$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: DSfGpTIAmvGt7KYHfQf+YQegdEUHbJQFbSPk4JTipeo= Subject key identifier: 0F:C1:E4:83:EC:ED:05:CA:E6:EA:C7:A2:6C:E6:05:C0:76:13:B0:48 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 1265 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 125F Signing time: Thu 30 May 2024 17:59:05 +0000 Manifest this update: Thu 30 May 2024 17:59:04 +0000 Manifest next update: Thu 06 Jun 2024 17:59:04 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: sGEfUEnJjEib/BaockL7rAiPobLFaZlAiZoCYonv8YI=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: PtKzjrxSdCQfJV341KRRu0KerrCI+0giYJKKrEUJTvQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 17:36:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4709 (0x1265) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: May 30 17:59:04 2024 GMT Not After : Jun 6 17:59:04 2024 GMT Subject: CN=6658be68-7443 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:82:b0:98:03:ff:c1:be:63:7b:41:ac:b6:eb: 7b:48:52:d4:fc:ac:01:27:be:bb:07:37:50:9b:6b: 7d:12:d9:0f:0d:d5:d7:32:6e:92:56:38:a2:06:6c: 40:44:7e:ce:12:e9:f4:9d:b9:04:ae:b2:35:b1:75: bb:5c:04:e0:d1:62:a3:96:d7:b0:de:d8:c2:36:f4: 78:3f:59:22:95:dc:45:f2:a1:53:ce:0e:88:45:c0: 1b:ec:72:00:d8:ca:21:62:91:e5:e7:23:f3:6e:1f: d3:bf:47:cf:2b:8d:02:cf:dd:5d:08:39:db:e7:4c: 1f:de:3f:a7:55:43:8b:01:9e:21:cf:91:a4:f4:bd: 95:df:be:1d:6a:e4:30:34:39:d4:79:0c:68:e5:39: 33:23:aa:17:00:d6:04:61:2a:8c:b7:ca:d8:ed:2e: 09:d7:da:9a:fa:42:50:6e:13:ae:e8:77:32:a9:db: e5:59:eb:4e:e9:fe:7f:ec:67:ee:20:7c:76:2f:d2: 15:b0:c5:1e:80:43:7d:c7:b7:f5:0a:16:17:5e:a2: 0c:9c:fd:08:78:68:ae:82:28:17:de:2a:db:de:77: d6:31:b5:89:e9:93:59:50:c3:ad:d6:88:f8:f9:a6: e4:18:e3:c7:47:25:c5:80:35:ee:1b:b3:ae:69:b0: aa:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C1:E4:83:EC:ED:05:CA:E6:EA:C7:A2:6C:E6:05:C0:76:13:B0:48 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:eb:43:27:8d:46:7a:c7:a4:0a:3c:80:91:4e:87:58:55:78: ae:d4:14:50:3e:c2:b6:d5:7e:9d:d0:85:b9:5b:b8:c2:ee:46: c5:0b:58:06:45:6f:60:40:9d:6c:36:99:36:9d:d9:81:e4:95: e0:c9:b2:bd:64:7d:92:5a:28:36:fe:1b:e5:e3:6a:3d:eb:4b: b5:65:37:5d:32:90:f6:a3:7d:96:9b:02:ca:28:2e:21:9b:63: d7:e2:26:00:5e:b7:0b:1a:62:03:44:8a:0d:eb:ba:80:1b:9e: 76:8d:8b:5b:05:6b:25:90:64:8b:62:52:9c:dc:c4:8d:22:f3: 46:3c:6a:b3:66:82:e6:89:04:d9:b0:43:e4:09:37:29:ee:e6: 88:b9:09:ee:7d:2f:d2:1b:d1:f0:00:a1:79:aa:ea:06:a2:87: 03:68:2b:19:8b:1a:d4:d8:5b:76:db:f3:cb:e5:02:f6:7b:8b: 55:73:15:68:bf:49:e0:a8:e5:88:2c:21:22:89:ee:55:17:9b: 7f:91:3a:69:49:a3:f9:09:06:72:fc:ba:b1:a4:89:8c:5e:b7: 20:87:b7:ec:17:03:30:7e:55:f4:c7:2e:91:9e:21:41:99:54: aa:24:b0:71:d1:a4:71:de:ac:c8:e8:46:31:01:47:78:58:7f: 18:a8:3a:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjQwNTMwMTc1OTA0WhcNMjQwNjA2MTc1OTA0WjAYMRYwFAYD VQQDEw02NjU4YmU2OC03NDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxoKwmAP/wb5je0Gstut7SFLU/KwBJ767BzdQm2t9EtkPDdXXMm6SVjiiBmxA RH7OEun0nbkErrI1sXW7XATg0WKjltew3tjCNvR4P1kildxF8qFTzg6IRcAb7HIA 2MohYpHl5yPzbh/Tv0fPK40Cz91dCDnb50wf3j+nVUOLAZ4hz5Gk9L2V374dauQw NDnUeQxo5TkzI6oXANYEYSqMt8rY7S4J19qa+kJQbhOu6HcyqdvlWetO6f5/7Gfu IHx2L9IVsMUegEN9x7f1ChYXXqIMnP0IeGiugigX3irb3nfWMbWJ6ZNZUMOt1oj4 +abkGOPHRyXFgDXuG7OuabCqdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA/B5IPs 7QXK5urHomzmBcB2E7BIMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCl60MnjUZ6x6QKPICRTodYVXiu1BRQPsK21X6d0IW5W7jC7kbFC1gG RW9gQJ1sNpk2ndmB5JXgybK9ZH2SWig2/hvl42o960u1ZTddMpD2o32WmwLKKC4h m2PX4iYAXrcLGmIDRIoN67qAG552jYtbBWslkGSLYlKc3MSNIvNGPGqzZoLmiQTZ sEPkCTcp7uaIuQnufS/SG9HwAKF5quoGoocDaCsZixrU2Ft22/PL5QL2e4tVcxVo v0ngqOWILCEiie5VF5t/kTppSaP5CQZy/LqxpImMXrcgh7fsFwMwflX0xy6RniFB mVSqJLBx0aRx3qzI6EYxAUd4WH8YqDoH -----END CERTIFICATE-----Generated at Thu May 30 18:45:56 2024 by rpki-client on console-ams.rpki-client.org