$ rpki-client -vvf rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft File: S3IqOmeTvzLJvPUuTncuCm86Yxk.mft (raw, json) Hash identifier: uV+ClSyo5xuAYexnYHlfyzW+PuaHhG2VyNMoMAOs/A8= Subject key identifier: 9B:4B:6C:7F:D3:86:56:2E:55:8F:7B:7C:03:AE:6A:71:1E:50:8E:C2 Authority key identifier: 4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 Certificate issuer: /CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft Manifest number: A3 Signing time: Sun 19 May 2024 06:42:57 +0000 Manifest this update: Sun 19 May 2024 06:42:56 +0000 Manifest next update: Sun 26 May 2024 06:42:56 +0000 Files and hashes: 1: S3IqOmeTvzLJvPUuTncuCm86Yxk.crl (hash: KW1hrJjQPue7HruH3RkY4GIKKp/3d6bW1OTqbteR9i8=) 2: E3901F981BD711EEB9597921C4F9AE02.roa (hash: WAkCaN8gPES1r0aKIa9bLRXktTida+w4l1rKNkY5dRk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A67E/serialNumber=4B722A3A6793BF32C9BCF52E4E772E0A6F3A6319 Validity Not Before: May 19 06:42:56 2024 GMT Not After : May 26 06:42:56 2024 GMT Subject: CN=66499f70-e426 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:87:4f:96:b2:af:4f:ee:18:b0:36:0d:0b:ba: 7b:7d:20:49:97:6a:8b:02:49:47:52:7b:35:b4:4b: 30:fc:ba:50:6c:17:a5:ee:38:e3:30:ed:9e:e5:45: 66:71:0d:5c:b0:7e:d4:f0:1c:19:34:1a:76:56:1a: 9e:74:52:2a:99:7b:e5:24:ee:bc:f1:44:2f:5a:4d: 96:bd:62:db:75:c4:cc:78:ca:60:24:50:c3:16:c2: 27:25:03:9f:0e:c9:16:b8:90:86:ee:11:49:49:14: ed:c9:de:d6:07:7f:b3:2f:21:b9:a5:40:55:c4:d2: 57:87:00:f0:96:6b:65:f2:d5:77:92:74:0c:d9:ab: ed:24:7a:ba:34:88:66:75:d5:d1:2f:2e:a2:bb:46: e4:e0:0e:6a:a5:96:12:f4:e8:9a:5e:f7:3d:46:c6: c2:8a:34:41:bd:fa:73:3c:58:a9:f5:f4:e6:a8:43: 53:31:ce:08:03:2a:5f:a5:44:f7:34:8d:bc:ba:3d: ac:51:0a:6f:8c:58:1b:68:da:e4:59:99:c1:b8:a5: 8f:7a:a8:cb:c2:15:52:da:14:e3:a3:be:43:30:cc: 78:47:cd:2d:73:08:a0:ba:e8:dd:ca:61:db:46:fc: 0a:df:94:9f:0a:e0:f4:72:34:1f:6c:9e:8c:40:9a: df:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:4B:6C:7F:D3:86:56:2E:55:8F:7B:7C:03:AE:6A:71:1E:50:8E:C2 X509v3 Authority Key Identifier: keyid:4B:72:2A:3A:67:93:BF:32:C9:BC:F5:2E:4E:77:2E:0A:6F:3A:63:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3IqOmeTvzLJvPUuTncuCm86Yxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A67E/67B4CB841BD311EE965FEF38C4F9AE02/S3IqOmeTvzLJvPUuTncuCm86Yxk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:e8:23:59:8f:48:28:9d:bd:3b:fb:7a:b0:1f:17:47:15:06: