$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: 67/E6QyMc+pgWx6WpCelqhpYcYFxcW4kCKwKjE/x84g= Subject key identifier: E3:4D:2C:CE:08:6E:FE:94:F9:07:0F:14:9C:69:AF:37:E8:46:CD:84 Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 9B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 99 Signing time: Wed 29 May 2024 07:32:09 +0000 Manifest this update: Wed 29 May 2024 07:32:08 +0000 Manifest next update: Wed 05 Jun 2024 07:32:08 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: fUbbSW1rDu5qyh9lGZeUTOqUGfBjrLSmN5lZLZ2Vk0E=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: z6BHSk4cb9I8/kB9JR0TRRNQXU/qOZQ+pN/Lst+leW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 07:32:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: May 29 07:32:08 2024 GMT Not After : Jun 5 07:32:08 2024 GMT Subject: CN=6656d9f8-7253 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:3b:52:ad:ea:a3:62:41:16:c1:d2:8f:f7:b2: b4:8c:00:86:e2:f5:b1:f9:87:be:0a:85:cb:4f:16: 05:79:54:4e:40:60:6e:48:fc:c2:09:f0:be:57:5a: 99:98:91:28:71:c9:ba:cd:75:25:6b:b1:cd:90:67: 23:97:1c:db:a8:b2:27:7f:b6:21:3a:ba:55:33:bd: a0:e8:bf:1c:a6:80:db:73:ef:d5:17:9b:d7:2e:34: cd:20:1f:1b:f0:68:3c:74:fd:ed:e7:da:e5:71:25: 48:ca:e1:4e:ea:21:0d:0e:72:3e:43:82:65:ac:a9: c3:e2:c6:15:70:1a:35:92:1f:3e:02:17:a5:48:cf: 20:7e:0f:d1:1e:dd:8d:20:8b:60:6b:12:cb:10:19: 70:e2:26:32:31:7a:45:2e:b1:5f:a6:5f:12:a0:b7: f9:46:65:0a:f1:24:fc:73:a5:5f:f0:5f:29:b3:16: 70:6f:65:ed:4b:38:9f:00:04:b1:5c:b5:b1:11:79: 07:08:68:34:10:28:b5:a3:b6:be:1b:34:97:d1:a8: 11:a7:81:79:58:15:df:fd:0e:d4:50:d7:68:78:48: de:a5:5c:f1:9a:c3:bd:27:e0:d2:ea:b9:65:ae:9d: 6e:3f:6c:32:63:ca:b9:e9:17:dd:36:bb:4d:99:0b: 46:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:4D:2C:CE:08:6E:FE:94:F9:07:0F:14:9C:69:AF:37:E8:46:CD:84 X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:5d:0b:b8:9c:08:bc:76:c5:c6:37:a0:44:51:a1:3a:63:b6: 6a:27:db:10:85:f8:28:15:66:bb:ae:87:d8:77:25:64:65:c0: 7a:ae:f2:78:83:98:16:69:5a:ad:db:55:94:48:0f:d9:d1:d1: 8a:b9:6d:bc:f8:85:82:2e:87:35:c3:b4:95:14:e7:4e:93:91: 66:38:4b:3b:d6:1c:39:12:a5:4a:51:8c:8a:c0:aa:79:36:9c: f1:74:fa:94:c9:fe:fe:9a:a4:2d:55:79:ad:16:cf:bc:62:02: fc:e7:a2:cb:e1:d1:a1:cf:2b:a8:c6:8d:fa:9e:c7:fa:cb:4f: 0f:52:cb:6f:be:a6:5e:c7:c5:d7:1f:e9:a7:2c:0e:cf:b3:69: ff:00:84:24:ea:dc:6a:8a:ae:98:c3:42:f8:16:10:99:b3:f6: 17:b8:a3:4b:fe:b5:06:20:eb:f5:c7:75:b9:33:0d:b6:50:b0: 40:6e:38:96:94:eb:f3:da:76:e5:d9:66:90:e5:a9:96:bc:9d: a2:fa:4a:ab:be:b2:2a:08:4c:90:f8:22:12:86:30:32:b5:3c: 78:18:7d:b6:ee:79:16:db:06:b6:56:52:b9:3b:bd:c9:a5:d0: 9c:cc:64:12:38:a6:2d:c5:19:e6:79:55:4f:35:df:f7:40:ed: 45:ad:0c:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjQwNTI5MDczMjA4WhcNMjQwNjA1MDczMjA4WjAYMRYwFAYD VQQDEw02NjU2ZDlmOC03MjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8ztSreqjYkEWwdKP97K0jACG4vWx+Ye+CoXLTxYFeVROQGBuSPzCCfC+V1qZ mJEoccm6zXUla7HNkGcjlxzbqLInf7YhOrpVM72g6L8cpoDbc+/VF5vXLjTNIB8b 8Gg8dP3t59rlcSVIyuFO6iENDnI+Q4JlrKnD4sYVcBo1kh8+AhelSM8gfg/RHt2N IItgaxLLEBlw4iYyMXpFLrFfpl8SoLf5RmUK8ST8c6Vf8F8psxZwb2XtSzifAASx XLWxEXkHCGg0ECi1o7a+GzSX0agRp4F5WBXf/Q7UUNdoeEjepVzxmsO9J+DS6rll rp1uP2wyY8q56RfdNrtNmQtG+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFONNLM4I bv6U+QcPFJxprzfoRs2EMB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8XQu4nAi8dsXGN6BEUaE6Y7ZqJ9sQhfgoFWa7rofYdyVkZcB6rvJ4 g5gWaVqt21WUSA/Z0dGKuW28+IWCLoc1w7SVFOdOk5FmOEs71hw5EqVKUYyKwKp5 NpzxdPqUyf7+mqQtVXmtFs+8YgL856LL4dGhzyuoxo36nsf6y08PUstvvqZex8XX H+mnLA7Ps2n/AIQk6txqiq6Yw0L4FhCZs/YXuKNL/rUGIOv1x3W5Mw22ULBAbjiW lOvz2nbl2WaQ5amWvJ2i+kqrvrIqCEyQ+CIShjAytTx4GH227nkW2wa2VlK5O73J pdCczGQSOKYtxRnmeVVPNd/3QO1FrQzq -----END CERTIFICATE-----Generated at Wed May 29 10:43:12 2024 by rpki-client on console-ams.rpki-client.org