$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft File: RZTy7BffVsPQZUDzZtKvEYsxfx4.mft (raw, json) Hash identifier: nibyvNrnZK9b6Dv1ofTWVwoeEoOVHQmKgov/CURG79w= Subject key identifier: 8B:61:DF:BA:A5:2D:55:3E:59:AB:9C:7E:93:8F:9D:4E:28:10:FC:A0 Authority key identifier: 45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E Certificate issuer: /CN=A91CE978/serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Certificate serial: 4B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft Manifest number: 49 Signing time: Fri 31 May 2024 15:03:34 +0000 Manifest this update: Fri 31 May 2024 15:03:34 +0000 Manifest next update: Fri 07 Jun 2024 15:03:34 +0000 Files and hashes: 1: RZTy7BffVsPQZUDzZtKvEYsxfx4.crl (hash: 9JcA1jZsGkeW0CuBB6qTEqxDxtYj4UqKT4km7TagS4Q=) 2: 30EAE110B9AD11EE83063243C4F9AE02.roa (hash: 5N+f2t+l19je3pcCt5hEaTL3vroVIGjp7rNbmODsUvM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 14:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE978/serialNumber=4594F2EC17DF56C3D06540F366D2AF118B317F1E Validity Not Before: May 31 15:03:34 2024 GMT Not After : Jun 7 15:03:34 2024 GMT Subject: CN=6659e6c6-347d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ad:bb:a6:86:d1:c7:b9:ad:9f:eb:c6:8c:66: 7e:88:68:e8:74:89:6b:62:a2:5d:80:e7:b2:e7:bb: 08:9b:4f:ba:38:42:2f:39:01:d2:23:79:5c:67:9d: 8d:f3:7b:29:f2:b6:6c:12:32:37:e3:95:96:bc:e7: fa:57:fd:bb:b3:ac:ed:08:e9:1e:f9:01:d0:2d:26: 34:06:14:2f:90:7e:b7:4c:b8:79:0a:2b:88:6b:58: 87:b1:c2:b7:05:72:b2:ed:45:95:5d:19:18:e9:c6: 4a:5c:96:7a:be:f5:91:35:b6:a6:bd:f4:63:6b:01: 7a:b9:1b:44:29:aa:d1:0d:db:a8:70:4e:63:0f:e7: f5:26:bd:96:2a:fa:69:32:3d:c4:a7:f6:51:4c:35: 1f:6e:26:b4:3c:90:dc:b7:29:af:7f:3e:a8:98:52: 96:a9:b2:65:09:b1:e2:38:7a:7b:c4:1f:ae:32:75: 8a:42:b7:1f:26:f2:5d:03:d3:f6:d3:4f:4d:e1:6f: d1:0c:82:33:b4:70:4b:2a:aa:fc:a3:35:2a:ef:d9: cd:65:68:0d:76:31:3f:ed:2d:50:3e:09:6a:41:bf: c5:e9:3f:02:e5:68:d6:c1:e4:08:ad:f9:ef:86:0d: 66:9e:6d:bd:05:92:fe:e9:bd:a1:52:62:13:2e:f7: 16:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:61:DF:BA:A5:2D:55:3E:59:AB:9C:7E:93:8F:9D:4E:28:10:FC:A0 X509v3 Authority Key Identifier: keyid:45:94:F2:EC:17:DF:56:C3:D0:65:40:F3:66:D2:AF:11:8B:31:7F:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RZTy7BffVsPQZUDzZtKvEYsxfx4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE978/5DB555AAB8DA11EEBC4BEC2DC4F9AE02/RZTy7BffVsPQZUDzZtKvEYsxfx4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:64:cf:15:b0:40:94:1a:13:9b:3d:c0:1b:44:4b:e2:6b:b1: 