$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json) Hash identifier: y5+hcAEJ8NKXbKqdp2793MIhSlsPHmpPI5qvOkW5ye8= Subject key identifier: C1:6C:BA:39:34:55:49:5B:4B:8F:78:AD:4D:8F:25:43:27:BF:AD:1A Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0AA9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft Manifest number: 0A9F Signing time: Sat 18 May 2024 20:11:53 +0000 Manifest this update: Sat 18 May 2024 20:11:53 +0000 Manifest next update: Sat 25 May 2024 20:11:53 +0000 Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: BfAtUk5tzMd7/eXoCU9BPP7ZpfZ8krdvlulQ8RwdDW0=) 2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: 1+11cacphPqsNd+omnkh++SqQDiBnfm5tRRdQKET7hw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2729 (0xaa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: May 18 20:11:53 2024 GMT Not After : May 25 20:11:53 2024 GMT Subject: CN=66490b89-6665 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:9f:05:4c:e8:8e:ce:e6:69:23:7c:7b:e2:2a: de:68:7c:85:8c:37:c0:04:5a:3a:c1:5d:50:58:74: 0b:43:6a:d4:11:f2:ef:48:8a:f2:65:0d:20:a7:e6: fd:23:66:29:40:40:94:a9:d4:f7:02:88:d7:cd:40: 40:71:ea:c0:54:b4:54:04:35:1e:3c:81:20:e8:b6: 58:9f:e5:ba:c4:b8:e4:53:0f:d2:dc:b9:e7:74:c2: 77:53:c2:65:74:4a:e1:c8:21:dc:9c:47:c1:27:d4: 39:75:3f:cd:60:b0:b7:b9:f3:91:a3:78:89:75:83: 99:a3:f5:24:ac:a8:d7:61:10:62:81:d5:33:a6:32: f9:bb:e8:26:ec:c9:dc:ea:52:c4:bb:95:5f:ac:d7: c5:94:3b:73:fe:54:d4:20:04:f8:4c:f2:61:35:e1: c3:ad:8e:d1:a4:2f:15:dc:e3:8d:ac:48:52:4c:6e: 8b:f0:c5:99:d1:de:bd:3f:6d:f9:59:87:aa:a4:0c: b4:87:07:bd:a7:db:17:c4:c6:36:be:1e:5c:cb:27: 79:3b:7c:cd:78:e1:df:81:8d:c1:69:b3:24:0d:66: 39:4b:1d:59:8d:42:4a:c0:23:25:5d:69:c6:d5:73: 9e:9d:05:d8:6d:3b:f6:60:de:5a:a9:c1:cb:5d:1f: 9b:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:6C:BA:39:34:55:49:5B:4B:8F:78:AD:4D:8F:25:43:27:BF:AD:1A X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:c0:1a:0c:a1:ea:ca:3d:29:e7:0d:97:79:20:7e:f7:cd:78: 7b:80:ba:9c:d2:69:12:43:4f:dc:ab:52:39:b8:f6:ee:c1:a4: 98:fb:6e:37:55:33:f1:20:57:be:d4:c6:dd:63:94:bd:88:a5: 05:93:81:1b:fe:b3:ee:75:bb:e0:f8:b1:3f:b0:2d:d3:31:6b: d0:96:f5:62:d8:47:29:9d:3d:0c:49:1d:6c:13:7c:01:42:12: ee:41:2c:6f:f7:3b:47:88:40:df:c1:91:42:0e:66:85:60:33: ee:51:73:d0:64:99:d8:da:93:13:03:f2:a2:5d:f5:52:9a:cd: 51:ef:89:2f:0b:98:98:c0:d1:07:f2:90:52:35:f6:f7:39:57: e5:cb:c5:5b:0c:a2:c4:80:51:83:98:53:0d:29:11:ea:a1:5c: 75:0a:e8:06:79:1a:0c:c3:6b:55:fa:c0:2a:ea:7f:3c:d1:27: b5:81:a1:af:5d:03:c9:28:90:2b:b0:a1:2d:3c:8b:af:71:ab: 78:05:2c:cc:13:78:ce:77:6e:92:31:93:62:a8:79:c7:e9:e6: de:d5:dd:54:05:22:81:02:57:c5:8f:ec:6e:79:c3:a8:55:02: 70:1d:22:17:24:ac:9d:58:c1:6e:98:56:5a:40:64:50:7c:e2: f6:c1:55:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjQwNTE4MjAxMTUzWhcNMjQwNTI1MjAxMTUzWjAYMRYwFAYD VQQDEw02NjQ5MGI4OS02NjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzp8FTOiOzuZpI3x74ireaHyFjDfABFo6wV1QWHQLQ2rUEfLvSIryZQ0gp+b9 I2YpQECUqdT3AojXzUBAcerAVLRUBDUePIEg6LZYn+W6xLjkUw/S3LnndMJ3U8Jl dErhyCHcnEfBJ9Q5dT/NYLC3ufORo3iJdYOZo/UkrKjXYRBigdUzpjL5u+gm7Mnc 6lLEu5VfrNfFlDtz/lTUIAT4TPJhNeHDrY7RpC8V3OONrEhSTG6L8MWZ0d69P235 WYeqpAy0hwe9p9sXxMY2vh5cyyd5O3zNeOHfgY3BabMkDWY5Sx1ZjUJKwCMlXWnG 1XOenQXYbTv2YN5aqcHLXR+bPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMFsujk0 VUlbS494rU2PJUMnv60aMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkwBoMoerKPSnnDZd5IH73zXh7gLqc0mkSQ0/cq1I5uPbuwaSY+243 VTPxIFe+1MbdY5S9iKUFk4Eb/rPudbvg+LE/sC3TMWvQlvVi2EcpnT0MSR1sE3wB QhLuQSxv9ztHiEDfwZFCDmaFYDPuUXPQZJnY2pMTA/KiXfVSms1R74kvC5iYwNEH 8pBSNfb3OVfly8VbDKLEgFGDmFMNKRHqoVx1CugGeRoMw2tV+sAq6n880Se1gaGv XQPJKJArsKEtPIuvcat4BSzME3jOd26SMZNiqHnH6ebe1d1UBSKBAlfFj+xuecOo VQJwHSIXJKydWMFumFZaQGRQfOL2wVWF -----END CERTIFICATE-----Generated at Sat May 18 21:31:31 2024 by rpki-client on console-ams.rpki-client.org