$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft File: 3qB5KN5ChJYNLNXo50cChCYLMmY.mft (raw, json) Hash identifier: d7X2NGhqFesipNxfsCVt/+XNtRuv+bil1RkcIlruurg= Subject key identifier: BB:4D:7B:20:F2:80:A7:DC:90:FE:33:14:53:E6:44:F4:6F:6E:DB:0D Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 Certificate issuer: /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Certificate serial: 07C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft Manifest number: 07C0 Signing time: Fri 31 May 2024 22:52:26 +0000 Manifest this update: Fri 31 May 2024 22:52:25 +0000 Manifest next update: Fri 07 Jun 2024 22:52:25 +0000 Files and hashes: 1: 3qB5KN5ChJYNLNXo50cChCYLMmY.crl (hash: qrMDo87t4YOwsMDsIQhHO+aVMoKKFFa5xIHg65xII3I=) 2: BAA356B66F5611EB8862606AC4F9AE02.roa (hash: CsZr+pWgtYtLqk5/8qRVaE/2QfrG8ZBJwM9bVPT7P0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:47:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1988 (0x7c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266 Validity Not Before: May 31 22:52:25 2024 GMT Not After : Jun 7 22:52:25 2024 GMT Subject: CN=665a54aa-e96c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0b:5a:25:28:08:ce:b4:d2:1a:dd:58:2d:6c: 80:f4:2f:83:04:c9:98:7c:a0:24:b3:1e:4d:2d:ec: da:6f:35:da:ec:bf:5d:b7:5c:00:7d:a5:13:05:dc: f1:e0:29:e1:6b:59:62:77:66:ac:47:2d:70:3f:d3: da:46:c5:cd:4c:da:6d:cf:0b:00:af:24:25:92:80: 86:7b:db:60:41:0c:92:7a:43:1f:3e:d4:d5:37:16: 37:68:13:49:0c:b5:9a:4d:c6:69:1b:5b:af:bd:72: 28:25:36:57:0b:82:8d:11:53:ff:af:0f:2e:ae:de: e1:11:2b:5f:08:bc:d6:5d:e0:f5:ce:22:54:66:14: 56:7e:21:2b:14:90:14:02:7e:96:78:c1:fb:48:04: 5a:f4:c9:9e:14:dd:4b:3a:9e:e0:4e:62:a0:39:55: a7:46:d7:38:5e:bb:8e:da:23:b3:16:25:b4:ae:42: 3c:dd:6e:23:38:cb:78:27:d3:09:bf:1b:92:d9:cf: de:76:2b:a4:bb:ad:d2:97:f2:15:ab:c8:01:9f:60: 0f:cf:ac:72:ea:0b:e7:8e:2f:dd:f6:f8:1b:e5:0c: 4d:7a:94:24:b0:89:7c:c2:1d:21:69:8a:e0:e1:50: b3:24:4b:49:62:5e:66:37:4f:cd:51:df:07:0a:69: 09:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:4D:7B:20:F2:80:A7:DC:90:FE:33:14:53:E6:44:F4:6F:6E:DB:0D X509v3 Authority Key Identifier: keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:85:74:b8:cf:ff:f2:5a:98:86:21:14:d0:85:ef:d8:b5:8a: b7:f6:a1:45:ab:7c:99:06:c9:6f:27:08:97:75:32:07:99:2f: 35:39:dd:d0:4d:06:ca:11:0a:92:07:94:90:3f:92:c2:30:e3: 55:84:27:c2:c8:43:cf:d4:a8:a2:95:1a:81:9a:d8:10:1d:70: 63:e8:ce:68:29:7b:af:e9:bc:1c:ba:bb:07:a3:7e:89:f4:91: 41:06:12:a1:de:5c:73:66:c5:8d:c4:34:2b:85:bf:71:c8:28: 6d:27:16:b7:2d:45:70:b2:ad:83:85:b2:2f:b3:a9:8c:1f:2e: 50:fd:a2:b2:1d:ae:38:0e:88:c6:a8:7d:9b:d2:a1:3b:a3:b4: 10:c0:01:51:f2:6e:9c:14:4b:f5:6d:c0:40:47:b9:56:1b:22: ce:a6:e9:d1:ac:52:d5:a7:22:ea:7c:ad:96:31:a4:bf:76:bb: b2:df:2a:10:5f:6a:9b:21:fe:5a:f0:d0:8d:86:a8:f0:ea:5f: 54:e0:18:1d:0f:ed:db:a2:41:22:3b:03:1c:62:0c:da:eb:ff: 69:c1:c4:f0:ff:aa:87:38:1f:61:24:41:71:60:ee:a4:15:4c: 0a:b1:81:8e:0c:a3:79:81:e9:33:8d:8b:5c:d8:dc:89:33:0e: 94:37:c9:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB8QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0 MjYwQjMyNjYwHhcNMjQwNTMxMjI1MjI1WhcNMjQwNjA3MjI1MjI1WjAYMRYwFAYD VQQDEw02NjVhNTRhYS1lOTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQtaJSgIzrTSGt1YLWyA9C+DBMmYfKAksx5NLezabzXa7L9dt1wAfaUTBdzx 4Cnha1lid2asRy1wP9PaRsXNTNptzwsAryQlkoCGe9tgQQySekMfPtTVNxY3aBNJ DLWaTcZpG1uvvXIoJTZXC4KNEVP/rw8urt7hEStfCLzWXeD1ziJUZhRWfiErFJAU An6WeMH7SARa9MmeFN1LOp7gTmKgOVWnRtc4XruO2iOzFiW0rkI83W4jOMt4J9MJ vxuS2c/ediuku63Sl/IVq8gBn2APz6xy6gvnji/d9vgb5QxNepQksIl8wh0haYrg 4VCzJEtJYl5mN0/NUd8HCmkJ7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtNeyDy gKfckP4zFFPmRPRvbtsNMB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUFEMy8wQkM0Rjg0MEMxQjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hK WU5MTlhvNTBjQ2hDWUxNbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWhXS4z//yWpiGIRTQhe/YtYq39qFFq3yZBslvJwiXdTIHmS81Od3Q TQbKEQqSB5SQP5LCMONVhCfCyEPP1KiilRqBmtgQHXBj6M5oKXuv6bwcursHo36J 9JFBBhKh3lxzZsWNxDQrhb9xyChtJxa3LUVwsq2DhbIvs6mMHy5Q/aKyHa44DojG qH2b0qE7o7QQwAFR8m6cFEv1bcBAR7lWGyLOpunRrFLVpyLqfK2WMaS/druy3yoQ X2qbIf5a8NCNhqjw6l9U4BgdD+3bokEiOwMcYgza6/9pwcTw/6qHOB9hJEFxYO6k FUwKsYGODKN5gekzjYtc2NyJMw6UN8kp -----END CERTIFICATE-----Generated at Fri May 31 23:53:06 2024 by rpki-client on console-fra.rpki-client.org