$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: hv7OmdLlnuKGiciIqhGQFgMBwCjcS7ggMBxVRVvmfkE= Subject key identifier: C3:E5:B1:EE:BF:7F:4F:F9:C8:C1:12:3A:FB:8F:86:59:B2:FF:31:AB Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: 1F Signing time: Sun 19 May 2024 08:38:21 +0000 Manifest this update: Sun 19 May 2024 08:38:20 +0000 Manifest next update: Sun 26 May 2024 08:38:20 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: EN8okRBb1ud0MoGwhHOS6Nq1d+zSzQYfIJxCw9r+Vp0=) 2: 33B566F2E80811EEB4888B0FC4F9AE02.roa (hash: NoXuOW0Fxe9kbmt2KuqfmbmSgijDj9PUL7XzIgwj6mw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: May 19 08:38:20 2024 GMT Not After : May 26 08:38:20 2024 GMT Subject: CN=6649ba7c-8291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:02:97:e1:7f:74:85:bc:72:3e:b1:19:05:58: f6:0c:02:26:6c:15:f3:80:14:8f:bd:c7:ff:11:89: 03:99:0c:7a:7b:b5:fd:0e:33:61:f1:1d:09:2f:87: d6:96:02:a2:55:7d:7f:7c:60:aa:70:a3:d3:b3:05: b8:01:6c:65:9b:1a:a8:a2:7c:69:c1:3b:01:d1:76: d4:2a:2f:c2:86:1b:23:55:ec:b3:b7:1b:62:99:62: 23:f9:2e:9f:b6:c4:c6:9c:16:1b:2f:ee:84:f7:9d: 71:e9:17:25:86:3c:42:67:c9:b4:de:b3:98:33:79: 0c:21:20:7d:c3:33:04:73:88:e9:79:be:84:d7:5e: cc:36:d6:b8:48:8a:99:52:b0:78:c8:33:f0:fc:3a: 83:97:3d:94:0e:88:17:d4:39:d2:c0:45:23:8a:6a: 27:56:9d:90:49:35:ee:b3:81:ad:d3:ab:81:25:55: 01:e5:5a:0a:f1:22:65:61:0f:86:45:6a:56:cc:3b: c8:5a:9e:77:e0:5c:2d:e7:70:5a:f8:fa:ac:85:2b: bd:44:be:8f:f7:f3:8b:07:56:1d:83:d6:ed:07:0c: 9b:c8:c5:ec:1e:a4:45:bb:b9:d6:0a:62:ae:a3:0c: 69:43:34:bc:b7:21:26:be:89:e4:67:46:bb:cd:a5: 4b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:E5:B1:EE:BF:7F:4F:F9:C8:C1:12:3A:FB:8F:86:59:B2:FF:31:AB X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:d5:70:8a:01:32:f1:5a:88:41:ef:fd:43:83:82:7f:57:33: b3:81:0b:10:95:82:e2:36:c6:7d:ec:da:9a:18:e3:c1:9e:1c: c8:17:9b:03:1c:0b:f8:99:af:19:16:7a:7d:65:86:93:cf:d1: 80:5c:9c:ae:ab:00:9d:8b:71:eb:0d:ed:a0:f8:a4:f8:1d:ec: 35:13:3a:14:f0:b8:2f:cc:64:f5:0c:b5:45:07:6c:4a:86:a6: 1f:09:d4:46:4a:47:8a:85:0d:fb:af:54:a7:2f:6f:cd:5b:40: d5:e2:0b:9b:77:e0:2e:9e:65:e1:61:f8:46:a6:96:bc:01:e7: cf:bd:8e:3c:75:0e:98:f0:0a:be:4f:b5:d2:1b:e9:91:65:24: 10:b5:f8:48:e8:6f:0a:af:ac:f4:10:ab:22:f5:7f:73:c9:2d: 59:14:3c:34:b3:8f:94:2c:a8:71:f7:29:42:06:a2:bb:d3:eb: e6:99:8c:fa:7d:28:bf:d6:2e:a8:d8:d1:40:d1:1b:3d:a2:a3: b0:46:63:c4:2e:c2:cb:fc:e7:92:37:27:18:07:88:9c:30:70: da:14:da:94:15:98:1b:ec:f8:58:32:5d:25:93:86:ff:7a:da: f7:59:b5:4a:a6:0f:fe:c1:3a:e2:d7:6d:7a:37:a8:ca:3f:55: c7:76:1c:f1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QUQyRDExMC8GA1UEBRMoOTRBOTUwQjMwM0I0NjkwMERENUEzMDYxMDMwQzg5QTQ4 OTY4MDNBRjAeFw0yNDA1MTkwODM4MjBaFw0yNDA1MjYwODM4MjBaMBgxFjAUBgNV BAMTDTY2NDliYTdjLTgyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8Apfhf3SFvHI+sRkFWPYMAiZsFfOAFI+9x/8RiQOZDHp7tf0OM2HxHQkvh9aW AqJVfX98YKpwo9OzBbgBbGWbGqiifGnBOwHRdtQqL8KGGyNV7LO3G2KZYiP5Lp+2 xMacFhsv7oT3nXHpFyWGPEJnybTes5gzeQwhIH3DMwRziOl5voTXXsw21rhIiplS sHjIM/D8OoOXPZQOiBfUOdLARSOKaidWnZBJNe6zga3Tq4ElVQHlWgrxImVhD4ZF albMO8hannfgXC3ncFr4+qyFK71Evo/384sHVh2D1u0HDJvIxewepEW7udYKYq6j DGlDNLy3ISa+ieRnRrvNpUu9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUw+Wx7r9/ T/nIwRI6+4+GWbL/MaswHwYDVR0jBBgwFoAUlKlQswO0aQDdWjBhAwyJpIloA68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBRDJELzkwODhFRTVBRTgw MTExRUVBRDZDNTAzMEM0RjlBRTAyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbEtsUXN3TzBhUURkV2pCaEF3eUpwSWxvQTY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJB RDJELzkwODhFRTVBRTgwMTExRUVBRDZDNTAzMEM0RjlBRTAyL2xLbFFzd08wYVFE ZFdqQmhBd3lKcElsb0E2OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAE3VcIoBMvFaiEHv/UODgn9XM7OBCxCVguI2xn3s2poY48GeHMgXmwMc C/iZrxkWen1lhpPP0YBcnK6rAJ2LcesN7aD4pPgd7DUTOhTwuC/MZPUMtUUHbEqG ph8J1EZKR4qFDfuvVKcvb81bQNXiC5t34C6eZeFh+EamlrwB58+9jjx1DpjwCr5P tdIb6ZFlJBC1+EjobwqvrPQQqyL1f3PJLVkUPDSzj5QsqHH3KUIGorvT6+aZjPp9 KL/WLqjY0UDRGz2io7BGY8Quwsv855I3JxgHiJwwcNoU2pQVmBvs+FgyXSWThv96 2vdZtUqmD/7BOuLXbXo3qMo/Vcd2HPE= -----END CERTIFICATE-----Generated at Sun May 19 09:32:18 2024 by rpki-client on console-ams.rpki-client.org