$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: GtkKD4tJfnZp88eaaCj+aW6WVUmX9o2bOe/hRNuYE+8= Subject key identifier: B1:DF:65:6A:12:06:5D:FA:E5:F6:F5:D3:6C:64:50:EB:04:8A:C0:5E Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: 26 Signing time: Sun 19 May 2024 08:29:51 +0000 Manifest this update: Sun 19 May 2024 08:29:51 +0000 Manifest next update: Sun 26 May 2024 08:29:51 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: UXrzlwq7vQiEWKsnsElNU1VoPmgE842POuAu2fG1BGY=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: xVEJPm+31bLznblOWhCpwIQYSTvCz1YQ0x0L0sMQxuU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: May 19 08:29:51 2024 GMT Not After : May 26 08:29:51 2024 GMT Subject: CN=6649b87f-335d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:30:86:ba:0f:66:ca:5b:17:fb:f4:36:c0:c8: 5c:5a:d7:6f:6a:f4:33:03:d7:af:18:13:f3:8b:09: f6:6f:bc:30:c3:3b:4e:e7:b7:75:08:69:eb:a0:9b: 87:1e:2c:08:3d:50:de:a6:a8:37:b6:91:36:e8:31: ad:45:c5:a4:10:17:83:35:7b:5a:0c:e3:c1:94:59: 72:dd:f7:47:63:cf:4d:46:17:a3:21:08:03:2b:5b: e8:46:3c:13:47:27:ea:89:d0:28:d4:59:1f:a7:6e: 14:3f:0e:fa:62:e2:64:97:85:8b:75:c4:08:f0:58: a1:76:da:4f:37:62:4f:8b:31:2c:c4:46:9c:a1:c3: 98:51:11:18:b0:60:9e:4f:84:63:6d:9f:34:97:a9: e0:73:24:af:ff:34:fa:39:05:b5:94:72:d8:2f:fa: 3e:ab:d1:4d:8b:0a:83:79:2f:58:6c:6e:c8:3a:b0: 67:f9:7e:74:9e:1b:44:4d:62:af:10:1a:05:41:1e: 8a:5d:49:25:a2:04:df:1e:a0:0f:45:62:ff:19:7f: 12:7d:6e:a0:88:61:77:53:0c:0a:46:2c:8a:d7:f6: a0:aa:f2:99:a0:1b:cf:ed:bc:59:37:eb:a1:9e:b3: 0e:4e:fb:6e:25:82:66:86:51:13:23:5b:04:34:35: 03:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:DF:65:6A:12:06:5D:FA:E5:F6:F5:D3:6C:64:50:EB:04:8A:C0:5E X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:5b:c3:c3:09:ec:6d:46:80:a3:2d:7d:4d:08:ba:36:d1:e1: 87:60:48:c3:ce:4a:ce:b9:9c:69:5d:cd:67:26:80:c0:0e:aa: a4:51:fd:70:1e:fa:19:13:66:16:5e:3c:29:81:eb:63:2a:8c: e1:41:fd:8e:6a:e2:a9:93:89:43:22:41:fa:d0:b2:19:a6:ec: eb:00:17:51:e3:9f:3e:c9:3e:ec:be:0e:41:87:d8:a8:f3:26: 3e:d1:a6:8e:8d:1e:ba:a2:44:ae:9f:8c:20:ec:ac:a8:48:e0: 5d:67:a1:76:95:78:06:9a:af:21:75:c7:06:1b:51:73:07:72: 64:c2:3a:91:81:46:c2:a6:43:18:ad:2f:0c:4c:0b:31:ce:9e: 64:0e:90:1a:82:0c:af:50:33:21:d8:9b:16:bd:73:8b:e1:0c: ea:37:73:10:66:e7:75:bc:41:b8:6f:3d:e1:b9:22:5a:af:40: 8b:f0:e7:1f:9c:44:24:95:fd:7b:82:62:ff:f2:96:38:f7:c6: 36:50:25:41:86:54:db:a3:a9:48:c0:03:56:5f:85:65:36:1b: 87:ee:3c:13:51:f1:a6:c8:7c:42:49:3a:42:92:fa:25:db:04: b2:0a:ee:b7:21:03:9e:e6:49:0a:64:0b:85:c1:7d:e8:ea:b8: 46:c7:e2:74 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjlEQTExMC8GA1UEBRMoMkZEMjRCNkZENzk4MDQ0NTczNTQzODY2NjJDRTMwRERB M0IyMDBCNTAeFw0yNDA1MTkwODI5NTFaFw0yNDA1MjYwODI5NTFaMBgxFjAUBgNV BAMTDTY2NDliODdmLTMzNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnMIa6D2bKWxf79DbAyFxa129q9DMD168YE/OLCfZvvDDDO07nt3UIaeugm4ce LAg9UN6mqDe2kTboMa1FxaQQF4M1e1oM48GUWXLd90djz01GF6MhCAMrW+hGPBNH J+qJ0CjUWR+nbhQ/Dvpi4mSXhYt1xAjwWKF22k83Yk+LMSzERpyhw5hRERiwYJ5P hGNtnzSXqeBzJK//NPo5BbWUctgv+j6r0U2LCoN5L1hsbsg6sGf5fnSeG0RNYq8Q GgVBHopdSSWiBN8eoA9FYv8ZfxJ9bqCIYXdTDApGLIrX9qCq8pmgG8/tvFk366Ge sw5O+24lgmaGURMjWwQ0NQMzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsd9lahIG Xfrl9vXTbGRQ6wSKwF4wHwYDVR0jBBgwFoAUL9JLb9eYBEVzVDhmYs4w3aOyALUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyOURBLzM0QjVCNTE0REE1 NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFM VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTDlKTGI5ZVlCRVZ6VkRobVlzNHczYU95QUxVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy OURBLzM0QjVCNTE0REE1NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZQkVW elZEaG1ZczR3M2FPeUFMVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH5bw8MJ7G1GgKMtfU0IujbR4YdgSMPOSs65nGldzWcmgMAOqqRR/XAe +hkTZhZePCmB62MqjOFB/Y5q4qmTiUMiQfrQshmm7OsAF1Hjnz7JPuy+DkGH2Kjz Jj7Rpo6NHrqiRK6fjCDsrKhI4F1noXaVeAaaryF1xwYbUXMHcmTCOpGBRsKmQxit LwxMCzHOnmQOkBqCDK9QMyHYmxa9c4vhDOo3cxBm53W8QbhvPeG5IlqvQIvw5x+c RCSV/XuCYv/yljj3xjZQJUGGVNujqUjAA1ZfhWU2G4fuPBNR8abIfEJJOkKS+iXb BLIK7rchA57mSQpkC4XBfejquEbH4nQ= -----END CERTIFICATE-----Generated at Sun May 19 09:32:17 2024 by rpki-client on console-ams.rpki-client.org