$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft File: ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft (raw, json) Hash identifier: I96k5BQkx+e9l886Vb3CZ97hmo0A8M1HYJM+k52FzK8= Subject key identifier: 27:9D:84:BB:DF:06:E3:50:A8:29:0E:54:A6:C4:7E:2D:89:69:9A:22 Authority key identifier: 93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 Certificate issuer: /CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Certificate serial: 0DC5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft Manifest number: 0DB5 Signing time: Sat 18 May 2024 18:31:08 +0000 Manifest this update: Sat 18 May 2024 18:31:06 +0000 Manifest next update: Sat 25 May 2024 18:31:06 +0000 Files and hashes: 1: ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl (hash: 3r0rMWJj1+/9sIJ0R+Ho3pOhL0d3OQbmYnwpP9MRThE=) 2: 5C154406988911E991B10838C4F9AE02.roa (hash: E68+HsJGCOP2CrbeVqGVn23zDN97LBirmeW+EzG4LF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3525 (0xdc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Validity Not Before: May 18 18:31:06 2024 GMT Not After : May 25 18:31:06 2024 GMT Subject: CN=6648f3eb-9dea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a5:42:88:f2:a4:6f:65:93:20:f5:4e:b8:9f: 24:9a:f7:dc:be:12:b9:a8:2d:0b:88:bd:5e:0d:64: 04:a6:a7:7e:60:47:2d:2b:e4:84:c5:37:8b:62:f2: 8d:ce:c1:6f:f1:90:88:44:f9:de:0b:b2:86:00:32: de:f0:82:5c:b7:1b:95:b7:96:9a:4c:1a:46:cf:c4: af:bf:4c:04:08:0f:73:65:62:b9:6e:de:59:9b:3f: 24:91:ab:d7:22:15:6d:39:d0:1d:16:98:57:19:68: 5f:b2:40:07:ce:9c:49:6c:a8:0d:01:9a:f2:35:cf: 0f:d2:c4:0a:e4:53:0a:2d:e0:e2:11:cd:fe:4a:fc: b6:ff:c3:2d:f9:56:18:e1:dd:5f:64:21:bb:e7:41: f8:21:4e:d2:7b:32:39:37:60:4f:31:8c:5e:be:b2: ba:84:e3:1d:17:f4:a2:9f:7b:19:e7:52:d0:e5:0f: 85:49:69:a0:39:3c:7e:0b:0d:d4:56:df:29:99:bb: 93:ab:f5:9e:96:b8:32:d2:c6:2f:a1:fd:27:50:6f: ef:7d:da:c0:16:b2:03:95:b7:8a:81:43:2e:00:c3: 4c:c0:02:b1:cd:be:f4:19:ed:01:98:02:fe:47:4c: 7e:23:62:02:8f:d1:0f:2e:b4:b0:ee:a5:2b:b6:d1: d1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:9D:84:BB:DF:06:E3:50:A8:29:0E:54:A6:C4:7E:2D:89:69:9A:22 X509v3 Authority Key Identifier: keyid:93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:3f:63:a0:c3:1e:fb:aa:a7:be:95:b1:64:e7:ce:6f:3a:f9: 0a:10:73:77:a8:fc:16:7f:f1:d0:f2:bc:ac:4a:5b:34:40:e5: e6:b5:8d:41:db:18:28:49:64:0e:cb:40:4c:85:b8:8f:50:ac: 7a:37:2c:65:22:2e:71:9a:af:19:a9:05:b0:19:b7:06:26:ef: 16:32:3a:53:1d:58:6a:bc:86:11:79:0d:ac:6d:27:a9:65:8c: 94:e8:67:59:8d:9f:8e:58:b2:07:ab:c0:61:fc:aa:bb:3c:0a: 10:37:ac:30:26:f3:58:dc:44:55:00:60:0c:90:0b:3a:f5:5f: 47:ad:1b:50:c7:0b:db:d0:8c:06:c5:ae:3d:1c:46:49:0d:cd: 6a:05:e9:50:7c:70:58:6d:93:aa:08:17:b0:cb:c1:9b:61:ec: 73:76:32:bc:9b:6d:cd:1a:01:1c:ef:3c:19:4a:5b:8a:80:6d: dc:04:3c:91:57:53:82:52:13:f4:54:e7:6f:9d:81:99:de:79: 33:b8:1c:7c:09:1f:e6:e0:d3:72:40:22:8d:4a:05:d3:62:75: f3:fa:b2:38:cd:fb:a3:49:c0:c0:1e:3e:73:44:45:b8:f5:eb: a6:16:13:4b:9a:72:ec:23:f4:4b:47:25:42:ea:95:20:19:08: c7:bb:92:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VGM0UxMTAvBgNVBAUTKDkzMkVDMkU2RTUyQjVBRjZDN0IwM0M0MTUwMjBFREUy NzJBQUExNDUwHhcNMjQwNTE4MTgzMTA2WhcNMjQwNTI1MTgzMTA2WjAYMRYwFAYD VQQDEw02NjQ4ZjNlYi05ZGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwqVCiPKkb2WTIPVOuJ8kmvfcvhK5qC0LiL1eDWQEpqd+YEctK+SExTeLYvKN zsFv8ZCIRPneC7KGADLe8IJctxuVt5aaTBpGz8Svv0wECA9zZWK5bt5Zmz8kkavX IhVtOdAdFphXGWhfskAHzpxJbKgNAZryNc8P0sQK5FMKLeDiEc3+Svy2/8Mt+VYY 4d1fZCG750H4IU7SezI5N2BPMYxevrK6hOMdF/Sin3sZ51LQ5Q+FSWmgOTx+Cw3U Vt8pmbuTq/Welrgy0sYvof0nUG/vfdrAFrIDlbeKgUMuAMNMwAKxzb70Ge0BmAL+ R0x+I2ICj9EPLrSw7qUrttHREwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCedhLvf BuNQqCkOVKbEfi2JaZoiMB8GA1UdIwQYMBaAFJMuwublK1r2x7A8QVAg7eJyqqFF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUYzRS9DQjc0Q0Y2RTk4 N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2YkhzRHhCVUNEdDRuS3Fv VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2t5N0M1dVVyV3ZiSHNEeEJVQ0R0NG5LcW9VVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUYzRS9DQjc0Q0Y2RTk4N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2 YkhzRHhCVUNEdDRuS3FvVVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAP2Ogwx77qqe+lbFk585vOvkKEHN3qPwWf/HQ8rysSls0QOXmtY1B 2xgoSWQOy0BMhbiPUKx6NyxlIi5xmq8ZqQWwGbcGJu8WMjpTHVhqvIYReQ2sbSep ZYyU6GdZjZ+OWLIHq8Bh/Kq7PAoQN6wwJvNY3ERVAGAMkAs69V9HrRtQxwvb0IwG xa49HEZJDc1qBelQfHBYbZOqCBewy8GbYexzdjK8m23NGgEc7zwZSluKgG3cBDyR V1OCUhP0VOdvnYGZ3nkzuBx8CR/m4NNyQCKNSgXTYnXz+rI4zfujScDAHj5zREW4 9eumFhNLmnLsI/RLRyVC6pUgGQjHu5K8 -----END CERTIFICATE-----Generated at Sat May 18 19:15:26 2024 by rpki-client on console-ams.rpki-client.org