$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft File: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft (raw, json) Hash identifier: r+kZgop0ZpGWk2YFws5iV+yor1fxiaI0ZUtpY5uiFSc= Subject key identifier: 87:BC:89:EE:30:BF:8E:48:2A:08:12:65:71:2F:08:A1:C9:D3:92:FC Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Certificate serial: 0406 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft Manifest number: 0401 Signing time: Sun 19 May 2024 02:10:16 +0000 Manifest this update: Sun 19 May 2024 02:10:15 +0000 Manifest next update: Sun 26 May 2024 02:10:15 +0000 Files and hashes: 1: 3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl (hash: elBliNlveqJk/ryRYQtFOFX1D3U8L3iIcqQAt3LN9m0=) 2: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (hash: FY6mKfRkayQzRckcSJnAaWBwktUHix8YTyWPw31OktI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1030 (0x406) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F Validity Not Before: May 19 02:10:15 2024 GMT Not After : May 26 02:10:15 2024 GMT Subject: CN=66495f88-537c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a5:ff:1b:3c:fb:15:82:46:60:cf:02:84:44: 69:fb:c6:dc:68:68:ce:67:48:a0:b2:fe:31:66:de: 92:09:95:06:de:e4:cf:40:6b:39:cb:99:ee:28:74: 62:e4:61:e5:16:3d:30:32:f1:d1:b9:a6:98:55:6a: 19:60:3b:91:b9:fb:4f:3c:f2:ba:6e:12:04:39:dc: 12:2e:27:d6:d0:e3:84:37:bc:48:a5:67:6c:1f:a7: 07:46:17:a6:3c:01:9f:51:b2:88:95:4a:c4:aa:17: 74:cb:fb:f4:28:4c:a4:44:5d:af:ca:73:65:8d:0c: 68:f6:73:54:bc:18:a1:df:2e:d4:0e:ee:4a:c0:6f: 50:73:49:8b:bf:26:e3:43:ab:4c:9b:a5:67:51:69: 0e:5b:a6:a8:a1:f9:58:c3:82:d0:41:f7:76:15:01: 1c:df:c9:b6:ba:02:c7:d7:cd:a2:72:28:e2:01:56: e5:96:72:51:b3:cf:40:00:10:2d:43:a7:19:70:4e: 05:39:e2:92:ea:31:44:00:20:e5:60:96:14:0c:ee: 05:eb:4e:47:dc:3a:60:95:e7:c7:3e:63:b9:d1:f1: a4:92:1b:d3:68:f3:be:48:4b:b0:c9:4f:ed:f3:10: 96:29:0e:88:35:d5:09:98:c1:50:1e:2f:ab:87:a0: c3:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:BC:89:EE:30:BF:8E:48:2A:08:12:65:71:2F:08:A1:C9:D3:92:FC X509v3 Authority Key Identifier: keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:8b:0b:fc:b1:d2:35:54:15:db:68:b6:92:89:51:5e:50:c6: 6c:10:7a:52:13:f8:14:39:7b:b7:d8:7f:96:b2:c6:54:5d:91: f4:a3:9c:ba:16:56:a8:a1:0d:ab:0a:78:bb:a5:4c:30:69:34: 20:70:fe:05:2f:02:e0:f0:01:21:db:56:42:13:9c:2f:61:e4: d9:02:74:29:ea:0f:6f:1f:6d:24:38:ff:0d:7f:54:ea:aa:c2: e7:f3:c8:2c:c9:5d:92:55:9f:fa:49:ec:76:2b:4a:fb:53:1c: 33:de:06:e7:6d:a4:a2:f6:a4:e5:8f:52:07:23:cb:55:7d:e3: e7:d3:df:d9:1f:15:61:ba:5d:2c:e6:2c:f4:25:ea:eb:c3:26: 84:50:f6:81:a2:58:21:25:81:c8:01:41:9d:2f:2c:96:07:0a: e8:5a:5f:5e:c3:9a:f1:5e:72:e3:eb:7a:b2:56:d0:97:18:e9: d6:07:35:d2:be:26:ef:be:8c:79:f5:c2:30:7e:e6:25:d6:c0: 38:b9:65:7b:47:c0:04:40:90:4b:7e:1b:6c:91:3d:f2:04:7a: 1b:b8:cb:5e:46:f1:85:8c:b2:0d:c1:75:17:a9:d2:2e:42:fa: 70:8d:ae:76:81:2f:d4:f8:6e:46:ff:57:c0:cf:58:26:9b:6b: e8:4f:dd:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2 RkREMzE0OEYwHhcNMjQwNTE5MDIxMDE1WhcNMjQwNTI2MDIxMDE1WjAYMRYwFAYD VQQDEw02NjQ5NWY4OC01MzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqKX/Gzz7FYJGYM8ChERp+8bcaGjOZ0igsv4xZt6SCZUG3uTPQGs5y5nuKHRi 5GHlFj0wMvHRuaaYVWoZYDuRuftPPPK6bhIEOdwSLifW0OOEN7xIpWdsH6cHRhem PAGfUbKIlUrEqhd0y/v0KEykRF2vynNljQxo9nNUvBih3y7UDu5KwG9Qc0mLvybj Q6tMm6VnUWkOW6aooflYw4LQQfd2FQEc38m2ugLH182icijiAVbllnJRs89AABAt Q6cZcE4FOeKS6jFEACDlYJYUDO4F605H3DpglefHPmO50fGkkhvTaPO+SEuwyU/t 8xCWKQ6INdUJmMFQHi+rh6DDuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIe8ie4w v45IKggSZXEvCKHJ05L8MB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5 MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUZFNy9GOEI2NTM3NDI5MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40 M2RyenpRNUJxZTl2M1RGSTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuiwv8sdI1VBXbaLaSiVFeUMZsEHpSE/gUOXu32H+WssZUXZH0o5y6 FlaooQ2rCni7pUwwaTQgcP4FLwLg8AEh21ZCE5wvYeTZAnQp6g9vH20kOP8Nf1Tq qsLn88gsyV2SVZ/6Sex2K0r7Uxwz3gbnbaSi9qTlj1IHI8tVfePn09/ZHxVhul0s 5iz0JerrwyaEUPaBolghJYHIAUGdLyyWBwroWl9ew5rxXnLj63qyVtCXGOnWBzXS vibvvox59cIwfuYl1sA4uWV7R8AEQJBLfhtskT3yBHobuMteRvGFjLINwXUXqdIu Qvpwja52gS/U+G5G/1fAz1gmm2voT90W -----END CERTIFICATE-----Generated at Sun May 19 02:59:08 2024 by rpki-client on console-ams.rpki-client.org