$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft File: h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft (raw, json) Hash identifier: evD6Dvk79at3QNLZ3LZZdtweZwJ0AQzv6aIe0aWXCl4= Subject key identifier: B2:9B:AB:48:3F:0E:D9:65:D2:61:C0:D1:D5:D1:A4:DD:65:DE:F9:80 Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B Certificate issuer: /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft Manifest number: 29 Signing time: Sun 19 May 2024 08:39:41 +0000 Manifest this update: Sun 19 May 2024 08:39:41 +0000 Manifest next update: Sun 26 May 2024 08:39:41 +0000 Files and hashes: 1: h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl (hash: IhJ45kPQP+386kRX5aurbzmTTyPjq/jdeAg0HlQCwlk=) 2: F44A5204EDBE11EE81831062C4F9AE02.roa (hash: rPIqN3g9M//pjM5GFM7nRYLtY525w98t/87GEsybN2o=) 3: F53A9AACEDBE11EE81831062C4F9AE02.roa (hash: YAP0qXi2Kuy/FazVI0jB6EFuZs4wd7rEO2VW8bRD9PQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B Validity Not Before: May 19 08:39:41 2024 GMT Not After : May 26 08:39:41 2024 GMT Subject: CN=6649bacd-4311 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:1c:ef:d9:57:ac:e1:44:bb:04:92:f1:55:02: 46:09:8c:b0:6c:bb:97:37:76:4c:76:70:68:01:aa: f5:13:7a:02:4e:09:b4:ab:fc:16:16:ab:f7:4f:1d: 13:11:fd:34:3b:63:ad:91:20:e8:5c:4d:fb:b0:52: 32:af:ec:00:06:cb:49:aa:75:6f:fe:39:3d:5f:6f: 8a:70:d5:ac:8e:44:be:ef:bb:a6:d7:8e:e9:6c:d3: ac:78:ca:92:8c:cc:e7:9f:fe:1e:ee:6f:bf:96:4a: f5:bc:64:a2:93:17:fd:89:30:38:ee:b9:61:9c:04: 7d:e1:2b:02:56:1e:2f:96:77:ae:9a:66:30:f1:37: ec:19:e4:9d:be:2b:75:44:e4:b7:77:7e:25:40:0e: bb:b9:07:8d:58:f0:9c:52:e6:d0:b0:f7:8e:5d:a1: 2c:93:bb:24:1f:76:65:8e:15:03:f7:97:07:05:60: ad:48:d7:e6:a8:21:b9:d7:93:50:2e:32:45:e6:2e: 6e:d5:e9:af:bd:8f:df:54:bf:6b:0e:6e:05:d9:93: b8:df:84:be:fd:04:fd:d2:53:33:77:b2:c8:cb:bd: b9:e5:b3:68:32:89:ef:f1:28:de:63:2e:ea:c6:88: 8e:a3:e6:ad:ee:b8:28:85:9f:a7:83:f5:ee:95:ea: 1d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:9B:AB:48:3F:0E:D9:65:D2:61:C0:D1:D5:D1:A4:DD:65:DE:F9:80 X509v3 Authority Key Identifier: keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:fd:80:d7:ef:02:ed:46:f5:48:f8:d4:af:71:7b:5d:dc:57: 05:97:bb:19:ca:3a:5b:8b:38:a2:a8:c4:d5:5b:01:6c:05:c9: cf:a6:77:ba:91:24:00:66:b2:0e:ce:c7:eb:ca:e0:2b:80:ad: 43:e9:f0:d8:de:a6:f6:69:d3:7c:3f:8e:d7:c7:ad:94:33:02: 6b:aa:c0:7f:90:af:3f:16:8d:61:93:7b:c5:cc:c4:ad:4d:fd: 14:60:37:1d:45:bb:bc:ee:32:1f:8f:61:03:01:be:98:2c:70: 11:ee:83:f0:13:1c:72:8a:fb:b9:4f:32:02:80:c5:e4:71:41: db:1e:df:ee:d1:d5:a6:55:9b:89:a9:5d:bc:46:fe:49:7a:02: a1:1b:bb:d7:86:0c:66:1f:b2:a1:97:18:e0:ac:71:fd:39:76: 05:bf:b3:85:5e:5c:58:54:57:08:79:ef:28:9c:f4:ef:d7:a8: 25:6c:85:a7:82:53:be:3c:33:3d:a7:69:28:7f:0c:81:e6:0a: 0a:58:dd:8c:0b:8b:81:5b:c0:07:03:80:ef:16:24:26:4d:80: dd:ae:22:ba:1d:d3:4e:98:3d:06:51:55:67:25:6a:ef:5b:95: b7:3f:ae:1e:94:3a:fe:f3:12:97:1d:13:72:5b:ee:50:f3:5f: 2b:cf:3e:7f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1 RDA2QTQ0QjAeFw0yNDA1MTkwODM5NDFaFw0yNDA1MjYwODM5NDFaMBgxFjAUBgNV BAMTDTY2NDliYWNkLTQzMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIHO/ZV6zhRLsEkvFVAkYJjLBsu5c3dkx2cGgBqvUTegJOCbSr/BYWq/dPHRMR /TQ7Y62RIOhcTfuwUjKv7AAGy0mqdW/+OT1fb4pw1ayORL7vu6bXjuls06x4ypKM zOef/h7ub7+WSvW8ZKKTF/2JMDjuuWGcBH3hKwJWHi+Wd66aZjDxN+wZ5J2+K3VE 5Ld3fiVADru5B41Y8JxS5tCw945doSyTuyQfdmWOFQP3lwcFYK1I1+aoIbnXk1Au MkXmLm7V6a+9j99Uv2sObgXZk7jfhL79BP3SUzN3ssjLvbnls2gyie/xKN5jLurG iI6j5q3uuCiFn6eD9e6V6h15AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUspurSD8O 2WXSYcDR1dGk3WXe+YAwHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2 QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlG OUE4L0I5MjMwNkZFRUI2QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVB ampBOXIzcEVWYmwwR3BFcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKz9gNfvAu1G9Uj41K9xe13cVwWXuxnKOluLOKKoxNVbAWwFyc+md7qR JABmsg7Ox+vK4CuArUPp8NjepvZp03w/jtfHrZQzAmuqwH+Qrz8WjWGTe8XMxK1N /RRgNx1Fu7zuMh+PYQMBvpgscBHug/ATHHKK+7lPMgKAxeRxQdse3+7R1aZVm4mp XbxG/kl6AqEbu9eGDGYfsqGXGOCscf05dgW/s4VeXFhUVwh57yic9O/XqCVshaeC U748Mz2naSh/DIHmCgpY3YwLi4FbwAcDgO8WJCZNgN2uIrod006YPQZRVWclau9b lbc/rh6UOv7zEpcdE3Jb7lDzXyvPPn8= -----END CERTIFICATE-----Generated at Sun May 19 09:32:17 2024 by rpki-client on console-ams.rpki-client.org