$ rpki-client -vvf rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft File: chHmi1fNzfTtqDzwtGI7dpP2NDo.mft (raw, json) Hash identifier: lDCilat5R13iOLgi3koo0RFWVLXUdN+sOakLyzLETvQ= Subject key identifier: BF:02:C7:40:44:8E:B3:5A:60:BB:F6:29:51:2E:87:0D:39:37:D3:61 Authority key identifier: 72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A Certificate issuer: /CN=A91638DD/serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Certificate serial: D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft Manifest number: D4 Signing time: Sun 19 May 2024 06:08:44 +0000 Manifest this update: Sun 19 May 2024 06:08:44 +0000 Manifest next update: Sun 26 May 2024 06:08:44 +0000 Files and hashes: 1: chHmi1fNzfTtqDzwtGI7dpP2NDo.crl (hash: BUqH1R/t+MKlgjKwQeVnW0syl5z0NiOZekhIQzO4he8=) 2: 3FA4288CD29B11ED88E16742C4F9AE02.roa (hash: H9emNn1+9gPabzvTbS2TTIvL+llCIynh08CxKJhQGvs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91638DD/serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Validity Not Before: May 19 06:08:44 2024 GMT Not After : May 26 06:08:44 2024 GMT Subject: CN=6649976c-b85d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:bd:18:63:8a:51:14:6d:80:1e:8d:f2:e3:49: 18:df:47:dd:6d:5f:d0:06:0d:78:e4:e2:69:76:87: 97:bd:c4:8c:5c:d6:d9:0e:7d:2d:2b:8a:06:f3:25: bb:d5:8f:d4:b0:b0:0c:c3:36:9f:e5:98:74:7b:e8: e5:a5:64:10:d5:dc:54:d1:a9:38:d3:9d:56:0c:6b: 50:0f:64:81:99:db:ab:1b:91:f1:94:9f:88:88:7a: 9a:4b:7a:16:e3:48:7a:f0:4a:1c:8a:61:80:d7:76: fe:c4:61:61:74:ee:96:73:cc:19:7e:c2:98:35:7c: 7f:90:27:2e:81:9a:dd:e7:ec:1f:5f:c5:72:45:5d: 53:7f:90:c1:07:ef:77:c0:72:bf:95:db:65:32:4f: 02:b3:a7:95:f2:83:34:76:aa:25:3e:ac:0c:4d:1e: 45:e1:85:59:90:92:4d:04:e2:c2:19:d8:7f:72:42: 54:c4:90:02:09:08:c5:76:a2:83:d8:c5:ce:86:85: b3:6f:7e:95:8d:3e:b5:40:69:8c:e4:11:31:97:82: 2b:e4:17:53:5b:e4:0d:51:40:08:f4:24:81:65:f6: 8a:71:ad:01:63:5c:19:eb:bd:ca:46:4e:57:cf:77: 91:d0:f8:9a:7f:98:69:4a:10:cb:c7:87:21:ad:ef: bc:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:02:C7:40:44:8E:B3:5A:60:BB:F6:29:51:2E:87:0D:39:37:D3:61 X509v3 Authority Key Identifier: keyid:72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:4a:1a:dc:02:36:e5:45:1e:e8:8f:a3:1d:8e:bc:50:04:02: 51:8c:be:0b:0a:e1:47:b9:4b:fa:04:8b:ef:a1:c1:9a:e3:44: 7d:b6:08:59:73:17:7e:30:e9:56:d6:df:9f:68:47:4d:ee:02: 03:5c:33:09:26:28:0d:43:c0:88:b4:a6:43:3f:cc:93:6f:5f: 46:a2:d2:02:f4:0c:dd:64:e3:21:19:d4:da:fc:ab:e2:b7:54: a8:5d:7c:f1:3f:dc:06:f5:45:34:1b:a3:8d:ca:d5:32:50:cd: 4b:01:8a:94:37:b1:0b:b8:0a:32:03:74:54:1a:d3:e1:b5:be: 30:d3:cb:ff:77:56:38:92:1c:80:4e:6a:80:cc:1a:61:99:ef: 9f:56:e5:71:2d:9b:65:38:73:44:57:a5:ec:e9:99:a1:7f:4e: 78:d0:c3:3a:e1:f8:ad:f8:c4:71:39:4f:6a:b6:7f:46:5e:cd: 8b:99:5f:9f:53:31:a1:68:17:7c:2b:30:75:fa:fb:c4:eb:0d: 45:0b:15:87:cb:18:b7:0b:4c:2e:76:57:fe:43:75:30:8d:a8: 84:7a:b6:77:a2:97:58:13:ab:9d:a9:2a:4e:7e:49:02:87:86: a1:ac:71:d6:f2:4e:78:ea:14:c5:2c:c2:f0:d4:2f:31:23:3c: cc:b1:07:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4REQxMTAvBgNVBAUTKDcyMTFFNjhCNTdDRENERjRFREE4M0NGMEI0NjIzQjc2 OTNGNjM0M0EwHhcNMjQwNTE5MDYwODQ0WhcNMjQwNTI2MDYwODQ0WjAYMRYwFAYD VQQDEw02NjQ5OTc2Yy1iODVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6b0YY4pRFG2AHo3y40kY30fdbV/QBg145OJpdoeXvcSMXNbZDn0tK4oG8yW7 1Y/UsLAMwzaf5Zh0e+jlpWQQ1dxU0ak4051WDGtQD2SBmdurG5HxlJ+IiHqaS3oW 40h68EocimGA13b+xGFhdO6Wc8wZfsKYNXx/kCcugZrd5+wfX8VyRV1Tf5DBB+93 wHK/ldtlMk8Cs6eV8oM0dqolPqwMTR5F4YVZkJJNBOLCGdh/ckJUxJACCQjFdqKD 2MXOhoWzb36VjT61QGmM5BExl4Ir5BdTW+QNUUAI9CSBZfaKca0BY1wZ673KRk5X z3eR0Piaf5hpShDLx4chre+8hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL8Cx0BE jrNaYLv2KVEuhw05N9NhMB8GA1UdIwQYMBaAFHIR5otXzc307ag88LRiO3aT9jQ6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzhERC9DODg3MENBRUQy OTcxMUVEQjA4NThCM0RDNEY5QUUwMi9jaEhtaTFmTnpmVHRxRHp3dEdJN2RwUDJO RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NoSG1pMWZOemZUdHFEend0R0k3ZHBQMk5Eby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzhERC9DODg3MENBRUQyOTcxMUVEQjA4NThCM0RDNEY5QUUwMi9jaEhtaTFmTnpm VHRxRHp3dEdJN2RwUDJORG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIShrcAjblRR7oj6MdjrxQBAJRjL4LCuFHuUv6BIvvocGa40R9tghZ cxd+MOlW1t+faEdN7gIDXDMJJigNQ8CItKZDP8yTb19GotIC9AzdZOMhGdTa/Kvi t1SoXXzxP9wG9UU0G6ONytUyUM1LAYqUN7ELuAoyA3RUGtPhtb4w08v/d1Y4khyA TmqAzBphme+fVuVxLZtlOHNEV6Xs6Zmhf0540MM64fit+MRxOU9qtn9GXs2LmV+f UzGhaBd8KzB1+vvE6w1FCxWHyxi3C0wudlf+Q3UwjaiEerZ3opdYE6udqSpOfkkC h4ahrHHW8k546hTFLMLw1C8xIzzMsQcE -----END CERTIFICATE-----Generated at Sun May 19 07:40:39 2024 by rpki-client on console-fra.rpki-client.org