$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft File: SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft (raw, json) Hash identifier: Y2rYF0ts9Q9bje/JU1mR429Hl5rM2HfuNzHFdWCShh4= Subject key identifier: BE:71:32:4C:EE:74:7B:B9:D7:57:4D:C7:FD:28:49:12:31:A3:C9:36 Authority key identifier: 48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29 Certificate issuer: /CN=A91DA389/serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29 Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft Manifest number: D4 Signing time: Sun 19 May 2024 06:09:59 +0000 Manifest this update: Sun 19 May 2024 06:09:58 +0000 Manifest next update: Sun 26 May 2024 06:09:58 +0000 Files and hashes: 1: SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl (hash: 1jAsqdIlU0wiSITg2g+SfpY24aO3skyPSCjv1TkdfGE=) 2: 4F467C58D3AA11ED91B0C532C4F9AE02.roa (hash: WfMFG2paYlBcaW2VzjMRlqPjY0slGN+N4xg/J/HMhEM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA389/serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29 Validity Not Before: May 19 06:09:58 2024 GMT Not After : May 26 06:09:58 2024 GMT Subject: CN=664997b7-3c57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:64:15:bd:b4:62:a6:15:78:c5:12:e4:4e:d3: cd:62:89:5b:35:c4:11:f0:ab:ed:64:42:02:72:16: 78:db:5c:cb:2a:8d:1b:75:56:ae:0f:0b:5e:a4:1e: 0f:fb:d7:89:12:43:ec:b6:ac:37:d0:e8:5c:07:f5: 34:b8:b1:a1:e4:cb:05:b2:69:94:5e:fb:8b:9c:71: ab:83:84:ba:57:aa:df:13:30:10:59:58:fa:30:ac: 45:ef:5c:bc:d6:dd:45:dc:73:58:3e:71:d4:16:45: 25:33:7c:1a:d8:22:c7:db:f7:96:6d:93:c7:5d:7b: e9:d4:79:3d:11:34:b2:12:a0:0b:75:b7:a6:4f:b1: 81:31:30:a4:31:bb:15:f3:75:b3:94:b4:12:74:2c: 4b:b3:4c:92:ea:f6:b0:91:96:b2:df:da:49:e6:df: 42:6f:03:06:85:57:e1:75:dc:b2:ee:36:21:03:6b: 2e:63:05:be:4a:15:45:f0:e9:f4:61:61:be:0a:ee: ab:d9:5e:d2:3a:10:be:9d:b7:5f:0b:bc:42:54:c3: ce:f3:07:58:8f:12:06:aa:74:31:a4:2f:4c:3c:1c: a9:5a:3c:13:a4:ac:3f:a7:40:d4:81:97:38:af:1f: a8:31:a9:9a:86:0c:98:64:d6:22:36:0a:2e:65:ce: 6a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:71:32:4C:EE:74:7B:B9:D7:57:4D:C7:FD:28:49:12:31:A3:C9:36 X509v3 Authority Key Identifier: keyid:48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:b8:22:61:94:47:04:61:ee:60:3c:b3:ed:8d:02:b1:b7:27: 85:fd:98:84:9d:19:0d:ff:d1:fe:87:df:f3:cc:5e:d5:bc:ef: 86:70:2f:44:01:c9:07:06:f2:d1:63:fc:2c:05:20:a0:2f:b8: 4d:22:08:ee:fe:73:5a:76:0d:5d:44:fa:7e:4d:e1:68:72:8b: 78:22:94:4b:1f:24:7f:34:40:6d:ed:68:17:23:1f:3d:be:1a: 2a:e2:3d:be:d8:ca:eb:ca:b3:c2:f4:cf:49:7b:55:1d:3d:29: c6:96:31:c9:32:07:5a:6d:a8:3b:52:0b:ce:37:08:27:d4:3d: ef:5a:60:20:06:77:91:46:ee:17:44:a5:2c:f9:f7:ba:9e:aa: e4:fb:00:bf:48:26:40:8b:b8:2e:fb:89:a8:7b:1d:1c:b4:23: 1e:7a:18:17:5b:5d:dd:3b:37:7a:18:02:18:0c:1f:ae:52:d2: b9:4b:12:22:02:ca:77:cc:77:66:fd:a5:d4:5e:1c:fc:ea:e4: 43:2d:b7:d2:50:dc:6f:4c:42:83:75:64:d4:70:73:d0:bd:7d: 00:b9:83:fb:e4:cf:c2:9f:1e:5d:32:ed:74:71:17:0f:83:eb: 81:35:38:70:32:6d:4b:16:2e:e2:79:db:c3:dc:40:c0:01:ce: cd:d2:5f:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEzODkxMTAvBgNVBAUTKDQ4RjUwRTE2QjgzMDVBQTJDNzU2RDIxQzhGMEZENTA5 MzM4QTVDMjkwHhcNMjQwNTE5MDYwOTU4WhcNMjQwNTI2MDYwOTU4WjAYMRYwFAYD VQQDEw02NjQ5OTdiNy0zYzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0mQVvbRiphV4xRLkTtPNYolbNcQR8KvtZEICchZ421zLKo0bdVauDwtepB4P +9eJEkPstqw30OhcB/U0uLGh5MsFsmmUXvuLnHGrg4S6V6rfEzAQWVj6MKxF71y8 1t1F3HNYPnHUFkUlM3wa2CLH2/eWbZPHXXvp1Hk9ETSyEqALdbemT7GBMTCkMbsV 83WzlLQSdCxLs0yS6vawkZay39pJ5t9CbwMGhVfhddyy7jYhA2suYwW+ShVF8On0 YWG+Cu6r2V7SOhC+nbdfC7xCVMPO8wdYjxIGqnQxpC9MPBypWjwTpKw/p0DUgZc4 rx+oMamahgyYZNYiNgouZc5q6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL5xMkzu dHu511dNx/0oSRIxo8k2MB8GA1UdIwQYMBaAFEj1Dha4MFqix1bSHI8P1Qkzilwp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTM4OS9CMjE3MEI3NEQz QTMxMUVEODgwNkFDMTFDNEY5QUUwMi9TUFVPRnJnd1dxTEhWdEljandfVkNUT0tY Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NQVU9Gcmd3V3FMSFZ0SWNqd19WQ1RPS1hDay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTM4OS9CMjE3MEI3NEQzQTMxMUVEODgwNkFDMTFDNEY5QUUwMi9TUFVPRnJnd1dx TEhWdEljandfVkNUT0tYQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhuCJhlEcEYe5gPLPtjQKxtyeF/ZiEnRkN/9H+h9/zzF7VvO+GcC9E AckHBvLRY/wsBSCgL7hNIgju/nNadg1dRPp+TeFocot4IpRLHyR/NEBt7WgXIx89 vhoq4j2+2MrryrPC9M9Je1UdPSnGljHJMgdabag7UgvONwgn1D3vWmAgBneRRu4X RKUs+fe6nqrk+wC/SCZAi7gu+4moex0ctCMeehgXW13dOzd6GAIYDB+uUtK5SxIi Asp3zHdm/aXUXhz86uRDLbfSUNxvTEKDdWTUcHPQvX0AuYP75M/Cnx5dMu10cRcP g+uBNThwMm1LFi7iedvD3EDAAc7N0l/g -----END CERTIFICATE-----Generated at Sun May 19 08:25:08 2024 by rpki-client on console-ams.rpki-client.org