$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft File: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft (raw, json) Hash identifier: U2GvMjnOvnoPKn0Ncd01sQD0NB44z0L8xR5FgLewjjQ= Subject key identifier: 39:CE:76:C2:60:18:17:D5:D1:F2:DF:18:0D:5A:49:30:E7:95:EE:5A Authority key identifier: E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 Certificate issuer: /CN=A91C4060/serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Certificate serial: 065E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft Manifest number: 0659 Signing time: Sat 18 May 2024 23:35:38 +0000 Manifest this update: Sat 18 May 2024 23:35:37 +0000 Manifest next update: Sat 25 May 2024 23:35:37 +0000 Files and hashes: 1: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl (hash: rkBQA5pykRe77XkGKtinQ8RU18uzvJnBf0RtgIu5uzk=) 2: 71C26BD039D211EB84B9FD6BC4F9AE02.roa (hash: 9Ioqjb6UfH3GfYuP6JJKmPFvoBaEH5i4iGzHzciFUTM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1630 (0x65e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4060/serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Validity Not Before: May 18 23:35:37 2024 GMT Not After : May 25 23:35:37 2024 GMT Subject: CN=66493b49-b163 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3e:3d:78:8b:46:e6:1d:3c:e2:7f:c7:e9:ed: e2:47:27:b8:2f:e5:a8:0f:fa:e1:67:70:c4:8a:9a: 3b:ef:2d:61:7a:f4:9b:9e:d3:f5:22:18:67:ad:d0: ab:38:d9:fa:ee:a8:ea:7d:a9:3e:33:03:17:0b:bc: 80:11:68:48:88:1e:06:40:33:2e:dd:98:fb:2b:59: 2f:ef:8a:6d:69:36:3d:8a:e3:c4:dc:df:76:70:00: 3a:05:44:03:77:d1:92:c6:86:98:9d:db:20:67:ba: 03:75:7a:45:32:69:29:f3:75:08:4d:0e:5e:6a:62: 99:42:d2:01:40:ea:01:96:92:2a:6f:6e:63:ec:5c: 92:38:7a:5e:c8:38:2c:8e:a4:90:3c:7a:15:1a:3c: 1c:f9:32:5d:94:7e:50:2c:26:0b:1d:e5:e2:b6:37: b1:aa:08:16:ac:24:65:ce:b3:8c:95:9e:c9:66:ad: d6:53:96:14:00:aa:fa:39:5a:4c:ef:3e:4b:ef:21: e1:e0:02:75:9b:a0:d1:40:53:c5:7c:8c:b5:dc:a0: 20:3a:0c:ec:bc:4f:69:c0:69:1b:fc:85:fc:62:4a: 4c:5d:05:85:fd:20:d5:46:8b:5e:c9:76:b3:65:fc: 88:46:59:20:26:13:b5:68:4b:ef:e8:59:c6:d5:59: 50:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:CE:76:C2:60:18:17:D5:D1:F2:DF:18:0D:5A:49:30:E7:95:EE:5A X509v3 Authority Key Identifier: keyid:E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:74:57:12:c0:eb:e2:ea:c9:7a:9d:aa:d8:cf:b4:b3:f3:2a: a8:68:8b:08:03:23:91:63:21:a8:31:df:62:bc:0a:39:f8:13: d3:77:4d:0e:c1:bf:19:73:52:0c:2a:e9:11:6f:85:bc:01:5c: 75:f2:b0:73:55:af:ca:a4:04:bc:f3:a2:73:d7:aa:30:af:c0: 3f:95:fa:b9:f4:ab:bb:4a:56:df:e6:9d:a4:c0:af:2a:7a:ad: a1:47:fb:63:44:af:08:7d:55:f8:30:b6:91:36:35:fd:16:b7: d8:c4:e4:7c:56:39:5d:ed:22:d3:16:e4:02:f8:53:2c:24:2e: b2:f8:36:da:e0:84:73:5e:e7:4b:81:a9:6d:d3:63:b5:6b:b5: 32:7e:4e:95:1d:eb:cf:60:85:0c:bb:7f:f3:c9:69:66:19:c6: 09:71:0a:f0:c1:05:64:d0:36:20:7e:21:a0:60:78:b7:40:06: aa:c4:57:3c:e4:3e:18:4f:45:3a:a1:c9:dc:87:da:7a:bb:12: e4:e7:79:db:07:c2:f0:93:20:fd:76:33:bc:ae:c5:20:ba:b4: cc:e3:e2:9f:02:b2:fd:31:11:4f:c4:ed:30:3a:1f:57:7c:00: d0:07:65:b0:f8:b5:32:ec:d4:73:84:2c:b0:77:ca:be:4a:85: ee:c9:ab:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwNjAxMTAvBgNVBAUTKEUyMUYyNEUwQzU0REJCOTNGNjY3ODE0NDAyRDY2QUQ0 MDgwNzExMTQwHhcNMjQwNTE4MjMzNTM3WhcNMjQwNTI1MjMzNTM3WjAYMRYwFAYD VQQDEw02NjQ5M2I0OS1iMTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzD49eItG5h084n/H6e3iRye4L+WoD/rhZ3DEipo77y1hevSbntP1IhhnrdCr ONn67qjqfak+MwMXC7yAEWhIiB4GQDMu3Zj7K1kv74ptaTY9iuPE3N92cAA6BUQD d9GSxoaYndsgZ7oDdXpFMmkp83UITQ5eamKZQtIBQOoBlpIqb25j7FySOHpeyDgs jqSQPHoVGjwc+TJdlH5QLCYLHeXitjexqggWrCRlzrOMlZ7JZq3WU5YUAKr6OVpM 7z5L7yHh4AJ1m6DRQFPFfIy13KAgOgzsvE9pwGkb/IX8YkpMXQWF/SDVRoteyXaz ZfyIRlkgJhO1aEvv6FnG1VlQ8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDnOdsJg GBfV0fLfGA1aSTDnle5aMB8GA1UdIwQYMBaAFOIfJODFTbuT9meBRALWatQIBxEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDA2MC81NjkzODlGRTM5 RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1UDJaNEZFQXRacTFBZ0hF UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoOGs0TVZOdTVQMlo0RkVBdFpxMUFnSEVSUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDA2MC81NjkzODlGRTM5RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1 UDJaNEZFQXRacTFBZ0hFUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRdFcSwOvi6sl6narYz7Sz8yqoaIsIAyORYyGoMd9ivAo5+BPTd00O wb8Zc1IMKukRb4W8AVx18rBzVa/KpAS886Jz16owr8A/lfq59Ku7Slbf5p2kwK8q eq2hR/tjRK8IfVX4MLaRNjX9FrfYxOR8Vjld7SLTFuQC+FMsJC6y+Dba4IRzXudL galt02O1a7Uyfk6VHevPYIUMu3/zyWlmGcYJcQrwwQVk0DYgfiGgYHi3QAaqxFc8 5D4YT0U6ocnch9p6uxLk53nbB8LwkyD9djO8rsUgurTM4+KfArL9MRFPxO0wOh9X fADQB2Ww+LUy7NRzhCywd8q+SoXuyatc -----END CERTIFICATE-----Generated at Sun May 19 00:30:20 2024 by rpki-client on console-ams.rpki-client.org