$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft File: yCFQSaXsETZftnQLghcGdiaArRc.mft (raw, json) Hash identifier: ojX1/Tt70/SlOvOZaO10+f1YzLjaSC59m3+sLxRe648= Subject key identifier: 5A:5E:9A:FE:A3:E1:C2:18:02:B6:AD:94:18:2A:74:5C:94:C7:70:8C Authority key identifier: C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 Certificate issuer: /CN=A91DC459/serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Certificate serial: 16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft Manifest number: 15 Signing time: Sun 19 May 2024 08:46:06 +0000 Manifest this update: Sun 19 May 2024 08:46:06 +0000 Manifest next update: Sun 26 May 2024 08:46:06 +0000 Files and hashes: 1: yCFQSaXsETZftnQLghcGdiaArRc.crl (hash: XMvkl5VScwZ+4I2RUKBQ1T7KPjO+JAWWgvOWgKQzWmk=) 2: 264C45FAFA3F11EE8A884F09C4F9AE02.roa (hash: 1mGAGUdcHgzIXHfMP/sj7r20tyRJ1V+9II4lN7eXdqI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22 (0x16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC459/serialNumber=C8215049A5EC11365FB6740B821706762680AD17 Validity Not Before: May 19 08:46:06 2024 GMT Not After : May 26 08:46:06 2024 GMT Subject: CN=6649bc4e-f3da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:45:c2:aa:8a:b8:9b:38:23:1f:6a:ca:3a:6e: 75:56:28:02:b7:ac:20:dc:e5:9d:8b:62:4a:49:9f: ed:8b:5a:a0:25:e9:3e:59:46:68:02:12:f9:3f:a5: 4e:61:74:7f:af:3c:c5:cf:64:88:d0:d7:30:06:a0: e1:cb:87:37:3a:f5:b8:e1:e0:93:1a:17:68:06:86: 01:6c:df:13:8c:4f:10:62:b2:25:8e:40:42:b3:1a: 2d:eb:c7:e5:e5:d1:b3:e1:bf:72:6c:5c:8a:b8:ac: 3b:97:7b:59:4d:ae:25:61:cc:9f:f7:61:0b:b0:21: 6d:47:be:f7:38:77:2d:ba:22:7d:71:ca:c1:8c:7e: ef:f7:ad:4d:27:03:f7:0f:a8:f2:35:1e:0a:c3:cf: 6d:c9:c6:f2:2a:62:b4:a1:9e:ba:ec:5d:52:23:83: 3b:58:09:3f:76:88:8a:d3:ed:21:68:e1:21:08:55: 8b:84:47:16:54:3f:27:43:7f:ca:dc:8e:e4:5e:09: e4:4f:18:c9:ab:62:91:f2:87:45:ff:8a:a7:72:48: a1:e5:fa:36:48:4b:ca:d7:da:2c:fe:db:c4:80:b9: be:5c:8c:04:7e:d2:5c:24:6c:ec:a1:76:04:ac:57: aa:4c:6d:64:6e:22:12:33:93:50:6d:9f:78:52:db: aa:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:5E:9A:FE:A3:E1:C2:18:02:B6:AD:94:18:2A:74:5C:94:C7:70:8C X509v3 Authority Key Identifier: keyid:C8:21:50:49:A5:EC:11:36:5F:B6:74:0B:82:17:06:76:26:80:AD:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCFQSaXsETZftnQLghcGdiaArRc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC459/A93507BCF6D511EEB8783C1EC4F9AE02/yCFQSaXsETZftnQLghcGdiaArRc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:68:c4:b8:5f:3e:c9:ff:36:ed:93:24:90:1e:05:a9:36:4f: 