$ rpki-client -vvf rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.mft File: r2oY2zoHHvGMylvos1Qz31RPD7I.mft (raw, json) Hash identifier: GKPMx3zA+tqgRujLOhiNNXa8fc2UUoNhZHFRWYTIF0Q= Subject key identifier: A2:03:7B:F3:1D:BC:A3:F9:44:1B:C3:42:14:AE:57:AF:7C:F6:0C:2D Authority key identifier: AF:6A:18:DB:3A:07:1E:F1:8C:CA:5B:E8:B3:54:33:DF:54:4F:0F:B2 Certificate issuer: /CN=A918E20E/serialNumber=AF6A18DB3A071EF18CCA5BE8B35433DF544F0FB2 Certificate serial: 0B00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2oY2zoHHvGMylvos1Qz31RPD7I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.mft Manifest number: 0AFB Signing time: Thu 30 May 2024 20:23:01 +0000 Manifest this update: Thu 30 May 2024 20:23:00 +0000 Manifest next update: Thu 06 Jun 2024 20:23:00 +0000 Files and hashes: 1: r2oY2zoHHvGMylvos1Qz31RPD7I.crl (hash: NwkPM8/n6Gh+Yz9qCO7NQ7HjM8aNjeuswwttqEOt6+c=) 2: BFA3B5F81FC911EA8CF04E61C4F9AE02.roa (hash: 4sB4DOt4CW4eHB/ZFEI2UI4R45G3Zj008UjXQgkb7Gc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.crl rsync://rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2oY2zoHHvGMylvos1Qz31RPD7I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 20:22:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2816 (0xb00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E20E/serialNumber=AF6A18DB3A071EF18CCA5BE8B35433DF544F0FB2 Validity Not Before: May 30 20:23:00 2024 GMT Not After : Jun 6 20:23:00 2024 GMT Subject: CN=6658e024-bbc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d9:b3:2d:48:18:92:e5:f4:ec:b4:ad:f1:f2: 35:85:34:1a:2a:72:e9:f0:e9:37:4e:f2:9d:bd:5c: 55:db:09:3d:04:22:08:f4:2e:bd:1e:7e:61:7d:db: 8b:2c:60:7b:83:58:fa:79:78:4f:22:46:5e:e7:78: a0:f7:2a:d8:87:b1:8e:94:b4:5c:54:4a:34:e3:90: e6:0b:3c:5b:fb:87:94:dd:f5:d5:ab:3c:42:0c:af: df:86:54:06:2c:27:9f:45:4e:c9:88:c0:d1:8f:54: c9:6d:b0:d3:56:90:77:3d:b9:5f:6a:13:65:f1:44: 01:22:56:40:7d:a0:fc:65:d8:f5:6f:c9:82:a0:28: 64:bc:f7:e0:82:c9:92:16:f5:99:01:03:bc:03:d4: 62:b5:57:8c:09:28:9e:58:a9:aa:60:b6:bf:26:64: 63:2f:89:2a:87:06:4a:41:c0:de:f8:dc:1f:a1:00: b9:4b:1d:bc:ab:cf:cf:67:bd:14:72:04:e3:7f:3a: 8e:46:83:bb:af:8e:31:e0:96:a3:a5:89:ea:c7:e7: bd:21:a9:14:2c:6e:1e:42:f3:45:45:64:49:91:10: 09:53:fa:d5:ea:35:44:23:9f:03:a9:62:5f:a4:95: b3:e3:31:84:5f:b5:25:ab:cc:a6:99:2d:4c:1e:55: 28:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:03:7B:F3:1D:BC:A3:F9:44:1B:C3:42:14:AE:57:AF:7C:F6:0C:2D X509v3 Authority Key Identifier: