$ rpki-client -vvf rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.mft File: kTeon0YQ2uLIjGlNyVLOWDVScHk.mft (raw, json) Hash identifier: EExbby7iEUs19aU7lXGyvksDCfXv9XEXkGCFdPjTjzQ= Subject key identifier: A8:58:64:4A:CC:8D:F3:2A:F8:4D:07:DC:F7:D7:A6:42:E0:CB:5F:3A Authority key identifier: 91:37:A8:9F:46:10:DA:E2:C8:8C:69:4D:C9:52:CE:58:35:52:70:79 Certificate issuer: /CN=A913F8BC/serialNumber=9137A89F4610DAE2C88C694DC952CE5835527079 Certificate serial: 0F2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kTeon0YQ2uLIjGlNyVLOWDVScHk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.mft Manifest number: 0F21 Signing time: Fri 31 May 2024 18:40:23 +0000 Manifest this update: Fri 31 May 2024 18:40:22 +0000 Manifest next update: Fri 07 Jun 2024 18:40:22 +0000 Files and hashes: 1: kTeon0YQ2uLIjGlNyVLOWDVScHk.crl (hash: Xn7R+PAiX1a/YU/UJJfkyAQpP824rIb38a9edAV5AL8=) 2: E9056E5A520611E9ABE43055C4F9AE02.roa (hash: M4kuuW3GF+4cw4z3e2X8np8DXjwWrvLRqULDvRRViYg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.crl rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kTeon0YQ2uLIjGlNyVLOWDVScHk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:40:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3884 (0xf2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F8BC/serialNumber=9137A89F4610DAE2C88C694DC952CE5835527079 Validity Not Before: May 31 18:40:22 2024 GMT Not After : Jun 7 18:40:22 2024 GMT Subject: CN=665a1997-67b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:90:18:d7:12:e8:33:84:a2:57:62:26:cc:7d: 4c:ec:93:9c:83:ec:54:90:09:a0:d3:4f:c4:36:da: ab:f5:c4:4d:e8:28:be:d9:a1:06:bf:9b:c6:03:a9: fb:c5:ce:06:cc:a9:d2:a6:23:fd:f1:36:5c:43:bb: 1c:ad:60:4b:9d:31:71:d4:05:00:be:59:8a:96:87: 6c:45:bb:6b:62:a1:fa:f9:35:2e:c3:9d:11:78:2b: 83:9a:15:ad:b2:0e:e2:12:05:ac:dc:be:a0:75:79: c0:c8:d4:8b:4e:65:5e:b2:83:d4:96:b9:45:d4:26: 08:9c:6f:11:5d:c4:87:d2:0b:08:3e:f3:c4:2a:fc: da:1b:8c:9f:c3:62:d1:eb:80:52:7e:4a:cc:18:b8: 9d:98:33:7a:86:50:17:0f:e1:f2:16:61:d9:9c:9d: ce:92:1f:fa:0d:fa:de:78:48:a8:ac:84:b0:f5:56: 7b:8c:f6:5f:5b:30:44:3f:9b:f2:67:13:d0:9a:18: 45:df:bc:6d:f8:1d:f3:f9:de:b1:db:fa:e0:2e:28: 0c:14:e3:8d:85:8a:c4:6b:ba:35:d7:66:98:fd:52: 22:c2:ad:3c:09:f4:7d:85:6f:e8:da:7f:ca:33:b7: e3:84:51:e2:cc:07:38:b5:ba:78:54:ee:18:d4:3f: bb:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:58:64:4A:CC:8D:F3:2A:F8:4D:07:DC:F7:D7:A6:42:E0:CB:5F:3A X509v3 Authority Key Identifier: keyid:91:37:A8:9F:46:10:DA:E2:C8:8C:69:4D:C9:52:CE:58:35:52:70:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kTeon0YQ2uLIjGlNyVLOWDVScHk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F8BC/4E13F40C520611E98EFC3A54C4F9AE02/kTeon0YQ2uLIjGlNyVLOWDVScHk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:5f:d3:60:3e:62:d9:4b:80:1b:b8:8c:95:b3:8c:56:e5:0c: eb:10:d6:43:4f:fb:8b:41:d7:14:58:3d:56:af:33:c1:a8:04: 16:c3:1c:c0:87:87:07:fd:d8:26:fa:ea:2b:d9:02:38:17:19: 60:8e:51:6d:41:b1:95:79:9d:07:7a:67:43:53:fb:25:6e:6a: 03:e9:5c:25:6e:3f:2c:8d:00:54:6d:d6:7c:1f:38:69:ef:78: 43:9d:9d:7c:24:eb:89:ab:6e:76:74:fe:3f:6a:17:3f:e5:af: ca:fd:e1:f5:90:2e:fa:79:64:e8:5a:61:91:d4:62:2b:e8:e5: 4e:eb:7a:a3:39:1f:26:f0:65:77:32:85:af:32:02:77:02:99: 0b:cc:8b:16:8c:10:ba:96:e6:bb:29:13:d7:7e:37:e2:4e:ca: 88:e2:90:e7:15:90:2f:dd:fa:f6:5a:6d:e4:9f:65:60:e2:ba: c4:a7:2b:50:1d:4e:9c:4c:19:86:13:0c:8f:ce:8e:47:b9:c4: 9d:c0:ab:f6:46:bf:19:5e:1d:bf:4a:34:ca:24:21:b6:ed:5d: 19:a1:34:ef:1e:cf:26:21:a7:56:8f:35:36:09:d2:fe:55:c8: ef:1b:91:7c:a3:d3:e3:f8:98:e2:10:36:ce:63:02:df:c0:1c: 7c:da:63:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y4QkMxMTAvBgNVBAUTKDkxMzdBODlGNDYxMERBRTJDODhDNjk0REM5NTJDRTU4 MzU1MjcwNzkwHhcNMjQwNTMxMTg0MDIyWhcNMjQwNjA3MTg0MDIyWjAYMRYwFAYD VQQDEw02NjVhMTk5Ny02N2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy5AY1xLoM4SiV2ImzH1M7JOcg+xUkAmg00/ENtqr9cRN6Ci+2aEGv5vGA6n7 xc4GzKnSpiP98TZcQ7scrWBLnTFx1AUAvlmKlodsRbtrYqH6+TUuw50ReCuDmhWt sg7iEgWs3L6gdXnAyNSLTmVesoPUlrlF1CYInG8RXcSH0gsIPvPEKvzaG4yfw2LR 64BSfkrMGLidmDN6hlAXD+HyFmHZnJ3Okh/6DfreeEiorISw9VZ7jPZfWzBEP5vy ZxPQmhhF37xt+B3z+d6x2/rgLigMFOONhYrEa7o112aY/VIiwq08CfR9hW/o2n/K M7fjhFHizAc4tbp4VO4Y1D+7OwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKhYZErM jfMq+E0H3PfXpkLgy186MB8GA1UdIwQYMBaAFJE3qJ9GENriyIxpTclSzlg1UnB5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjhCQy80RTEzRjQwQzUy MDYxMUU5OEVGQzNBNTRDNEY5QUUwMi9rVGVvbjBZUTJ1TElqR2xOeVZMT1dEVlNj SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tUZW9uMFlRMnVMSWpHbE55VkxPV0RWU2NIay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RjhCQy80RTEzRjQwQzUyMDYxMUU5OEVGQzNBNTRDNEY5QUUwMi9rVGVvbjBZUTJ1 TElqR2xOeVZMT1dEVlNjSGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByX9NgPmLZS4AbuIyVs4xW5QzrENZDT/uLQdcUWD1WrzPBqAQWwxzA h4cH/dgm+uor2QI4FxlgjlFtQbGVeZ0HemdDU/slbmoD6Vwlbj8sjQBUbdZ8Hzhp 73hDnZ18JOuJq252dP4/ahc/5a/K/eH1kC76eWToWmGR1GIr6OVO63qjOR8m8GV3 MoWvMgJ3ApkLzIsWjBC6lua7KRPXfjfiTsqI4pDnFZAv3fr2Wm3kn2Vg4rrEpytQ HU6cTBmGEwyPzo5HucSdwKv2Rr8ZXh2/SjTKJCG27V0ZoTTvHs8mIadWjzU2CdL+ VcjvG5F8o9Pj+JjiEDbOYwLfwBx82mPW -----END CERTIFICATE-----Generated at Fri May 31 20:34:01 2024 by rpki-client on console-ams.rpki-client.org