9b:bd:ff:55:2b:66:91:c7:f9:92:2d:10:ab:d1:f6:ec:cd:a9: fe:f5:3c:c9:d1:c7:0c:c3:6a:63:00:9f:c6:a8:c1:db:7b:79: 42:13:ce:a5:1b:9e:3f:d2:89:aa:7f:81:0e:20:d7:5f:ac:01: 46:d8:1f:47:e7:7d:0e:3b:81:91:98:76:41:c9:6a:4b:f6:ad: 47:e1:33:ed:f6:66:56:dd:a2:73:ed:5b:e2:99:85:94:73:47: 70:35:f1:16:eb:84:15:0a:db:5a:b3:15:19:63:20:d4:ec:38: 99:01:14:44:0b:d0:2f:d5:84:4c:7e:c8:3a:0b:1c:6d:8f:cd: 29:f7:96:20:03:df:35:dd:ab:f6:26:ad:cb:dc:1e:87:9c:79: 19:2b:40:3f:21:2c:4e:d7:31:25:38:ff:eb:c6:60:cb:23:2e: 8e:c4:8c:6c:7a:69:52:cc:0b:92:20:37:21:52:03:15:a3:7e: 54:b6:42:16:c1:ec:ae:00:c9:de:d8:40:a7:a9:69:4e:68:5b: 38:4d:96:0e:52:89:63:69:c8:df:6f:54:91:4e:ea:56:0b:ba: 24:56:81:b6:bd:de:7c:7c:49:fb:d1:49:55:e9:e0:60:63:f2: 52:e1:43:bf -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QzQ1OTExMC8GA1UEBRMoQzgyMTUwNDlBNUVDMTEzNjVGQjY3NDBCODIxNzA2NzYy NjgwQUQxNzAeFw0yNDA1MTkwODQ2MDZaFw0yNDA1MjYwODQ2MDZaMBgxFjAUBgNV BAMTDTY2NDliYzRlLWYzZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuRcKqiribOCMfaso6bnVWKAK3rCDc5Z2LYkpJn+2LWqAl6T5ZRmgCEvk/pU5h dH+vPMXPZIjQ1zAGoOHLhzc69bjh4JMaF2gGhgFs3xOMTxBisiWOQEKzGi3rx+Xl 0bPhv3JsXIq4rDuXe1lNriVhzJ/3YQuwIW1Hvvc4dy26In1xysGMfu/3rU0nA/cP qPI1HgrDz23JxvIqYrShnrrsXVIjgztYCT92iIrT7SFo4SEIVYuERxZUPydDf8rc juReCeRPGMmrYpHyh0X/iqdySKHl+jZIS8rX2iz+28SAub5cjAR+0lwkbOyhdgSs V6pMbWRuIhIzk1Btn3hS26oDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWl6a/qPh whgCtq2UGCp0XJTHcIwwHwYDVR0jBBgwFoAUyCFQSaXsETZftnQLghcGdiaArRcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDNDU5L0E5MzUwN0JDRjZE NTExRUVCODc4M0MxRUM0RjlBRTAyL3lDRlFTYVhzRVRaZnRuUUxnaGNHZGlhQXJS Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveUNGUVNhWHNFVFpmdG5RTGdoY0dkaWFBclJjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURD NDU5L0E5MzUwN0JDRjZENTExRUVCODc4M0MxRUM0RjlBRTAyL3lDRlFTYVhzRVRa ZnRuUUxnaGNHZGlhQXJSYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIVoxLhfPsn/Nu2TJJAeBak2T5u9/1UrZpHH+ZItEKvR9uzNqf71PMnR xwzDamMAn8aowdt7eUITzqUbnj/Siap/gQ4g11+sAUbYH0fnfQ47gZGYdkHJakv2 rUfhM+32ZlbdonPtW+KZhZRzR3A18RbrhBUK21qzFRljINTsOJkBFEQL0C/VhEx+ yDoLHG2PzSn3liAD3zXdq/YmrcvcHoeceRkrQD8hLE7XMSU4/+vGYMsjLo7EjGx6 aVLMC5IgNyFSAxWjflS2QhbB7K4Ayd7YQKepaU5oWzhNlg5SiWNpyN9vVJFO6lYL uiRWgba93nx8SfvRSVXp4GBj8lLhQ78= -----END CERTIFICATE-----Generated at Sun May 19 09:38:26 2024 by rpki-client on console-fra.rpki-client.org