$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft File: IaR__8gaEzNcB7kmBaLd_RgHoUw.mft (raw, json) Hash identifier: Zw4b+9b3UkoOGnwcwC+bIX35FASkTwd7OLg79DHQSl4= Subject key identifier: C4:E9:1D:7B:4F:99:13:14:C2:D6:3E:87:10:83:EC:CE:6A:14:78:42 Authority key identifier: 21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C Certificate issuer: /CN=A91BF905/serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C Certificate serial: 0A33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft Manifest number: 0A29 Signing time: Sat 18 May 2024 20:34:25 +0000 Manifest this update: Sat 18 May 2024 20:34:24 +0000 Manifest next update: Sat 25 May 2024 20:34:24 +0000 Files and hashes: 1: IaR__8gaEzNcB7kmBaLd_RgHoUw.crl (hash: GbarVxZl3PTm9KDQXkT2HIID8Ddme2zS4BWIged8lt4=) 2: 6DF2EF1A4A3411ED8523151BC4F9AE02.roa (hash: rKu5P/dZn5K2grrJn8pRrFKNalUkL4kGoQzjtM5Tawo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.crl rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2611 (0xa33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF905/serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C Validity Not Before: May 18 20:34:24 2024 GMT Not After : May 25 20:34:24 2024 GMT Subject: CN=664910d1-2020 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:f9:45:ed:da:85:60:e4:ef:04:b3:34:6c:9b: 39:33:d0:3d:89:ea:6a:15:39:d2:40:b0:39:14:c0: 9f:00:e5:f8:a0:44:78:f7:d0:ed:71:a7:3f:45:4a: d6:cd:a7:9c:fb:93:44:74:da:ef:59:67:f9:3c:72: 17:df:7c:1e:26:ba:8f:61:c6:3b:97:56:bb:65:20: ee:66:4e:23:1f:a1:fe:2a:26:b9:f1:b5:65:e9:6e: 26:5a:71:10:a6:6e:03:40:73:d4:b2:79:da:1b:b2: 40:17:db:a4:b3:24:9a:61:9d:e5:8c:3a:a2:6a:48: 93:de:89:57:31:8f:b5:e9:a1:82:2c:87:45:f9:9a: 04:51:bf:b6:af:99:44:dc:81:27:d4:07:e4:36:9b: 85:e3:8e:bb:4a:20:b9:63:20:23:52:78:fd:2c:81: f4:bf:ca:e6:92:c3:65:6c:96:9f:7a:4c:8e:d8:ac: 69:a3:de:e5:23:d4:88:80:ee:58:9d:78:32:1c:66: 92:52:97:49:d9:f5:4c:25:0e:c2:10:fe:e6:1c:dd: 6d:fa:66:b9:5c:ee:83:cd:de:6e:7e:9b:5d:c8:6a: 0d:bb:ef:9c:6a:d1:1a:ce:76:0c:fe:d2:89:9b:66: b3:d7:8a:2e:fd:fd:3d:f0:6a:c5:8f:b7:73:92:70: 97:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:E9:1D:7B:4F:99:13:14:C2:D6:3E:87:10:83:EC:CE:6A:14:78:42 X509v3 Authority Key Identifier: keyid:21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:80:c1:5b:d4:a1:d1:fe:8a:ef:34:df:13:fe:58:77:1b:3d: