$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: FQFE7d+rDbogRd49WIuCpfqqb6jd4Tky0YgnE3Q3ND8= Subject key identifier: DE:B0:59:28:67:6E:A7:C0:EE:A1:19:8E:C6:FA:9D:12:40:B6:CD:E6 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0CF5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0CDA Signing time: Sat 18 May 2024 18:47:57 +0000 Manifest this update: Sat 18 May 2024 18:47:56 +0000 Manifest next update: Sat 25 May 2024 18:47:56 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: FIOuvlouAywby/v70gvn1Ve0zBGIovOVI3i7ik2u41k=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: E3RKq/O/jBSi9TsOvFIF2/TfMwP0WV5Q5lcJbUtVmRI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3317 (0xcf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: May 18 18:47:56 2024 GMT Not After : May 25 18:47:56 2024 GMT Subject: CN=6648f7dd-8f7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:87:80:2c:61:4a:9e:eb:ef:38:50:61:07:ba: be:40:80:13:69:9a:c2:72:b1:0a:9a:33:29:2f:46: 92:10:1e:60:27:81:72:e0:2e:5a:1c:c0:89:c6:f6: e0:87:4a:ef:aa:ca:5d:7f:0c:d4:53:88:9f:00:bf: d6:d3:0a:a2:98:b4:a8:23:91:73:0a:a8:b0:95:e5: af:5d:2b:71:c4:d8:94:31:56:a8:b2:70:c4:56:0d: 09:76:4c:42:9d:86:b0:0c:bb:3d:72:c3:0e:b2:ea: 3a:c4:f0:cd:55:95:01:41:e9:e8:40:7e:17:46:30: 95:6c:d0:27:f4:68:9d:b0:79:0c:eb:8f:82:40:fd: cb:b2:af:b5:19:8c:cf:f4:14:0c:3b:21:c7:89:b7: f9:a0:3b:0a:6d:de:1a:98:1a:33:ad:14:2c:65:7b: ed:ff:e5:7e:96:6c:62:65:6a:89:11:bc:3a:0a:8b: ce:22:d1:43:3f:3a:6a:2a:8c:0b:6b:6e:50:38:59: 38:0a:2b:be:75:78:b8:32:66:0d:b7:98:11:bc:45: 52:b2:33:63:94:60:cc:71:c5:cd:f9:02:0f:e4:f1: 32:71:21:c3:23:41:c6:71:a2:73:5e:69:32:02:ae: 0b:8c:16:53:7c:66:2d:97:1d:29:4d:de:ba:94:c5: ec:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:B0:59:28:67:6E:A7:C0:EE:A1:19:8E:C6:FA:9D:12:40:B6:CD:E6 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:c9:0b:1a:29:0c:3a:40:66:a2:8e:2d:2a:7a:12:83:c8:24: 05:7a:71:ee:1f:db:cc:de:a7:53:75:7c:aa:42:16:68:e2:c6: fc:9a:85:a9:93:7b:df:55:46:e1:30:fa:9b:c3:8d:9c:27:39: 7c:28:58:37:30:6b:96:9f:01:2e:44:24:1d:31:a9:2a:84:d3: 41:33:6b:cb:f1:2f:71:0a:36:a3:fe:53:87:5b:58:57:58:5f: 04:8a:f2:85:ec:01:8b:bc:10:29:b7:c1:fd:de:41:1e:8a:91: c3:b6:ae:8d:5d:08:9a:ee:b1:8f:9c:f0:2c:8b:d0:a9:19:41: 74:f6:4a:c7:37:7f:e6:4f:ce:75:3d:36:c4:fc:59:23:5d:6c: 8b:8d:59:e0:3b:76:2e:f8:0d:e2:d2:66:56:ab:4b:f6:94:e8: d5:da:2f:d0:e9:46:e6:99:86:cb:0e:d9:6c:98:e2:46:99:ec: a1:ab:e1:a0:fc:8b:7a:22:64:1d:63:56:d5:c7:a8:73:95:6a: f6:af:00:87:62:09:73:e1:1a:55:1f:53:eb:92:25:04:32:09: dc:0c:e1:f6:bf:23:cb:d4:60:a9:8a:e7:78:d1:cf:e6:74:c8: 07:82:df:94:9f:cc:c8:fd:eb:5b:e4:f5:8a:78:87:6f:80:32: a8:18:7c:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjQwNTE4MTg0NzU2WhcNMjQwNTI1MTg0NzU2WjAYMRYwFAYD VQQDEw02NjQ4ZjdkZC04ZjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvoeALGFKnuvvOFBhB7q+QIATaZrCcrEKmjMpL0aSEB5gJ4Fy4C5aHMCJxvbg h0rvqspdfwzUU4ifAL/W0wqimLSoI5FzCqiwleWvXStxxNiUMVaosnDEVg0JdkxC nYawDLs9csMOsuo6xPDNVZUBQenoQH4XRjCVbNAn9GidsHkM64+CQP3Lsq+1GYzP 9BQMOyHHibf5oDsKbd4amBozrRQsZXvt/+V+lmxiZWqJEbw6CovOItFDPzpqKowL a25QOFk4Ciu+dXi4MmYNt5gRvEVSsjNjlGDMccXN+QIP5PEycSHDI0HGcaJzXmky Aq4LjBZTfGYtlx0pTd66lMXsqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN6wWShn bqfA7qEZjsb6nRJAts3mMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqyQsaKQw6QGaiji0qehKDyCQFenHuH9vM3qdTdXyqQhZo4sb8moWp k3vfVUbhMPqbw42cJzl8KFg3MGuWnwEuRCQdMakqhNNBM2vL8S9xCjaj/lOHW1hX WF8EivKF7AGLvBApt8H93kEeipHDtq6NXQia7rGPnPAsi9CpGUF09krHN3/mT851 PTbE/FkjXWyLjVngO3Yu+A3i0mZWq0v2lOjV2i/Q6UbmmYbLDtlsmOJGmeyhq+Gg /It6ImQdY1bVx6hzlWr2rwCHYglz4RpVH1PrkiUEMgncDOH2vyPL1GCpiud40c/m dMgHgt+Un8zI/etb5PWKeIdvgDKoGHw6 -----END CERTIFICATE-----Generated at Sat May 18 19:21:03 2024 by rpki-client on console-fra.rpki-client.org