a4:4c:82:45:1c:60:21:71:90:9e:e2:4f:9a:12:fa:3a:93:4a: 0a:f6:26:b6:eb:1a:eb:47:80:1a:24:9e:15:1b:01:f4:b3:1b: 57:03:a0:e5:a8:56:0e:91:85:29:41:80:9b:f2:d7:2c:8f:1a: e3:78:86:e3:dc:ce:ad:25:d0:e4:11:b9:69:f6:11:1d:fc:c1: 8d:63:2d:99:3c:ed:73:c7:0c:d4:95:db:df:3c:95:26:b1:99: 90:40:a5:9a:86:e8:45:d5:7a:65:49:f7:b7:81:22:a8:7d:b2: 47:a6:1c:dd:08:8d:d4:6b:fa:ad:a6:aa:f1:98:3f:c2:fb:38: 14:69:21:21:fe:ac:e4:58:8e:83:35:f3:49:ab:eb:89:39:0d: 71:39:d2:75:9d:c9:45:9e:c5:20:06:d9:b1:8c:82:62:e5:67: fc:8e:83:81:ce:3b:27:d1:ba:2c:39:1f:0f:9e:8e:59:38:70: 0e:cd:52:b1:00:d3:64:99:5f:57:d6:c1:8c:60:43:58:2d:e7: cf:6e:d0:1c:8e:51:02:39:72:73:de:b9:03:67:54:25:5f:df: bb:d3:2c:96:e3:8c:59:2a:46:42:31:f9:ca:e2:7a:23:21:59: f6:1c:ba:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E2N0UxMTAvBgNVBAUTKDRCNzIyQTNBNjc5M0JGMzJDOUJDRjUyRTRFNzcyRTBB NkYzQTYzMTkwHhcNMjQwNTE5MDY0MjU2WhcNMjQwNTI2MDY0MjU2WjAYMRYwFAYD VQQDEw02NjQ5OWY3MC1lNDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwYdPlrKvT+4YsDYNC7p7fSBJl2qLAklHUns1tEsw/LpQbBel7jjjMO2e5UVm cQ1csH7U8BwZNBp2VhqedFIqmXvlJO688UQvWk2WvWLbdcTMeMpgJFDDFsInJQOf DskWuJCG7hFJSRTtyd7WB3+zLyG5pUBVxNJXhwDwlmtl8tV3knQM2avtJHq6NIhm ddXRLy6iu0bk4A5qpZYS9OiaXvc9RsbCijRBvfpzPFip9fTmqENTMc4IAypfpUT3 NI28uj2sUQpvjFgbaNrkWZnBuKWPeqjLwhVS2hTjo75DMMx4R80tcwiguujdymHb RvwK35SfCuD0cjQfbJ6MQJrfKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtLbH/T hlYuVY97fAOuanEeUI7CMB8GA1UdIwQYMBaAFEtyKjpnk78yybz1Lk53LgpvOmMZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTY3RS82N0I0Q0I4NDFC RDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6TEp2UFV1VG5jdUNtODZZ eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzSXFPbWVUdnpMSnZQVXVUbmN1Q204Nll4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTY3RS82N0I0Q0I4NDFCRDMxMUVFOTY1RkVGMzhDNEY5QUUwMi9TM0lxT21lVHZ6 TEp2UFV1VG5jdUNtODZZeGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBj6CNZj0gonb07+3qwHxdHFQakTIJFHGAhcZCe4k+aEvo6k0oK9ia2 6xrrR4AaJJ4VGwH0sxtXA6DlqFYOkYUpQYCb8tcsjxrjeIbj3M6tJdDkEblp9hEd /MGNYy2ZPO1zxwzUldvfPJUmsZmQQKWahuhF1XplSfe3gSKofbJHphzdCI3Ua/qt pqrxmD/C+zgUaSEh/qzkWI6DNfNJq+uJOQ1xOdJ1nclFnsUgBtmxjIJi5Wf8joOB zjsn0bosOR8Pno5ZOHAOzVKxANNkmV9X1sGMYENYLefPbtAcjlECOXJz3rkDZ1Ql X9+70yyW44xZKkZCMfnK4nojIVn2HLpI -----END CERTIFICATE-----Generated at Sun May 19 08:25:02 2024 by rpki-client on console-ams.rpki-client.org