a3:74:58:74:b8:da:61:f2:16:b4:e3:da:1d:ee:c5:65:7d:99: 63:bf:dc:9d:da:bc:78:2d:bc:b1:0e:32:60:4c:d8:3b:4f:f9: eb:7d:f8:cb:9b:db:f7:26:6a:55:d1:72:5b:82:95:91:4e:bd: 0d:b1:93:66:bc:be:91:dd:05:a2:23:02:00:83:25:a0:ab:19: ec:9d:8a:5b:b4:68:7b:b5:a0:a6:b1:60:80:9c:86:87:ee:78: 1d:60:0f:75:bb:f5:b7:26:4d:d1:c6:a0:89:5a:ae:5e:9d:8d: 6c:7b:03:12:89:81:80:74:b5:3c:7b:88:c0:87:f6:a8:79:78: 1a:46:1e:0b:3e:90:de:27:88:62:27:d2:56:64:78:ec:48:e3: a6:6b:7c:a2:3a:52:8a:a6:84:60:fa:fc:5a:a4:fa:c6:ea:33: a2:47:5d:e2:cf:36:c0:2f:ed:30:cf:15:9f:3b:3d:1e:bb:06: 8f:7f:6d:e3:75:f0:48:c7:b4:d5:cf:02:05:f3:65:d3:6f:9f: b3:6a:f2:f1:39:29:c9:7a:2e:81:a9:69:7f:94:48:ae:46:2b: 61:e6:d0:56:f0:6f:a1:3d:43:1c:27:0d:83:77:ea:6b:1f:1e: 13:68:a7:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY5MDUxMTAvBgNVBAUTKDIxQTQ3RkZGQzgxQTEzMzM1QzA3QjkyNjA1QTJEREZE MTgwN0ExNEMwHhcNMjQwNTE4MjAzNDI0WhcNMjQwNTI1MjAzNDI0WjAYMRYwFAYD VQQDEw02NjQ5MTBkMS0yMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6PlF7dqFYOTvBLM0bJs5M9A9iepqFTnSQLA5FMCfAOX4oER499Dtcac/RUrW zaec+5NEdNrvWWf5PHIX33weJrqPYcY7l1a7ZSDuZk4jH6H+Kia58bVl6W4mWnEQ pm4DQHPUsnnaG7JAF9uksySaYZ3ljDqiakiT3olXMY+16aGCLIdF+ZoEUb+2r5lE 3IEn1AfkNpuF4467SiC5YyAjUnj9LIH0v8rmksNlbJafekyO2Kxpo97lI9SIgO5Y nXgyHGaSUpdJ2fVMJQ7CEP7mHN1t+ma5XO6Dzd5ufptdyGoNu++catEaznYM/tKJ m2az14ou/f098GrFj7dzknCXGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMTpHXtP mRMUwtY+hxCD7M5qFHhCMB8GA1UdIwQYMBaAFCGkf//IGhMzXAe5JgWi3f0YB6FM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjkwNS8xRkE3QzQ2QzQ4 RDMxMUVBOEFBRTQ2NjhDNEY5QUUwMi9JYVJfXzhnYUV6TmNCN2ttQmFMZF9SZ0hv VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lhUl9fOGdhRXpOY0I3a21CYUxkX1JnSG9Vdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjkwNS8xRkE3QzQ2QzQ4RDMxMUVBOEFBRTQ2NjhDNEY5QUUwMi9JYVJfXzhnYUV6 TmNCN2ttQmFMZF9SZ0hvVXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHgMFb1KHR/orvNN8T/lh3Gz2jdFh0uNph8ha049od7sVlfZljv9yd 2rx4LbyxDjJgTNg7T/nrffjLm9v3JmpV0XJbgpWRTr0NsZNmvL6R3QWiIwIAgyWg qxnsnYpbtGh7taCmsWCAnIaH7ngdYA91u/W3Jk3RxqCJWq5enY1sewMSiYGAdLU8 e4jAh/aoeXgaRh4LPpDeJ4hiJ9JWZHjsSOOma3yiOlKKpoRg+vxapPrG6jOiR13i zzbAL+0wzxWfOz0euwaPf23jdfBIx7TVzwIF82XTb5+zavLxOSnJei6BqWl/lEiu Rith5tBW8G+hPUMcJw2Dd+prHx4TaKcU -----END CERTIFICATE-----Generated at Sat May 18 21:24:23 2024 by rpki-client on console-fra.rpki-client.org