$ rpki-client -vvf rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft File: ZI5HI0RBcbar4W19wDDonAbwUNw.mft (raw, json) Hash identifier: 2nQ5obUZYSJOj1qYbLPEtk8v8Jt/3ihk38JBOwhunp0= Subject key identifier: 0C:E8:48:E7:7B:7A:52:59:70:D7:0E:5D:48:21:47:6F:A1:93:FF:5D Authority key identifier: 64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC Certificate issuer: /CN=A91408BE/serialNumber=648E4723444171B6ABE16D7DC030E89C06F050DC Certificate serial: 0A50 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft Manifest number: 0A4B Signing time: Sat 18 May 2024 20:23:37 +0000 Manifest this update: Sat 18 May 2024 20:23:36 +0000 Manifest next update: Sat 25 May 2024 20:23:36 +0000 Files and hashes: 1: ZI5HI0RBcbar4W19wDDonAbwUNw.crl (hash: qIpIZEuuwSp/UPkoYMVGdEVI0QLG6GrqOTpSf6I/fUk=) 2: 5DCB0A0C410C11EA8A6C412DC4F9AE02.roa (hash: DZEkEnTNgplGMbRRw6SaRTBPqyRQF1awLdG5QG2XDnA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.crl rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2640 (0xa50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91408BE/serialNumber=648E4723444171B6ABE16D7DC030E89C06F050DC Validity Not Before: May 18 20:23:36 2024 GMT Not After : May 25 20:23:36 2024 GMT Subject: CN=66490e49-dabb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:d8:1a:76:5d:15:8d:b6:51:5b:44:e1:2c:bb: 56:d6:e5:0b:a3:13:24:5a:67:f3:db:18:f2:45:16: a0:bb:89:55:b4:ce:29:4f:01:75:67:8c:92:52:f8: 27:af:cf:e0:a3:0b:c2:fb:a5:fb:40:6d:b1:d4:b7: ee:dc:0a:d3:05:27:6f:4f:c4:6c:ca:a2:6f:a7:39: ea:35:b1:88:70:c2:d1:8b:81:dd:5c:b4:1a:80:44: c8:03:af:49:99:1c:7f:2c:57:39:1c:48:8d:5e:eb: 3d:f3:f4:8f:f9:6f:66:ad:ad:36:01:1d:f0:25:81: 40:ca:5e:4d:c8:6e:14:a4:bb:d8:c3:66:df:b2:ad: 2e:d4:d5:f7:b1:0c:64:53:95:09:6a:69:a4:07:ce: 3c:72:9e:89:63:d6:be:95:03:db:4f:0a:91:b0:ae: fa:7c:b2:02:31:9b:32:b4:4e:97:96:9e:d6:e5:dd: b9:b7:0a:6f:be:d1:3f:ab:eb:1c:24:03:c4:be:76: 87:00:20:19:d9:69:0c:eb:e4:a5:d2:77:21:e9:42: b7:94:8a:25:93:25:d1:d9:b7:b7:94:3b:a7:a1:15: d1:2c:f4:30:ed:81:26:67:e8:b7:7a:46:85:e4:ae: 83:2e:7c:e0:c0:09:60:a4:4c:16:71:8c:91:8c:f5: 6d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:E8:48:E7:7B:7A:52:59:70:D7:0E:5D:48:21:47:6F:A1:93:FF:5D X509v3 Authority Key Identifier: keyid:64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:76:e9:08:18:71:3a:7a:32:b5:5b:59:9c:fd:36:73:ae:19: b7:36:99:a3:c5:87:30:17:77:1d:ff:10:2c:48:2a:14:ce:ba: c6:ab:a0:55:6e:e0:3a:3d:79:8b:ec:c0:5f:99:f3:df:c9:a1: 46:e2:12:2f:f9:e5:28:71:15:79:08:1f:8c:db:ba:f6:96:ec: d4:c1:26:d3:6f:a3:af:5c:f1:7c:33:9a:a1:9f:6d:49:47:d7: c5:18:4b:cb:3e:da:2e:c3:f9:89:02:8e:97:8a:d1:4e:c0:b1: 22:07:c1:ba:d0:40:84:8b:89:13:76:9e:0a:6e:cd:b9:69:60: 0f:d1:8e:be:b6:33:a0:ad:66:0f:51:39:23:78:9f:41:a9:0d: 86:91:f9:51:45:b2:4d:b9:fb:13:71:37:43:66:49:62:af:d9: 4d:bb:a9:0b:88:a2:d4:65:1f:fe:ba:e4:e5:6c:b3:4b:de:b4: 7c:ae:d6:04:b3:86:c2:47:50:2c:a6:09:d5:37:b1:b6:01:c6: 13:9c:74:10:91:1c:5b:e7:fe:6c:9a:84:d9:4f:95:2c:c3:e4: 77:14:bd:9a:31:e0:82:67:32:bf:a7:be:86:d6:20:c4:f4:be: 19:a4:18:6e:dd:14:2f:b5:f0:f3:74:54:fd:ef:1b:18:4c:ab: 38:b1:1d:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA4QkUxMTAvBgNVBAUTKDY0OEU0NzIzNDQ0MTcxQjZBQkUxNkQ3REMwMzBFODlD MDZGMDUwREMwHhcNMjQwNTE4MjAyMzM2WhcNMjQwNTI1MjAyMzM2WjAYMRYwFAYD VQQDEw02NjQ5MGU0OS1kYWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA79gadl0VjbZRW0ThLLtW1uULoxMkWmfz2xjyRRagu4lVtM4pTwF1Z4ySUvgn r8/gowvC+6X7QG2x1Lfu3ArTBSdvT8RsyqJvpznqNbGIcMLRi4HdXLQagETIA69J mRx/LFc5HEiNXus98/SP+W9mra02AR3wJYFAyl5NyG4UpLvYw2bfsq0u1NX3sQxk U5UJammkB848cp6JY9a+lQPbTwqRsK76fLICMZsytE6Xlp7W5d25twpvvtE/q+sc JAPEvnaHACAZ2WkM6+Sl0nch6UK3lIolkyXR2be3lDunoRXRLPQw7YEmZ+i3ekaF 5K6DLnzgwAlgpEwWcYyRjPVtawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAzoSOd7 elJZcNcOXUghR2+hk/9dMB8GA1UdIwQYMBaAFGSORyNEQXG2q+FtfcAw6JwG8FDc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDhCRS9BMkM4MjdFRTQx MEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNiYXI0VzE5d0REb25BYndV TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pJNUhJMFJCY2JhcjRXMTl3RERvbkFid1VOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MDhCRS9BMkM4MjdFRTQxMEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNi YXI0VzE5d0REb25BYndVTncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7dukIGHE6ejK1W1mc/TZzrhm3NpmjxYcwF3cd/xAsSCoUzrrGq6BV buA6PXmL7MBfmfPfyaFG4hIv+eUocRV5CB+M27r2luzUwSbTb6OvXPF8M5qhn21J R9fFGEvLPtouw/mJAo6XitFOwLEiB8G60ECEi4kTdp4Kbs25aWAP0Y6+tjOgrWYP UTkjeJ9BqQ2GkflRRbJNufsTcTdDZklir9lNu6kLiKLUZR/+uuTlbLNL3rR8rtYE s4bCR1AspgnVN7G2AcYTnHQQkRxb5/5smoTZT5Usw+R3FL2aMeCCZzK/p76G1iDE 9L4ZpBhu3RQvtfDzdFT97xsYTKs4sR22 -----END CERTIFICATE-----Generated at Sat May 18 20:48:17 2024 by rpki-client on console-fra.rpki-client.org