$ rpki-client -vvf rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft File: ofrVQukeAX0lfVGxT_XDW4lCnvU.mft (raw, json) Hash identifier: pzWjZPB/+5osv1yePUFXGRTMWHWh1166QL9xJyYzbM8= Subject key identifier: C9:E2:B5:2D:C5:DD:EE:5F:0F:CF:E2:C7:3D:DF:F6:E4:09:C5:C7:E8 Authority key identifier: A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 Certificate issuer: /CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Certificate serial: 40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft Manifest number: 40 Signing time: Sun 19 May 2024 08:07:51 +0000 Manifest this update: Sun 19 May 2024 08:07:51 +0000 Manifest next update: Sun 26 May 2024 08:07:51 +0000 Files and hashes: 1: ofrVQukeAX0lfVGxT_XDW4lCnvU.crl (hash: kgzoDn31R+BIWK5yzQUoe1hfS3+zTds7HPBJjW06A3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918377D/serialNumber=A1FAD542E91E017D257D51B14FF5C35B89429EF5 Validity Not Before: May 19 08:07:51 2024 GMT Not After : May 26 08:07:51 2024 GMT Subject: CN=6649b357-377e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:fb:3f:42:79:2d:25:cb:5e:06:24:7b:07:bc: e9:7d:b8:01:7e:de:ed:39:b6:c1:14:72:14:1f:d1: ff:86:23:d3:a3:6f:25:53:b9:0d:1f:02:1d:5b:27: b2:cf:92:aa:43:06:5e:2b:e9:78:a6:a1:44:42:48: bf:4a:25:03:07:49:d6:31:66:bc:ec:0a:d3:50:20: 6e:f0:63:c1:10:41:5e:4e:6f:d5:a9:dc:14:81:17: c1:98:80:6d:d0:12:b4:27:6b:00:a5:70:3f:d2:29: 25:b4:e0:b0:25:2b:97:83:db:6c:34:50:c7:04:34: cd:1b:4c:90:b4:2b:8c:32:53:72:fa:a8:c7:b7:fa: a6:83:a4:c8:0b:7c:03:61:4b:62:fc:0f:9d:fe:7f: de:14:b7:97:16:05:06:be:6a:a8:f1:16:aa:66:5e: f8:e8:ad:2f:dc:25:d5:23:b1:96:2f:13:4e:59:9f: 32:0b:8e:75:84:49:4c:76:99:53:20:12:ac:da:22: 27:2e:f0:36:99:ff:a6:a5:89:45:a9:6b:ff:5f:2c: ee:58:0b:b8:54:90:ee:a0:85:33:36:bb:52:75:71: f3:78:72:9e:10:10:f0:46:87:b4:91:49:4b:e6:32: b4:45:28:fc:8b:9f:b5:73:7d:62:a4:97:8a:a9:a8: 0b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E2:B5:2D:C5:DD:EE:5F:0F:CF:E2:C7:3D:DF:F6:E4:09:C5:C7:E8 X509v3 Authority Key Identifier: keyid:A1:FA:D5:42:E9:1E:01:7D:25:7D:51:B1:4F:F5:C3:5B:89:42:9E:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ofrVQukeAX0lfVGxT_XDW4lCnvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918377D/9F7C8152B4B111EEB0ADE352C4F9AE02/ofrVQukeAX0lfVGxT_XDW4lCnvU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:7a:c4:23:d0:45:2b:db:16:d7:f6:7d:6d:8d:86:4a:b2:7d: 