$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: fVTBmuz2oxjTZ4gBtRat2kxPXOlZDFlVKXxlfvn7tiI= Subject key identifier: 41:54:38:4E:7D:D3:55:53:1A:9A:E2:CA:FD:E4:02:C1:D1:5D:41:41 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0B5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0B57 Signing time: Fri 31 May 2024 20:19:26 +0000 Manifest this update: Fri 31 May 2024 20:19:26 +0000 Manifest next update: Fri 07 Jun 2024 20:19:26 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: +cDBgmnqw9/gBPmNZ+BXyjdraGclKnIH2Y8CXjh9Lq8=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: QnaXqRyBh4Qnci0+WizYUQ4GGI9IZFu6dzUsuQyZvYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:19:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2909 (0xb5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: May 31 20:19:26 2024 GMT Not After : Jun 7 20:19:26 2024 GMT Subject: CN=665a30ce-472e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:98:f7:4f:cc:ae:97:88:a8:56:7c:4b:4a:21: 53:9a:9a:a9:21:d5:64:a6:bf:03:d1:86:62:38:77: f1:66:b1:6c:42:a9:5f:99:6c:e0:90:fe:a4:2f:02: 43:ef:0b:7b:f9:1e:ad:57:ad:5d:94:5f:97:11:c9: 3f:82:2e:9b:bf:f0:08:0d:13:6c:f6:09:5c:a5:88: 34:e1:df:7b:21:e8:c1:6b:61:3a:c9:75:b0:10:ce: 4f:6b:71:bb:52:08:e5:ef:f1:cb:da:cb:4a:7d:65: 55:19:cc:84:57:6f:33:45:fb:e1:2f:7c:84:3b:d9: 70:59:18:e3:f5:83:ab:92:8c:78:f6:d3:ca:b8:bc: b7:a8:ba:b4:f6:75:23:08:57:15:82:d5:c4:6b:0a: 7d:b2:38:25:c1:93:b0:67:15:ad:9a:5e:ed:fe:28: f6:0d:86:ae:52:51:d4:92:f5:63:de:08:4b:c7:be: 94:32:7a:c7:46:fb:8d:09:d8:60:9d:89:2f:9f:02: a5:31:a3:72:e0:e9:87:72:fc:6c:9d:6a:61:8e:1e: f4:fe:f8:a5:fa:ef:25:d3:f6:9f:84:6c:99:6f:89: 5c:25:4c:09:63:47:54:e4:81:21:50:6c:fe:26:33: 10:f8:5a:df:cc:71:1e:78:89:5a:3c:4e:1a:2d:03: 94:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:54:38:4E:7D:D3:55:53:1A:9A:E2:CA:FD:E4:02:C1:D1:5D:41:41 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:8c:32:96:c7:be:d0:b1:d0:d7:95:ed:8c:7f:5f:eb:fc:03: 68:72:d6:a4:80:25:e2:64:62:28:dc:54:49:02:8f:77:12:ae: 09:ee:ef:af:06:ee:4e:a4:a8:ec:62:b1:70:55:e9:38:4b:f4: d4:b2:8e:a5:c5:9d:ea:13:6f:6d:ac:62:68:3d:cf:05:0d:16: 45:61:67:be:d0:ff:97:db:e3:d8:87:1e:bf:a1:2a:5f:e6:a7: e0:f3:9f:d4:f2:3d:34:fc:12:6e:5f:5f:a5:a8:3a:3f:e5:a5: 2b:56:4c:cc:58:61:a5:f3:fe:88:fd:9c:89:e9:87:5c:a8:54: 59:4e:67:98:5f:8b:b3:a5:21:ab:d9:96:bb:fd:45:76:8a:3e: 09:cc:70:68:9e:5f:16:1c:9c:a4:5b:49:db:14:86:5a:c7:a4: 94:85:e8:ca:68:d3:ed:b1:c0:97:89:82:63:b7:e5:5c:75:c8: 75:d9:0b:0b:72:85:d8:13:6f:fd:07:f3:dd:04:30:ee:26:f8: e7:f8:92:11:c3:34:03:d5:36:44:ec:fc:40:3f:34:19:9d:19: 7a:d7:17:49:f1:2f:56:7d:27:b6:bf:f3:85:65:d1:fd:4c:68: 9f:94:6d:65:f8:f2:22:ec:0e:65:38:fa:a1:3d:2f:aa:c7:89: 66:34:6c:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC10wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjQwNTMxMjAxOTI2WhcNMjQwNjA3MjAxOTI2WjAYMRYwFAYD VQQDEw02NjVhMzBjZS00NzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqpj3T8yul4ioVnxLSiFTmpqpIdVkpr8D0YZiOHfxZrFsQqlfmWzgkP6kLwJD 7wt7+R6tV61dlF+XEck/gi6bv/AIDRNs9glcpYg04d97IejBa2E6yXWwEM5Pa3G7 Ugjl7/HL2stKfWVVGcyEV28zRfvhL3yEO9lwWRjj9YOrkox49tPKuLy3qLq09nUj CFcVgtXEawp9sjglwZOwZxWtml7t/ij2DYauUlHUkvVj3ghLx76UMnrHRvuNCdhg nYkvnwKlMaNy4OmHcvxsnWphjh70/vil+u8l0/afhGyZb4lcJUwJY0dU5IEhUGz+ JjMQ+FrfzHEeeIlaPE4aLQOU1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEFUOE59 01VTGpriyv3kAsHRXUFBMB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBajDKWx77QsdDXle2Mf1/r/ANoctakgCXiZGIo3FRJAo93Eq4J7u+v Bu5OpKjsYrFwVek4S/TUso6lxZ3qE29trGJoPc8FDRZFYWe+0P+X2+PYhx6/oSpf 5qfg85/U8j00/BJuX1+lqDo/5aUrVkzMWGGl8/6I/ZyJ6YdcqFRZTmeYX4uzpSGr 2Za7/UV2ij4JzHBonl8WHJykW0nbFIZax6SUhejKaNPtscCXiYJjt+Vcdch12QsL coXYE2/9B/PdBDDuJvjn+JIRwzQD1TZE7PxAPzQZnRl61xdJ8S9WfSe2v/OFZdH9 TGiflG1l+PIi7A5lOPqhPS+qx4lmNGyy -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:19 2024 by rpki-client on console-ams.rpki-client.org