$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft File: K8iorLUs8M9_MTaUMA9ThmhiN60.mft (raw, json) Hash identifier: 2N8ov+aX1GwZKJfNNeTUs/onFMxbygPhPd3LJMGuRBk= Subject key identifier: 4C:19:D2:C1:7A:8B:6D:11:AF:CB:A6:7E:26:29:AE:B5:A6:D6:F3:99 Authority key identifier: 2B:C8:A8:AC:B5:2C:F0:CF:7F:31:36:94:30:0F:53:86:68:62:37:AD Certificate issuer: /CN=A91B0549/serialNumber=2BC8A8ACB52CF0CF7F313694300F5386686237AD Certificate serial: 0AAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8iorLUs8M9_MTaUMA9ThmhiN60.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft Manifest number: 0AA6 Signing time: Sat 18 May 2024 20:09:25 +0000 Manifest this update: Sat 18 May 2024 20:09:25 +0000 Manifest next update: Sat 25 May 2024 20:09:25 +0000 Files and hashes: 1: K8iorLUs8M9_MTaUMA9ThmhiN60.crl (hash: 12igxQW6qUuqXaN1ain3jtlkVpSAZjKI/VIG6FNKYtI=) 2: 7A629E90303211EA9DAB6581C4F9AE02.roa (hash: RkDmfgQMwwny9x9xlb//KIEAOQmfjHqeRQZx8EIpneY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.crl rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8iorLUs8M9_MTaUMA9ThmhiN60.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2733 (0xaad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0549/serialNumber=2BC8A8ACB52CF0CF7F313694300F5386686237AD Validity Not Before: May 18 20:09:25 2024 GMT Not After : May 25 20:09:25 2024 GMT Subject: CN=66490af5-a1d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:97:26:7f:f8:fa:c2:fe:bb:39:3b:80:e4:b1: 96:7f:08:64:5b:a2:14:3f:27:2e:04:29:74:21:9c: 92:9d:02:ce:ac:cf:c6:74:ee:86:f7:b2:d7:7e:75: 09:34:a3:87:77:67:41:c6:7e:6b:e8:ce:27:aa:17: d0:48:4c:ae:22:0b:d9:13:28:87:aa:3e:a2:6e:51: 48:84:47:05:bb:83:0c:7d:f7:07:79:de:a6:23:70: 8b:22:52:8b:fd:c6:74:00:44:f1:ed:70:20:54:25: 45:e1:2b:09:9c:e1:be:e6:b1:80:ae:a4:10:9a:5a: 21:a5:13:f0:e7:78:da:3c:17:4f:52:3c:bf:5a:63: 1b:67:69:ae:a4:34:9c:80:cd:cc:ff:a9:a8:aa:b0: 6f:e1:13:e8:b4:68:f8:37:35:6d:59:45:e9:2d:ea: 03:7a:ac:52:11:ff:17:d3:4e:43:cc:c7:c8:ed:da: 1c:76:0f:40:23:55:54:ac:87:4b:e1:ee:53:07:f9: 93:33:fb:17:82:c7:40:c8:43:c8:71:f5:f0:1c:b5: 47:f1:d1:3d:e4:44:51:0f:b5:07:27:4c:6e:82:d1: 21:61:69:e1:02:f2:81:e8:1a:1b:e0:18:ea:ed:e8: be:b2:6c:db:82:96:b4:5f:b3:b8:26:8c:b0:b7:0e: ed:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:19:D2:C1:7A:8B:6D:11:AF:CB:A6:7E:26:29:AE:B5:A6:D6:F3:99 X509v3 Authority Key Identifier: keyid:2B:C8:A8:AC:B5:2C:F0:CF:7F:31:36:94:30:0F:53:86:68:62:37:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8iorLUs8M9_MTaUMA9ThmhiN60.