$ rpki-client -vvf rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft File: CeskiT_4OKrchy_8N1hCf2rsIXI.mft (raw, json) Hash identifier: BZz0LaEMfyygO/oHI3vq7qTBivT12bm4BypEpKajJjc= Subject key identifier: D8:B6:94:BA:4B:0E:07:35:B7:2E:2F:37:33:46:6F:98:C0:7D:E8:AB Authority key identifier: 09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 Certificate issuer: /CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Certificate serial: 0480 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft Manifest number: 0574 Signing time: Sun 19 May 2024 01:39:39 +0000 Manifest this update: Sun 19 May 2024 01:39:39 +0000 Manifest next update: Sun 26 May 2024 01:39:39 +0000 Files and hashes: 1: CeskiT_4OKrchy_8N1hCf2rsIXI.crl (hash: jRSQhk1bXgSY+lT1D9wwzIiWGnupWvg1Kb/jI5g1w5U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1152 (0x480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172 Validity Not Before: May 19 01:39:39 2024 GMT Not After : May 26 01:39:39 2024 GMT Subject: CN=6649585b-5e8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ab:6b:9a:6c:2a:c5:d6:3d:12:fb:54:4d:34: 0d:f2:35:74:c2:f2:7b:91:e1:f6:b6:33:08:e1:83: 43:db:35:b3:52:e1:b3:87:3a:1b:22:2d:cb:8e:9e: fc:27:b9:1f:3b:47:99:e1:0f:18:e0:5b:34:41:30: 0d:df:12:24:f4:58:6d:9f:2c:4b:6d:5c:5d:06:aa: 77:13:48:ff:0f:fa:a3:7a:cf:6e:cf:a5:eb:8c:c8: df:5f:7c:0b:75:6a:1d:b7:c8:2d:5b:81:6c:5a:a1: da:ca:7f:fa:49:b6:25:9c:d5:a2:55:fe:43:35:b7: 6e:f2:e9:ea:2e:16:00:78:d3:aa:89:d5:14:d0:cb: 10:ae:2b:e9:b2:c4:35:56:18:dd:0a:3d:bd:27:1e: e7:bc:04:84:61:a2:4f:82:8c:e3:cd:22:59:80:a0: 11:57:da:6c:01:38:c7:72:a5:9c:47:62:6d:b0:03: fc:a2:b4:3d:d6:07:00:5b:d5:db:f3:26:e9:b4:46: 38:79:62:13:e6:70:ba:19:9f:5c:43:60:2c:59:b9: 75:a3:41:17:36:e3:5c:87:a6:3f:14:d6:09:d5:55: e6:37:20:dd:15:f6:da:da:cf:fd:b3:a0:23:a9:53: 68:7b:4b:14:e3:44:c4:51:89:06:96:36:5c:fa:32: 80:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:B6:94:BA:4B:0E:07:35:B7:2E:2F:37:33:46:6F:98:C0:7D:E8:AB X509v3 Authority Key Identifier: keyid:09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:db:e1:e7:3f:54:62:74:27:d6:53:fa:52:dc:af:d6:3f:68: 5f:a1:af:c4:dd:73:e8:fb:e5:6e:f5:da:75:d5:a0:e2:82:3f: 3f:d9:f8:7e:3b:d5:b9:f1:db:5a:7f:52:53:f7:4c:20:c6:bd: 41:43:6f:74:b4:4d:49:a1:e8:d4:bd:e5:1a:ce:e1:4e:65:ab: 0e:ea:9b:11:c7:5c:bf:b7:45:91:00:ec:e3:27:1d:80:22:9d: 13:da:ab:f2:63:b2:16:62:52:d0:22:0d:29:15:e8:0f:64:a1: 71:7b:67:ec:80:ad:88:a4:26:6c:07:ca:99:9a:f3:54:a7:46: 5e:5c:da:02:6e:48:0c:e1:66:0b:0e:5b:af:fb:7c:59:e4:0c: 5a:a3:7b:d3:4a:43:9b:68:b0:da:de:4e:ce:6f:32:6d:e8:d0: 34:cd:99:49:43:91:c8:d6:dd:cb:a3:67:a4:55:b8:aa:68:43: 5e:1c:22:74:c6:1c:c5:77:d1:65:c3:86:10:51:ae:95:6c:25: a0:c8:89:45:fa:9d:1c:03:39:e4:42:d6:08:e8:95:1f:46:b2: 91:fd:e9:ab:39:ef:1d:90:a5:2a:6a:1e:05:85:0b:bd:83:2a: 7e:b3:21:88:0d:0e:a6:46:2b:90:2a:1f:fd:86:04:72:68:f4: 4d:e9:55:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZGQzM3NTg0MjdG NkFFQzIxNzIwHhcNMjQwNTE5MDEzOTM5WhcNMjQwNTI2MDEzOTM5WjAYMRYwFAYD VQQDEw02NjQ5NTg1Yi01ZThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApKtrmmwqxdY9EvtUTTQN8jV0wvJ7keH2tjMI4YND2zWzUuGzhzobIi3Ljp78 J7kfO0eZ4Q8Y4Fs0QTAN3xIk9FhtnyxLbVxdBqp3E0j/D/qjes9uz6XrjMjfX3wL dWodt8gtW4FsWqHayn/6SbYlnNWiVf5DNbdu8unqLhYAeNOqidUU0MsQrivpssQ1 VhjdCj29Jx7nvASEYaJPgozjzSJZgKARV9psATjHcqWcR2JtsAP8orQ91gcAW9Xb 8ybptEY4eWIT5nC6GZ9cQ2AsWbl1o0EXNuNch6Y/FNYJ1VXmNyDdFfba2s/9s6Aj qVNoe0sU40TEUYkGljZc+jKAbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNi2lLpL Dgc1ty4vNzNGb5jAfeirMB8GA1UdIwQYMBaAFAnrJIk/+Diq3Icv/DdYQn9q7CFy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjdBMS85MUU4RTI4NEY0 MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9LcmNoeV84TjFoQ2YycnNJ WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nlc2tpVF80T0tyY2h5XzhOMWhDZjJyc0lYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRfNE9L cmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBx2+HnP1RidCfWU/pS3K/WP2hfoa/E3XPo++Vu9dp11aDigj8/2fh+ O9W58dtaf1JT90wgxr1BQ290tE1JoejUveUazuFOZasO6psRx1y/t0WRAOzjJx2A Ip0T2qvyY7IWYlLQIg0pFegPZKFxe2fsgK2IpCZsB8qZmvNUp0ZeXNoCbkgM4WYL Dluv+3xZ5Axao3vTSkObaLDa3k7ObzJt6NA0zZlJQ5HI1t3Lo2ekVbiqaENeHCJ0 xhzFd9Flw4YQUa6VbCWgyIlF+p0cAznkQtYI6JUfRrKR/emrOe8dkKUqah4FhQu9 gyp+syGIDQ6mRiuQKh/9hgRyaPRN6VVG -----END CERTIFICATE-----Generated at Sun May 19 02:59:09 2024 by rpki-client on console-ams.rpki-client.org