$ rpki-client -vvf rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft File: rGoi8eThZQrPtSifXctdU5IPzzQ.mft (raw, json) Hash identifier: uPOiDVIaUv05GdSlxZthWnCc80xflmv0/elP1FZqZk4= Subject key identifier: 8B:84:F4:C8:05:48:9F:60:F8:CD:9F:FD:E5:BF:5B:73:7A:93:DC:8A Authority key identifier: AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 Certificate issuer: /CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft Manifest number: 0249 Signing time: Sun 19 May 2024 04:08:11 +0000 Manifest this update: Sun 19 May 2024 04:08:11 +0000 Manifest next update: Sun 26 May 2024 04:08:11 +0000 Files and hashes: 1: rGoi8eThZQrPtSifXctdU5IPzzQ.crl (hash: 7VZDrwQoRslyKQNlncUY2HA9z5Chm4b58AXT8NbvZEs=) 2: CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa (hash: k4Chq2lqiGzoqEasmQmEC+5Q++/tI0HHgdydrDE9lac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Validity Not Before: May 19 04:08:11 2024 GMT Not After : May 26 04:08:11 2024 GMT Subject: CN=66497b2b-13df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b8:c9:35:4f:3e:b4:a4:48:2f:fa:b4:75:65: 93:b0:8f:c7:b3:35:7d:73:1d:ff:ec:df:06:d0:fc: bc:9b:61:bd:0e:da:0e:5a:7b:cd:37:b3:ef:91:60: 6d:ca:66:a1:11:bc:f8:fa:40:c1:c1:66:e3:9d:87: 4d:99:cd:e5:05:e5:4c:50:b3:6d:f4:c7:5e:e6:b7: 2a:31:47:9b:d6:1b:00:05:b9:34:95:c4:fb:e9:af: 5d:ce:79:8d:37:89:1a:04:12:ed:aa:88:7f:57:4e: 20:62:2f:68:80:ff:87:4a:c5:3c:16:4e:34:45:4f: 32:d4:82:cf:ac:09:c9:0f:2f:32:e4:49:3f:21:cb: 1b:5d:85:04:47:54:5a:5f:37:a2:d2:e5:74:50:ef: b8:f6:8f:0c:35:01:27:34:a7:6c:0a:86:77:30:68: 16:65:f8:c7:87:0b:2b:51:e6:3a:00:86:f5:4f:f9: 00:b0:0f:a4:c0:15:82:8e:32:6f:4e:8a:40:68:9c: c9:47:c8:dd:b4:0d:ae:7d:a2:94:1a:19:c1:ca:df: 29:35:d4:e3:e0:19:a5:62:7b:e9:3f:a9:3e:67:78: f6:36:df:f6:46:75:a6:a9:d2:31:21:cc:48:16:73: 8e:32:93:8f:11:4a:57:20:06:ca:f4:20:93:12:92: ba:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:84:F4:C8:05:48:9F:60:F8:CD:9F:FD:E5:BF:5B:73:7A:93:DC:8A X509v3 Authority Key Identifier: keyid:AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:99:d5:3c:13:af:8c:e7:c5:d2:90:f6:9f:03:07:18:3f:56: e3:20:25:a0:06:a1:e6:79:bb:3e:2b:7a:ce:25:42:c4:0b:54: 36:4b:04:ef:e2:86:f5:70:bc:84:bf:c0:a5:cb:01:d0:5e:8e: f6:4d:84:b0:32:49:08:e7:f9:c1:73:0e:ba:87:c6:02:6b:86: 72:9e:40:c2:26:b1:8b:63:20:04:3c:59:3c:e5:fc:36:c0:0c: 2c:fd:9b:b8:46:30:ca:7d:d7:c7:c5:f8:a6:3b:fe:cb:a3:fb: 9f:8f:1d:7f:e6:01:76:e6:97:d3:29:65:a6:cd:8b:36:35:0f: 6e:70:2c:ed:62:30:3b:44:83:4d:70:31:a2:50:28:02:44:6d: 41:fa:12:0b:35:76:a4:f8:b5:44:66:9f:59:4c:27:f7:c9:5d: cb:ac:92:6f:a6:b9:52:6f:f1:8b:cf:16:73:ef:82:82:c8:e2: 58:a1:69:23:d9:b4:72:4f:b9:c1:e2:dd:53:c1:39:a9:96:9f: a2:4a:fb:f5:30:b9:35:07:c9:7c:a3:ff:62:c8:fb:17:96:94: 4c:34:d9:9f:9a:3b:23:c6:25:55:5e:1a:be:1b:8b:91:e3:d8: f7:ec:94:68:78:f4:c2:14:44:d3:84:59:60:52:d6:70:84:e3: bd:95:41:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjJENzExMC8GA1UEBRMoQUM2QTIyRjFFNEUxNjUwQUNGQjUyODlGNURDQjVENTM5 MjBGQ0YzNDAeFw0yNDA1MTkwNDA4MTFaFw0yNDA1MjYwNDA4MTFaMBgxFjAUBgNV BAMTDTY2NDk3YjJiLTEzZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsuMk1Tz60pEgv+rR1ZZOwj8ezNX1zHf/s3wbQ/LybYb0O2g5ae803s++RYG3K ZqERvPj6QMHBZuOdh02ZzeUF5UxQs230x17mtyoxR5vWGwAFuTSVxPvpr13OeY03 iRoEEu2qiH9XTiBiL2iA/4dKxTwWTjRFTzLUgs+sCckPLzLkST8hyxtdhQRHVFpf N6LS5XRQ77j2jww1ASc0p2wKhncwaBZl+MeHCytR5joAhvVP+QCwD6TAFYKOMm9O ikBonMlHyN20Da59opQaGcHK3yk11OPgGaVie+k/qT5nePY23/ZGdaap0jEhzEgW c44yk48RSlcgBsr0IJMSkrrBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUi4T0yAVI n2D4zZ/95b9bc3qT3IowHwYDVR0jBBgwFoAUrGoi8eThZQrPtSifXctdU5IPzzQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyMkQ3LzVCOUY3MUQyRUQz MDExRUNCRjA3RjAxMkM0RjlBRTAyL3JHb2k4ZVRoWlFyUHRTaWZYY3RkVTVJUHp6 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvckdvaThlVGhaUXJQdFNpZlhjdGRVNUlQenpRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy MkQ3LzVCOUY3MUQyRUQzMDExRUNCRjA3RjAxMkM0RjlBRTAyL3JHb2k4ZVRoWlFy UHRTaWZYY3RkVTVJUHp6US5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADqZ1TwTr4znxdKQ9p8DBxg/VuMgJaAGoeZ5uz4res4lQsQLVDZLBO/i hvVwvIS/wKXLAdBejvZNhLAySQjn+cFzDrqHxgJrhnKeQMImsYtjIAQ8WTzl/DbA DCz9m7hGMMp918fF+KY7/suj+5+PHX/mAXbml9MpZabNizY1D25wLO1iMDtEg01w MaJQKAJEbUH6Egs1dqT4tURmn1lMJ/fJXcuskm+muVJv8YvPFnPvgoLI4lihaSPZ tHJPucHi3VPBOamWn6JK+/UwuTUHyXyj/2LI+xeWlEw02Z+aOyPGJVVeGr4bi5Hj 2PfslGh49MIURNOEWWBS1nCE472VQZE= -----END CERTIFICATE-----Generated at Sun May 19 04:56:54 2024 by rpki-client on console-fra.rpki-client.org