15:ef:63:bd:64:84:e3:8a:4f:fa:12:b4:37:95:04:b2:00:f5: 17:77:6c:fd:a6:c5:5e:f1:11:6a:54:7a:67:77:ae:0f:6f:c8: 0b:d0:3d:50:42:81:0c:6d:2e:9e:3a:0a:8b:01:c3:ac:e1:79: 88:00:d5:f1:ee:4a:0c:9d:d6:05:22:6e:42:1c:16:8e:fe:37: aa:3d:12:54:19:38:2c:d5:43:10:d2:bd:3d:1c:79:18:7c:48: 80:b6:47:d5:e0:e3:22:dc:2e:f6:fb:c7:9f:94:20:fc:f9:dc: 3f:85:55:5f:16:9c:49:6a:fd:c6:e6:34:2c:ba:30:19:5e:86: 0a:bc:b1:93:a6:67:26:45:60:d3:1c:53:2e:64:46:18:ee:31: f6:f1:91:90:77:7b:ac:21:24:d8:82:de:67:29:0c:96:f6:a5: ed:c4:ab:1a:95:21:83:70:a3:72:ce:f7:6e:32:62:91:d3:53: ff:8e:c4:01:69:09:8d:e8:85:7b:86:b2:7c:c2:eb:f0:af:33: 8d:15:0f:b4:a8:6e:12:1a:04:32:06:2a:7b:4a:5f:6d:f0:44: f7:52:1e:04:4c:8c:d4:9f:be:b1:f3:e5:6e:dc:d6:03:a7:11: 9f:70:dc:f2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTk3ODExMC8GA1UEBRMoNDU5NEYyRUMxN0RGNTZDM0QwNjU0MEYzNjZEMkFGMTE4 QjMxN0YxRTAeFw0yNDA1MzExNTAzMzRaFw0yNDA2MDcxNTAzMzRaMBgxFjAUBgNV BAMTDTY2NTllNmM2LTM0N2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDarbumhtHHua2f68aMZn6IaOh0iWtiol2A57LnuwibT7o4Qi85AdIjeVxnnY3z eynytmwSMjfjlZa85/pX/buzrO0I6R75AdAtJjQGFC+QfrdMuHkKK4hrWIexwrcF crLtRZVdGRjpxkpclnq+9ZE1tqa99GNrAXq5G0QpqtEN26hwTmMP5/UmvZYq+mky PcSn9lFMNR9uJrQ8kNy3Ka9/PqiYUpapsmUJseI4envEH64ydYpCtx8m8l0D0/bT T03hb9EMgjO0cEsqqvyjNSrv2c1laA12MT/tLVA+CWpBv8XpPwLlaNbB5Ait+e+G DWaebb0Fkv7pvaFSYhMu9xYrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUi2HfuqUt VT5Zq5x+k4+dTigQ/KAwHwYDVR0jBBgwFoAURZTy7BffVsPQZUDzZtKvEYsxfx4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFOTc4LzVEQjU1NUFBQjhE QTExRUVCQzRCRUMyREM0RjlBRTAyL1JaVHk3QmZmVnNQUVpVRHpadEt2RVlzeGZ4 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUlpUeTdCZmZWc1BRWlVEelp0S3ZFWXN4Zng0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF OTc4LzVEQjU1NUFBQjhEQTExRUVCQzRCRUMyREM0RjlBRTAyL1JaVHk3QmZmVnNQ UVpVRHpadEt2RVlzeGZ4NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABFkzxWwQJQaE5s9wBtES+JrsRXvY71khOOKT/oStDeVBLIA9Rd3bP2m xV7xEWpUemd3rg9vyAvQPVBCgQxtLp46CosBw6zheYgA1fHuSgyd1gUibkIcFo7+ N6o9ElQZOCzVQxDSvT0ceRh8SIC2R9Xg4yLcLvb7x5+UIPz53D+FVV8WnElq/cbm NCy6MBlehgq8sZOmZyZFYNMcUy5kRhjuMfbxkZB3e6whJNiC3mcpDJb2pe3EqxqV IYNwo3LO924yYpHTU/+OxAFpCY3ohXuGsnzC6/CvM40VD7SobhIaBDIGKntKX23w RPdSHgRMjNSfvrHz5W7c1gOnEZ9w3PI= -----END CERTIFICATE-----