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:1a:74:87:06:93:21:3c:ff:47:59:68:ab:69:27:f2:b8:a4: 49:d7:a7:73:b4:61:df:d8:5f:05:12:50:9b:b3:ac:80:5e:cb: 70:ba:c2:9a:6f:bc:63:a9:c9:e0:d9:68:fa:18:e8:6e:00:e0: 68:ef:a5:c6:f9:94:40:5f:25:84:12:4b:52:93:0c:ab:39:a1: 84:a2:21:4c:df:f0:fd:8a:c7:26:6e:b0:f2:b8:49:a8:b1:fc: 60:44:ad:07:ab:9d:5b:39:f7:39:30:17:e3:88:9e:49:51:8c: 53:3d:36:9c:c8:1e:8a:9c:0e:85:2c:63:7a:e9:33:a4:a5:40: b9:ca:c9:23:4a:c4:d6:ca:17:20:23:5c:ad:7e:23:9d:fa:5b: c0:73:24:57:f6:80:e8:2f:d8:0a:55:73:a7:5b:65:dd:e6:c2: 64:b5:e5:12:ec:c7:e2:93:29:70:6c:88:4a:6a:68:d2:53:dc: 21:18:3c:bf:14:e1:b3:3c:dc:9e:f0:af:d7:5d:2f:b5:74:81: 43:63:cf:df:94:0d:d4:64:a4:2d:fa:f5:98:68:ff:d5:aa:1b: 31:ae:f5:93:bd:3e:c2:15:99:75:4b:ee:0c:cb:f4:56:b8:1b: 96:31:1a:59:fa:fa:49:a6:ab:2c:f8:c0:0a:34:6d:50:35:22: b7:b4:a0:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA1NDkxMTAvBgNVBAUTKDJCQzhBOEFDQjUyQ0YwQ0Y3RjMxMzY5NDMwMEY1Mzg2 Njg2MjM3QUQwHhcNMjQwNTE4MjAwOTI1WhcNMjQwNTI1MjAwOTI1WjAYMRYwFAYD VQQDEw02NjQ5MGFmNS1hMWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA65cmf/j6wv67OTuA5LGWfwhkW6IUPycuBCl0IZySnQLOrM/GdO6G97LXfnUJ NKOHd2dBxn5r6M4nqhfQSEyuIgvZEyiHqj6iblFIhEcFu4MMffcHed6mI3CLIlKL /cZ0AETx7XAgVCVF4SsJnOG+5rGArqQQmlohpRPw53jaPBdPUjy/WmMbZ2mupDSc gM3M/6moqrBv4RPotGj4NzVtWUXpLeoDeqxSEf8X005DzMfI7docdg9AI1VUrIdL 4e5TB/mTM/sXgsdAyEPIcfXwHLVH8dE95ERRD7UHJ0xugtEhYWnhAvKB6Bob4Bjq 7ei+smzbgpa0X7O4Joywtw7tBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwZ0sF6 i20Rr8umfiYprrWm1vOZMB8GA1UdIwQYMBaAFCvIqKy1LPDPfzE2lDAPU4ZoYjet MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDU0OS8xQzZGNEFEQzMw MzExMUVBODg2RDUxN0NDNEY5QUUwMi9LOGlvckxVczhNOV9NVGFVTUE5VGhtaGlO NjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s4aW9yTFVzOE05X01UYVVNQTlUaG1oaU42MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDU0OS8xQzZGNEFEQzMwMzExMUVBODg2RDUxN0NDNEY5QUUwMi9LOGlvckxVczhN OV9NVGFVTUE5VGhtaGlONjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhGnSHBpMhPP9HWWiraSfyuKRJ16dztGHf2F8FElCbs6yAXstwusKa b7xjqcng2Wj6GOhuAOBo76XG+ZRAXyWEEktSkwyrOaGEoiFM3/D9iscmbrDyuEmo sfxgRK0Hq51bOfc5MBfjiJ5JUYxTPTacyB6KnA6FLGN66TOkpUC5yskjSsTWyhcg I1ytfiOd+lvAcyRX9oDoL9gKVXOnW2Xd5sJkteUS7MfikylwbIhKamjSU9whGDy/ FOGzPNye8K/XXS+1dIFDY8/flA3UZKQt+vWYaP/VqhsxrvWTvT7CFZl1S+4My/RW uBuWMRpZ+vpJpqss+MAKNG1QNSK3tKAh -----END CERTIFICATE-----Generated at Sat May 18 20:48:21 2024 by rpki-client on console-fra.rpki-client.org