keyid:AF:6A:18:DB:3A:07:1E:F1:8C:CA:5B:E8:B3:54:33:DF:54:4F:0F:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r2oY2zoHHvGMylvos1Qz31RPD7I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E20E/23AAD98E1FC811EA84594F5EC4F9AE02/r2oY2zoHHvGMylvos1Qz31RPD7I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:7c:48:73:19:0d:9f:5a:8d:ee:8e:f0:e9:44:79:3c:6c:89: 1f:61:cc:84:5f:31:64:13:aa:af:26:45:ee:69:1e:16:c5:ef: e5:71:8c:c8:16:55:71:f2:37:8c:18:0a:52:24:04:78:30:cf: d6:0a:db:9c:36:a2:d0:7e:c3:b7:d3:81:76:38:e6:b5:e2:be: 34:08:9d:c0:20:7c:f1:96:58:f8:c8:fb:57:70:21:50:9d:44: 24:77:65:63:67:c6:0e:58:24:ae:4a:f8:3e:13:4f:e2:04:12: 6b:c2:8f:ea:d7:b3:9e:1f:a9:8c:9d:c2:8f:bd:be:d7:2b:07: f8:ad:8a:6f:d1:b0:6f:38:c1:d8:73:35:15:85:cb:7e:21:8d: da:4a:61:06:d2:88:17:f8:08:80:63:6a:52:cc:93:bc:c7:c8: e0:4d:b2:b7:ee:5b:0b:f2:37:1f:de:83:ae:c3:dc:47:64:91: c0:1b:36:34:45:9b:f3:6c:63:f4:1e:26:d7:2d:e1:d3:cb:a3: d4:0c:f8:67:b1:7e:d7:12:2c:c1:ce:a6:b2:20:0c:cb:6d:89: 20:00:da:0c:d9:b0:b6:80:11:4f:ee:7f:4c:81:bd:46:58:82: 97:f4:38:6d:27:6d:88:af:40:d6:71:96:20:24:de:d1:25:d4: 8c:0f:cb:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEUyMEUxMTAvBgNVBAUTKEFGNkExOERCM0EwNzFFRjE4Q0NBNUJFOEIzNTQzM0RG NTQ0RjBGQjIwHhcNMjQwNTMwMjAyMzAwWhcNMjQwNjA2MjAyMzAwWjAYMRYwFAYD VQQDEw02NjU4ZTAyNC1iYmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1NmzLUgYkuX07LSt8fI1hTQaKnLp8Ok3TvKdvVxV2wk9BCII9C69Hn5hfduL LGB7g1j6eXhPIkZe53ig9yrYh7GOlLRcVEo045DmCzxb+4eU3fXVqzxCDK/fhlQG LCefRU7JiMDRj1TJbbDTVpB3PblfahNl8UQBIlZAfaD8Zdj1b8mCoChkvPfggsmS FvWZAQO8A9RitVeMCSieWKmqYLa/JmRjL4kqhwZKQcDe+NwfoQC5Sx28q8/PZ70U cgTjfzqORoO7r44x4JajpYnqx+e9IakULG4eQvNFRWRJkRAJU/rV6jVEI58DqWJf pJWz4zGEX7Ulq8ymmS1MHlUo+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKIDe/Md vKP5RBvDQhSuV6989gwtMB8GA1UdIwQYMBaAFK9qGNs6Bx7xjMpb6LNUM99UTw+y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTIwRS8yM0FBRDk4RTFG QzgxMUVBODQ1OTRGNUVDNEY5QUUwMi9yMm9ZMnpvSEh2R015bHZvczFRejMxUlBE N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Iyb1kyem9ISHZHTXlsdm9zMVF6MzFSUEQ3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RTIwRS8yM0FBRDk4RTFGQzgxMUVBODQ1OTRGNUVDNEY5QUUwMi9yMm9ZMnpvSEh2 R015bHZvczFRejMxUlBEN0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQfEhzGQ2fWo3ujvDpRHk8bIkfYcyEXzFkE6qvJkXuaR4Wxe/lcYzI FlVx8jeMGApSJAR4MM/WCtucNqLQfsO304F2OOa14r40CJ3AIHzxllj4yPtXcCFQ nUQkd2VjZ8YOWCSuSvg+E0/iBBJrwo/q17OeH6mMncKPvb7XKwf4rYpv0bBvOMHY czUVhct+IY3aSmEG0ogX+AiAY2pSzJO8x8jgTbK37lsL8jcf3oOuw9xHZJHAGzY0 RZvzbGP0HibXLeHTy6PUDPhnsX7XEizBzqayIAzLbYkgANoM2bC2gBFP7n9Mgb1G WIKX9DhtJ22Ir0DWcZYgJN7RJdSMD8t7 -----END CERTIFICATE-----Generated at Thu May 30 21:37:29 2024 by rpki-client on console-fra.rpki-client.org