$ rpki-client -vvf rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft File: IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft (raw, json) Hash identifier: RVk3vKGs4SqJq1GeM098TA7d4m6t50pnCffsKpKyghA= Subject key identifier: EC:4A:96:97:74:0A:0F:35:7C:D8:25:7D:80:F8:C7:85:A4:59:72:07 Authority key identifier: 21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D Certificate issuer: /CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Certificate serial: 0342 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft Manifest number: 0339 Signing time: Sun 19 May 2024 02:59:40 +0000 Manifest this update: Sun 19 May 2024 02:59:39 +0000 Manifest next update: Sun 26 May 2024 02:59:39 +0000 Files and hashes: 1: IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl (hash: fECyIa9utEPVaapkP4z2VtVpma6zFCTUIq9aYJ1ouew=) 2: E986DDEC979911ECB3B7CE39C4F9AE02.roa (hash: Zeiu4QtNT5MUhU37wsj+oT85M5rgvK6OPRoU5FxNjsE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 834 (0x342) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152DE4/serialNumber=217C3D8BED0B40C0FB088B59EE6E65AE6C661F0D Validity Not Before: May 19 02:59:39 2024 GMT Not After : May 26 02:59:39 2024 GMT Subject: CN=66496b1c-c32c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:99:5c:02:59:51:17:7d:54:97:5b:e7:7f:58: 69:98:5c:29:e6:73:a0:48:57:92:3f:82:72:d3:97: 77:08:71:c0:15:7c:e0:99:81:35:fc:b3:cb:b2:ec: ad:1f:c4:b5:2a:73:43:29:08:ef:94:27:c6:b8:f5: bc:d4:cd:27:42:51:82:15:d0:c9:b0:2d:b7:0b:bf: 19:33:0c:d1:c7:54:f3:97:44:e3:f3:85:4b:c8:92: e7:0b:2f:85:e9:9d:96:0a:e5:77:9a:e9:9e:ff:64: 7d:1b:02:33:c6:ed:c8:21:9c:80:6f:8f:c6:3e:33: 51:6c:3b:d0:5e:f0:91:e1:02:4a:7f:28:bb:93:09: 15:cd:76:89:f5:f0:7e:dd:9c:d0:65:a5:8e:3d:3a: 8b:b2:ff:cd:cf:4a:f6:00:16:86:fe:25:b4:76:08: ef:0f:51:2a:00:01:62:5e:48:3b:0c:cb:a6:c6:00: dd:cc:85:52:cd:d7:53:0a:23:4d:a5:80:12:9e:15: 7c:53:49:89:44:fd:66:64:97:ea:23:dd:a0:e5:aa: 7a:f0:b2:08:76:d7:b1:07:26:46:17:33:7f:6e:64: e5:5e:2d:8b:62:fe:13:ae:8b:e7:4d:c6:c9:6b:09: 12:b5:8b:03:68:3d:30:f2:cc:88:d4:fb:b7:22:d4: 90:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:4A:96:97:74:0A:0F:35:7C:D8:25:7D:80:F8:C7:85:A4:59:72:07 X509v3 Authority Key Identifier: keyid:21:7C:3D:8B:ED:0B:40:C0:FB:08:8B:59:EE:6E:65:AE:6C:66:1F:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IXw9i-0LQMD7CItZ7m5lrmxmHw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152DE4/4CCCC332792A11ECB0C59162C4F9AE02/IXw9i-0LQMD7CItZ7m5lrmxmHw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:27:2d:2d:30:9a:d2:da:2b:f0:bc:07:5e:77:4c:fa:13:8c: 