$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: RviwMgsCCwXV9wlzyOuul0ETgdHeWfjkH837H/hi3bw= Subject key identifier: 85:D9:DE:92:AD:7A:0A:D4:25:96:67:8C:E6:A2:76:CA:9F:F1:FA:19 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 09C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 29BC Signing time: Sat 18 May 2024 16:19:43 +0000 Manifest this update: Sat 18 May 2024 16:19:42 +0000 Manifest next update: Sat 25 May 2024 16:19:42 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: Eo42fj9GWCuziIAlna8Vg9apfP+bPR53mgdRFQyT+dk=) 2: 1324C3945ECB11EAB9A53075C4F9AE02.roa (hash: Gj6P0hvRFS1vzEC264ECM2IUV37Ayz6A5+ZUKMlGXCQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2501 (0x9c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: May 18 16:19:42 2024 GMT Not After : May 25 16:19:42 2024 GMT Subject: CN=6648d51f-0625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2b:7c:0e:84:72:93:f4:64:f4:eb:7a:69:66: f3:c5:19:1a:6f:dd:d5:a4:42:14:4e:2a:98:3b:ea: ce:35:a4:d4:99:2a:92:55:f6:37:f0:2e:32:b3:35: 95:80:bf:74:dd:c3:b2:df:c2:03:96:8c:5d:af:ff: ca:93:c5:81:9e:08:bf:54:2c:4b:35:a9:01:8c:87: a2:21:7b:7f:07:d2:50:1c:b1:6c:66:7c:21:7c:8a: bc:85:78:ef:2e:d4:7b:fb:72:94:1e:ea:3f:aa:41: 7c:83:72:4f:f3:83:91:ad:3b:6d:90:1e:d6:6e:fe: 73:8a:f9:fd:eb:da:f0:98:fe:82:af:77:9b:30:10: ed:a9:ed:2a:d1:f4:9a:4d:78:f7:8b:09:0d:ab:17: 97:9f:bb:5d:ec:ea:75:9d:7e:04:ba:39:4d:ba:38: a1:b1:34:5e:6e:74:1a:fe:66:2e:a5:25:fa:70:d8: 87:17:9d:bf:7f:4c:21:c1:35:08:37:3a:50:cd:93: a6:e4:88:93:d8:59:d9:ec:8b:f8:b2:ac:75:f5:4e: bf:d3:80:95:93:9e:fb:5d:88:95:30:90:1f:00:5a: 9e:36:1a:29:c1:1e:8d:84:64:5b:7c:49:09:25:f9: 64:0e:43:a9:51:41:74:42:54:66:05:f3:3b:21:52: f0:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D9:DE:92:AD:7A:0A:D4:25:96:67:8C:E6:A2:76:CA:9F:F1:FA:19 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:e5:69:d8:89:85:3e:3f:8c:3d:e5:48:8f:ae:c6:fb:e7:3a: ee:5e:58:db:2e:a5:bb:e7:95:b9:26:72:2a:a3:3c:40:04:07: 79:40:82:e5:2b:50:17:2e:ea:95:ad:99:cf:84:ff:90:52:8c: d0:2f:1f:b3:3f:8f:ec:45:29:3d:ad:46:60:5f:9c:a5:98:24: db:a2:9a:c3:02:8a:99:e0:58:cb:ff:43:cf:f9:41:74:63:27: a2:8b:16:ff:f7:ea:a5:da:71:87:b5:76:fc:dc:d8:6e:4f:1f: f1:8a:4a:6b:ed:a0:12:51:53:91:76:f0:1d:f3:3e:0c:8c:69: 13:e8:96:40:01:fa:10:a2:08:e2:92:67:e1:ff:80:97:0d:64: dc:32:41:78:b1:ab:3b:6b:9a:79:5f:e1:4e:0f:1d:4f:e5:66: 28:ae:29:f8:8f:d6:3f:16:af:e7:91:18:07:e9:2c:58:9d:97: c9:c3:4e:48:63:28:8b:81:a7:0f:8d:51:ae:2e:8c:05:9b:6f: a6:09:4a:61:64:6e:75:b3:86:b3:bc:a5:b8:db:3d:14:ed:b3: 1f:09:02:02:f8:5d:08:01:c0:4a:5e:9c:9f:2e:d6:a5:1b:e9: 4f:6a:d0:d3:d2:b3:90:ea:a8:a1:19:39:f4:2b:cc:af:f6:4f: 73:88:bf:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjQwNTE4MTYxOTQyWhcNMjQwNTI1MTYxOTQyWjAYMRYwFAYD VQQDEw02NjQ4ZDUxZi0wNjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvyt8DoRyk/Rk9Ot6aWbzxRkab93VpEIUTiqYO+rONaTUmSqSVfY38C4yszWV gL903cOy38IDloxdr//Kk8WBngi/VCxLNakBjIeiIXt/B9JQHLFsZnwhfIq8hXjv LtR7+3KUHuo/qkF8g3JP84ORrTttkB7Wbv5zivn969rwmP6Cr3ebMBDtqe0q0fSa TXj3iwkNqxeXn7td7Op1nX4EujlNujihsTRebnQa/mYupSX6cNiHF52/f0whwTUI NzpQzZOm5IiT2FnZ7Iv4sqx19U6/04CVk577XYiVMJAfAFqeNhopwR6NhGRbfEkJ JflkDkOpUUF0QlRmBfM7IVLwNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIXZ3pKt egrUJZZnjOaidsqf8foZMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCy5WnYiYU+P4w95UiPrsb75zruXljbLqW755W5JnIqozxABAd5QILl K1AXLuqVrZnPhP+QUozQLx+zP4/sRSk9rUZgX5ylmCTboprDAoqZ4FjL/0PP+UF0 Yyeiixb/9+ql2nGHtXb83NhuTx/xikpr7aASUVORdvAd8z4MjGkT6JZAAfoQogji kmfh/4CXDWTcMkF4sas7a5p5X+FODx1P5WYorin4j9Y/Fq/nkRgH6SxYnZfJw05I YyiLgacPjVGuLowFm2+mCUphZG51s4azvKW42z0U7bMfCQIC+F0IAcBKXpyfLtal G+lPatDT0rOQ6qihGTn0K8yv9k9ziL9X -----END CERTIFICATE-----Generated at Sat May 18 17:20:36 2024 by rpki-client on console-ams.rpki-client.org