$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft File: 3Bh_yEFs5bNHuvIho2E6O0eCjog.mft (raw, json) Hash identifier: mJB6oRh2WpZtAAKGyWYO9B8qnwiPsfu3YrWhehL8Cqg= Subject key identifier: 64:A4:8C:81:3B:4B:21:A7:A2:AB:5B:61:77:4A:77:09:E1:8D:9A:A5 Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 Certificate issuer: /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Certificate serial: 0E21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft Manifest number: 0E17 Signing time: Sat 18 May 2024 18:26:58 +0000 Manifest this update: Sat 18 May 2024 18:26:58 +0000 Manifest next update: Sat 25 May 2024 18:26:58 +0000 Files and hashes: 1: 3Bh_yEFs5bNHuvIho2E6O0eCjog.crl (hash: zMV5xI6zYMgpKtK54XiRL7s/H1zKBLZVqN3tGydtVfM=) 2: 085B4576C35711EC9F5ADC3DC4F9AE02.roa (hash: v1Ba+Dx/m0o5iz7dK5ZgVsjTFmAFod/jHx2lygIztGk=) 3: 0963FDF0C35711EC9F5ADC3DC4F9AE02.roa (hash: Tom70YCu/S7Tv4KcqktThCfx1aOcqXCVZ/HT5qZpYsc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3617 (0xe21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88 Validity Not Before: May 18 18:26:58 2024 GMT Not After : May 25 18:26:58 2024 GMT Subject: CN=6648f2f2-eb62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:cc:f6:e1:bf:f6:71:f5:e3:12:1a:9f:79:15: 28:63:15:06:6d:b4:ce:4a:db:bc:45:e7:40:3b:dd: 6a:ca:2e:3d:a5:45:a6:35:ba:7c:cb:b9:dc:a2:f9: cf:4f:cb:a7:c6:d4:dc:e0:d4:b7:fa:b1:46:fd:a3: ba:89:79:d6:a0:78:1c:60:f5:26:40:3d:56:f7:55: 4d:62:9d:a9:66:af:43:da:b8:a0:26:b5:1e:ea:e0: b7:8d:49:69:04:4e:54:b9:f5:ad:ad:61:46:29:20: d6:c8:91:9d:ac:18:10:b1:4d:70:88:49:c3:e0:ff: b7:b8:19:0b:65:96:e4:25:6e:28:9d:a2:d0:d8:39: c0:b8:66:37:62:c9:8b:2e:89:9a:76:6f:9b:5f:26: 86:51:f5:83:8c:e0:f0:dd:f5:3c:14:cd:24:8f:44: 3c:1c:8a:19:3a:13:dd:dd:08:7e:c7:df:92:c3:5f: a8:7d:54:18:0f:99:64:d9:8c:61:a4:cf:10:a6:0a: a0:1a:d2:82:3c:b8:d1:38:26:5e:bf:04:5d:18:cf: 0a:1f:b1:7d:d7:a0:b3:f1:e4:c7:c2:e3:10:2e:ec: 71:02:26:aa:57:4e:73:d7:05:56:bf:cb:e6:a2:dc: 69:13:82:b9:55:e0:80:fd:d6:82:1c:33:88:97:74: ea:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:A4:8C:81:3B:4B:21:A7:A2:AB:5B:61:77:4A:77:09:E1:8D:9A:A5 X509v3 Authority Key Identifier: keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:6e:12:f1:d5:34:59:82:7a:77:b3:32:9d:b7:e5:d0:09:c9: 85:c2:70:54:d5:a3:9b:6e:1e:f3:f5:ee:bb:23:ff:4b:c1:a0: 87:1a:da:9b:b5:f7:76:14:91:54:f5:e7:54:f8:2f:91:68:1a: 17:54:18:9c:32:bc:ea:f8:6d:c4:34:26:57:5a:94:85:df:b4: d2:4e:4f:fa:4a:7f:7c:7b:dd:61:cc:36:48:35:74:70:b2:66: 62:37:29:4c:4a:79:07:8d:d2:d6:59:48:ec:c2:6d:91:7c:bf: f1:68:22:c9:69:31:07:2d:79:a8:6d:d6:9c:5b:ae:b5:18:5c: 50:18:7b:d9:81:28:f6:59:68:69:0c:ad:fc:2a:e2:62:20:f2: e8:ac:15:2e:9f:01:b5:9c:08:9a:4d:a3:b5:4c:d3:e0:a5:c2: 53:ce:a7:20:ef:ef:91:91:46:75:e7:28:b0:6d:85:5b:fc:e8: 8f:ff:ef:c2:d4:2e:0b:04:c9:7d:44:00:61:57:38:26:f8:04: 9b:87:bf:8c:50:7e:1e:9d:e8:11:56:41:86:98:a0:e2:be:79: 02:d2:09:49:25:5a:51:0e:bd:02:ad:74:b2:2d:24:f9:d5:9c: 26:05:35:19:d0:af:aa:97:80:6d:3b:74:e2:ee:e8:25:66:c1: 4b:1a:d6:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC NDc4MjhFODgwHhcNMjQwNTE4MTgyNjU4WhcNMjQwNTI1MTgyNjU4WjAYMRYwFAYD VQQDEw02NjQ4ZjJmMi1lYjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2sz24b/2cfXjEhqfeRUoYxUGbbTOStu8RedAO91qyi49pUWmNbp8y7ncovnP T8unxtTc4NS3+rFG/aO6iXnWoHgcYPUmQD1W91VNYp2pZq9D2rigJrUe6uC3jUlp BE5UufWtrWFGKSDWyJGdrBgQsU1wiEnD4P+3uBkLZZbkJW4onaLQ2DnAuGY3YsmL Lomadm+bXyaGUfWDjODw3fU8FM0kj0Q8HIoZOhPd3Qh+x9+Sw1+ofVQYD5lk2Yxh pM8QpgqgGtKCPLjROCZevwRdGM8KH7F916Cz8eTHwuMQLuxxAiaqV05z1wVWv8vm otxpE4K5VeCA/daCHDOIl3TqRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGSkjIE7 SyGnoqtbYXdKdwnhjZqlMB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTdEMS85QTlCNDhBMjgyQTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczVi Tkh1dklobzJFNk8wZUNqb2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsbhLx1TRZgnp3szKdt+XQCcmFwnBU1aObbh7z9e67I/9LwaCHGtqb tfd2FJFU9edU+C+RaBoXVBicMrzq+G3ENCZXWpSF37TSTk/6Sn98e91hzDZINXRw smZiNylMSnkHjdLWWUjswm2RfL/xaCLJaTEHLXmobdacW661GFxQGHvZgSj2WWhp DK38KuJiIPLorBUunwG1nAiaTaO1TNPgpcJTzqcg7++RkUZ15yiwbYVb/OiP/+/C 1C4LBMl9RABhVzgm+ASbh7+MUH4enegRVkGGmKDivnkC0glJJVpRDr0CrXSyLST5 1ZwmBTUZ0K+ql4BtO3Ti7uglZsFLGta2 -----END CERTIFICATE-----Generated at Sat May 18 19:15:25 2024 by rpki-client on console-ams.rpki-client.org