18:6c:5b:4b:03:e7:29:24:07:bc:ee:07:e5:d5:65:a1:9a:f1: 75:45:9c:bd:5d:e5:d6:db:bd:de:ca:f8:1e:bd:70:c2:75:a2: d2:97:7e:97:a6:ee:95:54:30:0f:f5:a4:75:7c:ff:38:be:51: a1:de:52:98:d9:57:8d:3f:6b:96:12:38:71:5e:8e:05:c8:c7: eb:49:22:65:ce:0c:af:04:05:ab:cc:c7:7a:73:65:64:e1:45: b2:bf:29:f8:6e:0b:5c:e6:09:ca:eb:4f:b4:b3:2b:26:be:13: 04:a5:7c:74:94:dc:87:3e:e7:87:56:63:4f:cb:fb:10:e0:25: b1:90:59:85:ad:a0:2f:7e:35:05:4d:d5:fa:5e:a2:cd:99:8c: 38:0c:01:65:f4:d4:53:d1:5f:15:25:50:10:48:f3:44:f6:ec: 20:c6:7a:8e:f2:e8:9d:09:16:6a:df:21:3d:2a:60:44:0c:06: 7d:ec:b2:d1:3b:60:36:cf:9d:cf:f5:f9:0c:c6:b7:3e:b8:b5: 5f:7f:b0:5e:b9:97:30:fb:04:b8:e8:97:ca:14:7c:9b:39:5b: 99:00:2e:ba:d0:1e:f1:f8:a8:09:82:19:4e:0b:4e:ad:7d:d9: 33:f6:c7:94 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 Mzc3RDExMC8GA1UEBRMoQTFGQUQ1NDJFOTFFMDE3RDI1N0Q1MUIxNEZGNUMzNUI4 OTQyOUVGNTAeFw0yNDA1MTkwODA3NTFaFw0yNDA1MjYwODA3NTFaMBgxFjAUBgNV BAMTDTY2NDliMzU3LTM3N2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDR+z9CeS0ly14GJHsHvOl9uAF+3u05tsEUchQf0f+GI9OjbyVTuQ0fAh1bJ7LP kqpDBl4r6XimoURCSL9KJQMHSdYxZrzsCtNQIG7wY8EQQV5Ob9Wp3BSBF8GYgG3Q ErQnawClcD/SKSW04LAlK5eD22w0UMcENM0bTJC0K4wyU3L6qMe3+qaDpMgLfANh S2L8D53+f94Ut5cWBQa+aqjxFqpmXvjorS/cJdUjsZYvE05ZnzILjnWESUx2mVMg EqzaIicu8DaZ/6aliUWpa/9fLO5YC7hUkO6ghTM2u1J1cfN4cp4QEPBGh7SRSUvm MrRFKPyLn7VzfWKkl4qpqAuRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUyeK1LcXd 7l8Pz+LHPd/25AnFx+gwHwYDVR0jBBgwFoAUofrVQukeAX0lfVGxT/XDW4lCnvUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgzNzdELzlGN0M4MTUyQjRC MTExRUVCMEFERTM1MkM0RjlBRTAyL29mclZRdWtlQVgwbGZWR3hUX1hEVzRsQ252 VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2ZyVlF1a2VBWDBsZlZHeFRfWERXNGxDbnZVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgz NzdELzlGN0M4MTUyQjRCMTExRUVCMEFERTM1MkM0RjlBRTAyL29mclZRdWtlQVgw bGZWR3hUX1hEVzRsQ252VS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK96xCPQRSvbFtf2fW2NhkqyfRhsW0sD5ykkB7zuB+XVZaGa8XVFnL1d 5dbbvd7K+B69cMJ1otKXfpem7pVUMA/1pHV8/zi+UaHeUpjZV40/a5YSOHFejgXI x+tJImXODK8EBavMx3pzZWThRbK/KfhuC1zmCcrrT7SzKya+EwSlfHSU3Ic+54dW Y0/L+xDgJbGQWYWtoC9+NQVN1fpeos2ZjDgMAWX01FPRXxUlUBBI80T27CDGeo7y 6J0JFmrfIT0qYEQMBn3sstE7YDbPnc/1+QzGtz64tV9/sF65lzD7BLjol8oUfJs5 W5kALrrQHvH4qAmCGU4LTq192TP2x5Q= -----END CERTIFICATE-----Generated at Sun May 19 09:32:17 2024 by rpki-client on console-ams.rpki-client.org