$ rpki-client -vvf rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft File: OvnsvEXk4pfSm6bEEfGgXIudqeM.mft (raw, json) Hash identifier: JoH4n5vxK0t79mDIASQK5FPRxLQ95R2CX43FcYZIdZo= Subject key identifier: 5B:7C:60:EC:1E:ED:58:96:05:97:AC:4C:3C:D2:5A:D3:9C:52:68:31 Authority key identifier: 3A:F9:EC:BC:45:E4:E2:97:D2:9B:A6:C4:11:F1:A0:5C:8B:9D:A9:E3 Certificate issuer: /CN=A919CA18/serialNumber=3AF9ECBC45E4E297D29BA6C411F1A05C8B9DA9E3 Certificate serial: EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft Manifest number: EA Signing time: Sun 19 May 2024 05:51:08 +0000 Manifest this update: Sun 19 May 2024 05:51:08 +0000 Manifest next update: Sun 26 May 2024 05:51:08 +0000 Files and hashes: 1: OvnsvEXk4pfSm6bEEfGgXIudqeM.crl (hash: GKdjjqAIpwiBgPPAv0YzrNmZDKbeEm5sFBFOhZkOVcI=) 2: 82E99F5A10FC11EF95048154C4F9AE02.roa (hash: slKeOYWzdmCkmau8RJhvHLGPejq9dHSW1eCqA45Ri5U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.crl rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 235 (0xeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919CA18/serialNumber=3AF9ECBC45E4E297D29BA6C411F1A05C8B9DA9E3 Validity Not Before: May 19 05:51:08 2024 GMT Not After : May 26 05:51:08 2024 GMT Subject: CN=6649934c-9512 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f1:2a:4a:ef:a4:fe:39:5f:6f:96:7b:4f:18: 8e:d2:f1:84:46:99:e6:89:5b:23:ae:3b:1c:00:50: 3f:96:31:3b:c5:a4:9a:29:00:ff:bf:95:db:f1:04: 30:5d:b5:11:72:a9:95:34:e9:48:c1:a8:07:e6:9f: aa:d2:05:e5:37:55:3a:66:36:01:02:cd:96:ca:e8: cb:f9:b0:17:07:ae:b3:ff:cd:7d:4e:eb:e0:a0:5c: 11:38:d2:f5:56:3f:e1:9a:7b:3d:78:88:45:da:d2: ee:ec:7c:16:5a:75:8f:66:39:e1:6f:29:34:b9:e4: ad:ba:da:50:3e:8e:c2:7f:c8:ea:b5:4e:12:7c:93: ea:a6:51:a4:38:fb:a6:63:71:3b:9c:d1:77:61:be: 1a:e8:96:b0:0c:26:88:54:c7:eb:2e:a7:06:6a:c5: 8a:b9:e7:64:a9:a5:0c:fc:98:c5:33:f8:70:c1:7d: cb:9d:17:3d:a1:36:12:43:7f:09:ab:02:2c:18:14: 1b:d7:63:66:17:1f:5a:db:04:a9:17:b9:07:46:de: f1:2a:ed:a0:95:84:f7:37:00:bb:73:c8:88:10:b7: 88:c5:6e:4d:47:0e:79:01:27:cf:14:eb:26:20:88: df:b3:6b:80:9f:93:a6:eb:cb:60:c8:47:61:7e:1e: f1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:7C:60:EC:1E:ED:58:96:05:97:AC:4C:3C:D2:5A:D3:9C:52:68:31 X509v3 Authority Key Identifier: keyid:3A:F9:EC:BC:45:E4:E2:97:D2:9B:A6:C4:11:F1:A0:5C:8B:9D:A9:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OvnsvEXk4pfSm6bEEfGgXIudqeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919CA18/6D059BBCB1B211ED8D7C2F2BC4F9AE02/OvnsvEXk4pfSm6bEEfGgXIudqeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:4d:dd:01:b0:50:d3:fc:ed:e4:4a:dc:6b:5c:8f:21:10:85: 