$ rpki-client -vvf rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft File: I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft (raw, json) Hash identifier: 1OTkR8vwGL7kSQ3Fx74pKka90hn8z+b5hcrZu1JaSSw= Subject key identifier: F0:53:13:26:3A:8C:BD:BC:97:89:D3:50:ED:BB:CD:49:A1:17:85:82 Authority key identifier: 23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4 Certificate issuer: /CN=A9146A72/serialNumber=23704D592F57509EDCE5A4AD7BDEEDCF7BDBACE4 Certificate serial: 2CB8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft Manifest number: 2C9F Signing time: Sat 18 May 2024 15:46:33 +0000 Manifest this update: Sat 18 May 2024 15:46:33 +0000 Manifest next update: Sat 25 May 2024 15:46:33 +0000 Files and hashes: 1: I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl (hash: EWmcA52Mrg8B3TIFv4+Taat9R/YSGZDBiDOZu48USvI=) 2: 387BC130D36511ED90939D5BC4F9AE02.roa (hash: jkaosn3+GNROfkJeTuBB/WYx7lOCrLnQAQGnF2AqBj4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11448 (0x2cb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146A72/serialNumber=23704D592F57509EDCE5A4AD7BDEEDCF7BDBACE4 Validity Not Before: May 18 15:46:33 2024 GMT Not After : May 25 15:46:33 2024 GMT Subject: CN=6648cd59-f6bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:9a:83:12:47:3e:80:49:09:8e:5a:85:3b:34: bb:7b:78:e5:5b:12:51:e3:89:ae:77:1e:a7:fc:49: ee:c4:00:4f:3e:8f:6c:34:0f:4b:a1:cf:30:e1:9e: e3:16:70:e4:dd:7f:4c:d2:9b:6c:3c:57:54:03:be: 55:77:c5:29:c5:cd:1f:d8:e0:52:d3:ea:0c:7b:b5: 88:19:49:1f:90:09:cc:a3:0b:4d:1b:0d:30:60:9c: c6:b1:91:2e:0a:db:48:b3:e5:ec:83:47:09:46:c3: 64:77:2d:f3:bf:28:3f:05:c1:07:45:15:48:2f:6e: a9:ff:3c:1e:4a:2a:57:c0:51:74:7c:f0:11:7d:02: 15:f6:de:1e:fa:ee:0c:49:b7:5f:81:26:1c:56:56: 8f:78:ce:6b:eb:18:fc:00:de:c0:6f:80:55:11:3e: a3:e3:c6:5d:9b:cd:d5:97:90:16:e1:9d:58:1a:e1: 37:2d:2b:be:64:b8:3d:ca:5a:27:53:33:a8:e5:47: ee:ba:15:f1:ec:4e:fb:a0:68:f0:ee:01:57:87:01: 8c:0f:74:97:e0:df:3c:2e:f7:71:dd:70:6f:98:ec: 39:b0:d6:ca:fc:1d:40:bc:25:07:72:8d:c1:99:1c: a8:6d:9b:95:be:9d:ee:66:c4:16:30:3b:b3:d7:c7: d6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:53:13:26:3A:8C:BD:BC:97:89:D3:50:ED:BB:CD:49:A1:17:85:82 X509v3 Authority Key Identifier: keyid:23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:e5:39:48:7a:c3:06:1a:97:f8:cd:e5:8b:5e:5a:e6:fd:72: 20:d0:9a:49:7a:f7:db:dd:31:f8:58:4a:ff:4f:67:1a:cd:65: b2:d0:31:6b:a1:a2:b3:f6:5e:73:2c:2e:52:6c:51:74:d7:dc: 01:07:f9:07:38:cf:9d:71:2c:c8:07:d4:a8:3e:4d:d0:07:1d: 44:f2:20:a0:e7:aa:b3:ed:8d:2a:74:f4:76:15:72:d3:95:85: 34:04:81:94:50:00:62:88:62:bf:f3:9d:93:77:be:17:f3:30: 16:50:9e:0f:5c:86:67:a5:16:26:8e:1f:36:d1:a5:ca:e9:f1: b1:40:cd:b2:32:20:cb:c0:3b:a2:3d:9c:fe:25:f4:41:49:89: e8:dc:11:81:bb:2b:5e:ab:dd:3c:cb:f8:27:fe:36:35:19:c4: 4f:27:f7:c4:20:cb:49:9a:f2:24:a9:8f:80:54:7f:19:93:75: dc:09:2e:2a:f0:44:9d:c9:24:69:e4:05:24:fb:21:b2:e5:7d: 5a:d2:e1:80:1a:7a:40:a2:65:02:e8:43:1b:93:a3:42:d6:7b: bb:2a:ba:bd:6d:96:ac:6e:63:03:aa:49:3c:ac:1c:f5:8d:b4: 58:15:27:17:c5:91:f5:08:42:9f:dc:dc:2e:58:ca:29:eb:c9: 9c:2d:f6:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDZBNzIxMTAvBgNVBAUTKDIzNzA0RDU5MkY1NzUwOUVEQ0U1QTRBRDdCREVFRENG N0JEQkFDRTQwHhcNMjQwNTE4MTU0NjMzWhcNMjQwNTI1MTU0NjMzWjAYMRYwFAYD VQQDEw02NjQ4Y2Q1OS1mNmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArZqDEkc+gEkJjlqFOzS7e3jlWxJR44mudx6n/EnuxABPPo9sNA9Loc8w4Z7j FnDk3X9M0ptsPFdUA75Vd8Upxc0f2OBS0+oMe7WIGUkfkAnMowtNGw0wYJzGsZEu CttIs+Xsg0cJRsNkdy3zvyg/BcEHRRVIL26p/zweSipXwFF0fPARfQIV9t4e+u4M SbdfgSYcVlaPeM5r6xj8AN7Ab4BVET6j48Zdm83Vl5AW4Z1YGuE3LSu+ZLg9ylon UzOo5UfuuhXx7E77oGjw7gFXhwGMD3SX4N88Lvdx3XBvmOw5sNbK/B1AvCUHco3B mRyobZuVvp3uZsQWMDuz18fWbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPBTEyY6 jL28l4nTUO27zUmhF4WCMB8GA1UdIwQYMBaAFCNwTVkvV1Ce3OWkrXve7c9726zk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkE3Mi8wNUM4OTFEQTg5 RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVKN2M1YVN0ZTk3dHozdmJy T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0kzQk5XUzlYVUo3YzVhU3RlOTd0ejN2YnJPUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NkE3Mi8wNUM4OTFEQTg5RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVK N2M1YVN0ZTk3dHozdmJyT1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZ5TlIesMGGpf4zeWLXlrm/XIg0JpJevfb3TH4WEr/T2cazWWy0DFr oaKz9l5zLC5SbFF019wBB/kHOM+dcSzIB9SoPk3QBx1E8iCg56qz7Y0qdPR2FXLT lYU0BIGUUABiiGK/852Td74X8zAWUJ4PXIZnpRYmjh820aXK6fGxQM2yMiDLwDui PZz+JfRBSYno3BGBuyteq908y/gn/jY1GcRPJ/fEIMtJmvIkqY+AVH8Zk3XcCS4q 8ESdySRp5AUk+yGy5X1a0uGAGnpAomUC6EMbk6NC1nu7Krq9bZasbmMDqkk8rBz1 jbRYFScXxZH1CEKf3NwuWMop68mcLfbH -----END CERTIFICATE-----Generated at Sat May 18 17:20:04 2024 by rpki-client on console-ams.rpki-client.org