42:ca:48:e8:e6:37:75:14:cb:b6:d4:b6:5a:be:43:a9:57:a0: b0:6f:6f:17:6f:3b:8c:99:6e:55:c8:90:84:ed:bd:08:f9:c0: c8:60:92:b7:52:73:ec:de:ba:7d:8b:95:c3:05:cc:56:8a:61: 4a:de:73:84:2b:d5:5e:0c:c0:24:d5:4c:af:b0:22:07:ad:9c: 3b:84:d8:f4:ba:30:87:2c:1e:ba:5b:e2:fb:dc:0d:33:03:75: aa:eb:94:bb:cf:9b:3f:db:62:06:08:44:3e:56:b8:a6:6e:44: 86:a9:87:72:f8:bb:b7:ec:bf:81:74:81:7a:96:13:b9:b4:65: ab:1f:01:a0:de:8f:de:a9:16:fe:28:c4:82:91:29:e3:9e:e9: 89:de:db:fb:fd:d6:e0:29:9b:29:3a:1b:34:27:18:48:29:05: d7:ba:2b:12:72:17:95:c6:86:b1:f6:4b:81:98:b8:cc:fc:e1: 94:80:1e:0a:2d:3b:4e:42:f9:d1:17:02:3f:16:a8:f9:ac:6b: 36:74:e6:2d:94:fe:72:21:7e:1f:c6:4b:a0:a7:1e:85:1b:c7: 63:a1:bc:5a:b1:fc:9e:ae:b9:ed:8c:c8:01:56:11:1d:17:ba: b2:33:81:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTJERTQxMTAvBgNVBAUTKDIxN0MzRDhCRUQwQjQwQzBGQjA4OEI1OUVFNkU2NUFF NkM2NjFGMEQwHhcNMjQwNTE5MDI1OTM5WhcNMjQwNTI2MDI1OTM5WjAYMRYwFAYD VQQDEw02NjQ5NmIxYy1jMzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1JlcAllRF31Ul1vnf1hpmFwp5nOgSFeSP4Jy05d3CHHAFXzgmYE1/LPLsuyt H8S1KnNDKQjvlCfGuPW81M0nQlGCFdDJsC23C78ZMwzRx1Tzl0Tj84VLyJLnCy+F 6Z2WCuV3mume/2R9GwIzxu3IIZyAb4/GPjNRbDvQXvCR4QJKfyi7kwkVzXaJ9fB+ 3ZzQZaWOPTqLsv/Nz0r2ABaG/iW0dgjvD1EqAAFiXkg7DMumxgDdzIVSzddTCiNN pYASnhV8U0mJRP1mZJfqI92g5ap68LIIdtexByZGFzN/bmTlXi2LYv4TrovnTcbJ awkStYsDaD0w8syI1Pu3ItSQRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOxKlpd0 Cg81fNglfYD4x4WkWXIHMB8GA1UdIwQYMBaAFCF8PYvtC0DA+wiLWe5uZa5sZh8N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkRFNC80Q0NDQzMzMjc5 MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFNRDdDSXRaN201bHJteG1I dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lYdzlpLTBMUU1EN0NJdFo3bTVscm14bUh3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MkRFNC80Q0NDQzMzMjc5MkExMUVDQjBDNTkxNjJDNEY5QUUwMi9JWHc5aS0wTFFN RDdDSXRaN201bHJteG1IdzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDQJy0tMJrS2ivwvAded0z6E4xCykjo5jd1FMu21LZavkOpV6Cwb28X bzuMmW5VyJCE7b0I+cDIYJK3UnPs3rp9i5XDBcxWimFK3nOEK9VeDMAk1UyvsCIH rZw7hNj0ujCHLB66W+L73A0zA3Wq65S7z5s/22IGCEQ+VrimbkSGqYdy+Lu37L+B dIF6lhO5tGWrHwGg3o/eqRb+KMSCkSnjnumJ3tv7/dbgKZspOhs0JxhIKQXXuisS cheVxoax9kuBmLjM/OGUgB4KLTtOQvnRFwI/Fqj5rGs2dOYtlP5yIX4fxkugpx6F G8djobxasfyerrntjMgBVhEdF7qyM4EB -----END CERTIFICATE-----Generated at Sun May 19 03:48:51 2024 by rpki-client on console-fra.rpki-client.org