW7S/jqYly7gwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFON6HmN5 dlbhCBpGpNbg8mK7nuw4MB8GA1UdIwQYMBaAFHLWW7PK1KCY829BN1lMx/7C+iij MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzkxRC9EOTBDRDg3NDM1 ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9KanpiMEUzV1V6SF9zTDZL S00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N0WmJzOHJVb0pqemIwRTNXVXpIX3NMNktLTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QzkxRC9EOTBDRDg3NDM1ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9K anpiMEUzV1V6SF9zTDZLS00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIMEca6V2owtzir0T1h9lz5t/3p/tpfta2uQ0VyWu5SvUrRgJ7tZp1 JvefRpfqmqaz4E3ffKcBHrKMJj4S2HNxI7i0O2jX50Uu7UIbL6Lx2p/U/k/emN2S S6TSO6Sryw4osdjYfrfMGr7Qdzm5Saerwiul+cdW8154D9aPe6ezO+UGp0ln9XQs bYnsNfGGMSC6K+Z/jZIewsbfWqEbN7faTk8gssN3iBRA7oe3a6h9DhubpCQMbYO3 97E2HL1M0u++D4RqWH2LEYK5yyH7JvGJlnsBRztjcg6+8oYsbJq2Q1opdl5/dq1/ 2hiMcKelEYij3PodDd1FjIpEerBaMKyx -----END CERTIFICATE-----Generated at Sat May 18 18:46:45 2024 by rpki-client on console-fra.rpki-client.org