48:ee:09:63:61:1e:0c:31:b8:62:8e:e1:14:ec:21:4e:16:36: 7e:db:0e:d1:5b:fc:1e:b7:61:cd:26:60:48:73:61:f9:58:9f: 9f:3b:e0:e7:bc:2e:82:65:05:46:67:82:07:7c:0d:79:c3:42: fc:65:b4:7f:5c:a6:b6:fd:b9:34:bf:8e:be:05:9f:04:aa:4e: 73:7e:39:08:7b:bf:5d:97:3a:2a:35:d8:04:d3:cd:af:7c:84: 3d:c1:14:44:a3:a1:5c:7e:71:b3:3b:02:db:6e:f2:29:91:22: 7d:5d:44:47:97:e6:f8:96:a3:b4:05:4e:6e:30:19:5c:67:00: 68:29:ea:99:e9:dd:d5:6e:7e:00:58:7d:12:d3:73:72:fb:1f: 75:c9:8b:a8:38:bc:b4:ef:c5:5f:cc:b0:56:94:c2:17:d3:70: 8c:07:b9:e1:2b:b5:30:12:92:cd:42:fc:14:c2:e9:62:90:ef: 51:e1:df:df:5b:4a:51:d9:58:19:3f:d5:3a:c3:17:b2:3a:3b: 99:6f:a5:32:d0:f4:97:64:77:8b:12:01:bf:d4:7a:c6:47:99: 09:dd:d7:bb:65:ee:fa:9b:e3:49:fa:0c:04:19:2b:f0:f8:a4: e9:74:20:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUNBMTgxMTAvBgNVBAUTKDNBRjlFQ0JDNDVFNEUyOTdEMjlCQTZDNDExRjFBMDVD OEI5REE5RTMwHhcNMjQwNTE5MDU1MTA4WhcNMjQwNTI2MDU1MTA4WjAYMRYwFAYD VQQDEw02NjQ5OTM0Yy05NTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvEqSu+k/jlfb5Z7TxiO0vGERpnmiVsjrjscAFA/ljE7xaSaKQD/v5Xb8QQw XbURcqmVNOlIwagH5p+q0gXlN1U6ZjYBAs2WyujL+bAXB66z/819TuvgoFwRONL1 Vj/hmns9eIhF2tLu7HwWWnWPZjnhbyk0ueStutpQPo7Cf8jqtU4SfJPqplGkOPum Y3E7nNF3Yb4a6JawDCaIVMfrLqcGasWKuedkqaUM/JjFM/hwwX3LnRc9oTYSQ38J qwIsGBQb12NmFx9a2wSpF7kHRt7xKu2glYT3NwC7c8iIELeIxW5NRw55ASfPFOsm IIjfs2uAn5Om68tgyEdhfh7x9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFt8YOwe 7ViWBZesTDzSWtOcUmgxMB8GA1UdIwQYMBaAFDr57LxF5OKX0pumxBHxoFyLnanj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5Q0ExOC82RDA1OUJCQ0Ix QjIxMUVEOEQ3QzJGMkJDNEY5QUUwMi9Pdm5zdkVYazRwZlNtNmJFRWZHZ1hJdWRx ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL092bnN2RVhrNHBmU202YkVFZkdnWEl1ZHFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 Q0ExOC82RDA1OUJCQ0IxQjIxMUVEOEQ3QzJGMkJDNEY5QUUwMi9Pdm5zdkVYazRw ZlNtNmJFRWZHZ1hJdWRxZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFTd0BsFDT/O3kStxrXI8hEIVI7gljYR4MMbhijuEU7CFOFjZ+2w7R W/wet2HNJmBIc2H5WJ+fO+DnvC6CZQVGZ4IHfA15w0L8ZbR/XKa2/bk0v46+BZ8E qk5zfjkIe79dlzoqNdgE082vfIQ9wRREo6FcfnGzOwLbbvIpkSJ9XURHl+b4lqO0 BU5uMBlcZwBoKeqZ6d3Vbn4AWH0S03Ny+x91yYuoOLy078VfzLBWlMIX03CMB7nh K7UwEpLNQvwUwulikO9R4d/fW0pR2VgZP9U6wxeyOjuZb6Uy0PSXZHeLEgG/1HrG R5kJ3de7Ze76m+NJ+gwEGSvw+KTpdCDC -----END CERTIFICATE-----Generated at Sun May 19 08:25:05 2024 by rpki-client on console-ams.rpki-client.org