$ rpki-client -vvf rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft File: 28IYSbtMFwTSMZPEG3DGaxqWVi8.mft (raw, json) Hash identifier: 7gVwvypPaikfsWuCogXowCK4qD7BjOj2T2gL43SDAQ0= Subject key identifier: E3:D5:5E:C2:6D:A9:7E:F6:46:D7:4C:8B:ED:C1:58:51:48:49:D8:69 Authority key identifier: DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F Certificate issuer: /CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Certificate serial: 1476 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft Manifest number: 146E Signing time: Sat 18 May 2024 17:22:33 +0000 Manifest this update: Sat 18 May 2024 17:22:33 +0000 Manifest next update: Sat 25 May 2024 17:22:33 +0000 Files and hashes: 1: 28IYSbtMFwTSMZPEG3DGaxqWVi8.crl (hash: D/s5iEOg9Ii636IOFkppvuO9soGz0OBRp5P9+rxzjWQ=) 2: C355C10243E611E8843B4E66C4F9AE02.roa (hash: tE+xvKEU2lq0YqE+NTYg8y1a5SGXjU0ke0uyncrO2F0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5238 (0x1476) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Validity Not Before: May 18 17:22:33 2024 GMT Not After : May 25 17:22:33 2024 GMT Subject: CN=6648e3d9-cc79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:c6:f6:6d:75:89:fb:d6:2e:d1:4a:87:c0:c8: 70:68:8f:f2:a5:97:73:c4:62:d8:1b:28:30:49:c7: 4a:20:73:89:40:d6:eb:5c:bd:39:99:5b:7c:44:76: 7f:8f:bf:f9:c3:dd:68:77:ce:38:78:a3:59:ed:cf: ee:21:3f:d4:60:3a:48:68:d8:f7:d5:26:b9:c2:00: a0:41:88:2e:41:a7:10:d2:30:d8:54:2b:93:df:7c: d0:db:3b:0b:d4:9d:15:0b:46:4b:8f:81:ff:d3:aa: 0e:f4:e0:6a:a2:da:95:ae:6a:7d:24:34:5c:78:ea: c1:f8:64:87:6e:8d:c0:b4:3a:fc:53:e9:a5:7b:7b: 68:21:32:9e:7c:eb:67:c4:28:bf:2e:d1:30:00:19: d4:ae:b0:0d:ae:4b:95:5e:bd:33:86:94:0b:85:ea: 32:37:e7:f0:e9:fb:cc:ad:bd:7f:ab:47:e1:4e:f3: 40:2e:22:04:2e:b0:d5:9a:10:2a:14:6a:3e:07:12: 57:1e:58:81:cd:aa:f6:48:44:af:69:55:ed:8d:78: 65:64:e2:46:3b:d9:d2:8a:55:e9:5a:4a:a1:7d:d8: 35:c8:83:c0:d4:fb:70:c9:49:14:f9:d2:f0:95:fd: ee:d8:9f:bc:40:10:9f:61:8a:23:0a:82:70:40:06: a3:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D5:5E:C2:6D:A9:7E:F6:46:D7:4C:8B:ED:C1:58:51:48:49:D8:69 X509v3 Authority Key Identifier: keyid:DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:90:a7:bc:2f:4e:e4:1f:c8:33:4a:64:1e:c0:47:de:5b:6a: c7:58:96:00:c8:96:0b:c5:7e:d6:ee:bf:6c:79:d9:b7:bd:9e: 41:44:6c:33:30:a9:97:ed:d2:f4:14:fe:c2:71:d5:92:e9:92: 5f:e2:6c:19:83:d9:bd:99:00:4e:4b:1f:76:ee:10:e6:2d:06: b4:43:f3:b6:ba:9a:ca:4f:e3:48:9b:0a:23:a2:e9:70:44:0a: d5:4b:4c:91:77:d9:db:9b:f0:f6:17:ae:c7:16:db:7c:0c:58: 92:d3:55:3f:f9:20:28:2a:22:7f:cb:1b:4b:18:5a:91:21:85: ae:f8:bb:2c:c8:2b:cc:fa:43:5b:5c:b3:bf:aa:66:d2:56:46: f3:05:56:cb:53:ec:14:fe:05:b7:a0:a0:bc:f2:29:d7:2b:b7: 81:62:75:58:9f:75:f1:3b:87:bb:22:41:4c:41:fa:d9:49:f1: 76:e2:a3:08:3a:16:42:32:8b:04:d9:b2:63:b6:65:c9:ab:1d: 5e:bd:92:12:88:7e:ff:aa:80:91:3f:90:9e:c2:54:c4:d3:ba: b1:d4:83:69:60:ef:65:0a:65:9f:de:31:6f:ad:c4:1e:77:f4: 71:fe:e5:71:1e:f1:6a:1f:a7:19:e3:9c:ca:df:8e:c6:a1:7e: e9:e1:1d:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMyMzMxMTAvBgNVBAUTKERCQzIxODQ5QkI0QzE3MDREMjMxOTNDNDFCNzBDNjZC MUE5NjU2MkYwHhcNMjQwNTE4MTcyMjMzWhcNMjQwNTI1MTcyMjMzWjAYMRYwFAYD VQQDEw02NjQ4ZTNkOS1jYzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA58b2bXWJ+9Yu0UqHwMhwaI/ypZdzxGLYGygwScdKIHOJQNbrXL05mVt8RHZ/ j7/5w91od844eKNZ7c/uIT/UYDpIaNj31Sa5wgCgQYguQacQ0jDYVCuT33zQ2zsL 1J0VC0ZLj4H/06oO9OBqotqVrmp9JDRceOrB+GSHbo3AtDr8U+mle3toITKefOtn xCi/LtEwABnUrrANrkuVXr0zhpQLheoyN+fw6fvMrb1/q0fhTvNALiIELrDVmhAq FGo+BxJXHliBzar2SESvaVXtjXhlZOJGO9nSilXpWkqhfdg1yIPA1PtwyUkU+dLw lf3u2J+8QBCfYYojCoJwQAajvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOPVXsJt qX72RtdMi+3BWFFISdhpMB8GA1UdIwQYMBaAFNvCGEm7TBcE0jGTxBtwxmsallYv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzIzMy8xRkRBRkQ2MjQz RTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3VFNNWlBFRzNER2F4cVdW aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI4SVlTYnRNRndUU01aUEVHM0RHYXhxV1ZpOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzIzMy8xRkRBRkQ2MjQzRTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3 VFNNWlBFRzNER2F4cVdWaTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8kKe8L07kH8gzSmQewEfeW2rHWJYAyJYLxX7W7r9sedm3vZ5BRGwz MKmX7dL0FP7CcdWS6ZJf4mwZg9m9mQBOSx927hDmLQa0Q/O2uprKT+NImwojoulw RArVS0yRd9nbm/D2F67HFtt8DFiS01U/+SAoKiJ/yxtLGFqRIYWu+LssyCvM+kNb XLO/qmbSVkbzBVbLU+wU/gW3oKC88inXK7eBYnVYn3XxO4e7IkFMQfrZSfF24qMI OhZCMosE2bJjtmXJqx1evZISiH7/qoCRP5CewlTE07qx1INpYO9lCmWf3jFvrcQe d/Rx/uVxHvFqH6cZ45zK347GoX7p4R2l -----END CERTIFICATE-----Generated at Sat May 18 18:12:32 2024 by rpki-client on console-fra.rpki-client.org