$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: j0Iqx6etr63o7R9wGaeHnnIzBGXGUIENCK+ScoCzJi0= Subject key identifier: 3A:14:E7:DD:3C:DF:67:A1:1F:85:6A:52:79:03:18:53:8A:C0:47:D4 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 34A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3427 Signing time: Sat 18 May 2024 14:16:32 +0000 Manifest this update: Sat 18 May 2024 14:16:31 +0000 Manifest next update: Sat 25 May 2024 14:16:31 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: UZEklZR8qejJvGGyhAybaaunZ6TONEKbxQUYD8QQC2g=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 4: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 5: 9040683E28F311EDA8D1655FC4F9AE02.roa (hash: eiHuGSIavLQTh3AuO/qGPu/njiK19zW3tVVTT0thYr8=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:16:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13474 (0x34a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: May 18 14:16:31 2024 GMT Not After : May 25 14:16:31 2024 GMT Subject: CN=6648b83f-348f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:49:e5:0b:63:c8:9a:15:72:51:e5:b4:de:7c: da:13:e9:f0:8f:42:7e:94:60:57:59:06:c7:29:08: a6:5b:96:83:58:ad:79:f3:96:d9:4b:61:bd:14:14: ed:f9:49:ae:7f:be:8c:32:6e:57:ae:4f:83:46:fd: 5e:e9:77:c1:3a:1f:d6:b9:10:65:6f:84:98:21:91: 6e:11:91:d4:53:67:53:0b:d2:fb:4b:42:39:06:06: 07:b7:78:60:74:46:e6:32:53:01:bb:05:4e:bf:bb: 4c:bd:a2:a8:ef:a2:b5:93:b0:47:ef:f1:75:9e:9c: 50:59:c5:36:32:00:29:73:55:d2:c2:ac:3d:af:d3: d1:b0:ac:98:ed:b3:59:54:54:8c:79:54:3e:9a:d6: 8a:ec:ce:36:ec:36:dc:50:4e:51:e0:25:ac:72:6e: 84:c2:95:98:e0:60:a7:68:40:c3:af:84:87:ee:d3: 23:87:c1:a1:f9:81:29:77:f0:51:bf:d4:37:1a:1d: a5:96:a4:83:8a:46:aa:07:7a:e9:bc:c1:fa:75:36: 30:f0:b7:43:9b:d0:e6:d1:be:58:9c:42:c1:34:88: c4:f2:54:4a:ca:70:cd:5a:38:0d:7b:71:69:7d:a0: 83:dd:aa:bc:c0:82:ad:77:14:f7:80:9e:71:e2:f8: e4:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:14:E7:DD:3C:DF:67:A1:1F:85:6A:52:79:03:18:53:8A:C0:47:D4 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:67:90:09:27:14:f3:fd:31:dd:36:a9:29:f8:f1:46:56:43: 3d:4e:c6:91:fb:c3:b2:da:53:0f:0b:ba:bf:59:c9:c9:bd:0d: 68:0c:30:32:7f:01:6d:d4:d5:cf:a0:c1:4b:01:4d:92:fe:d9: 2b:9b:64:e1:74:5f:ca:9e:19:fe:b5:c9:c3:7a:b0:98:9f:b5: ae:06:0a:0d:72:23:91:ce:a5:3b:dd:38:80:43:7f:99:56:61: 62:ce:f0:b9:3d:83:46:14:31:20:81:a4:9b:81:0d:e9:d6:3b: 9a:88:e0:2e:9f:19:48:37:87:86:47:55:73:b6:96:e5:0e:0e: b4:a3:0b:53:14:2f:b3:04:76:fa:dc:13:70:fb:9b:0d:6c:71: 25:48:f9:1c:c2:28:65:cf:a5:1d:28:7c:32:a5:5d:82:4f:9b: 93:8e:d3:d7:3f:52:75:4a:93:bf:e7:a6:50:79:3a:6e:22:54: 87:04:ac:b7:62:b5:a3:f8:76:f6:cb:14:16:1d:48:bd:8a:75: a7:e1:b6:42:d1:31:95:82:b7:fa:46:d8:57:7d:a1:73:5c:7c: 5a:ce:6d:dd:95:a7:b5:e5:23:08:07:ec:75:8b:0d:d1:ec:c3: 98:fb:4f:cb:d4:bd:c3:06:cb:fc:2c:f8:f0:7e:10:c0:48:61: 70:83:72:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjQwNTE4MTQxNjMxWhcNMjQwNTI1MTQxNjMxWjAYMRYwFAYD VQQDEw02NjQ4YjgzZi0zNDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA10nlC2PImhVyUeW03nzaE+nwj0J+lGBXWQbHKQimW5aDWK1585bZS2G9FBTt +Umuf76MMm5Xrk+DRv1e6XfBOh/WuRBlb4SYIZFuEZHUU2dTC9L7S0I5BgYHt3hg dEbmMlMBuwVOv7tMvaKo76K1k7BH7/F1npxQWcU2MgApc1XSwqw9r9PRsKyY7bNZ VFSMeVQ+mtaK7M427DbcUE5R4CWscm6EwpWY4GCnaEDDr4SH7tMjh8Gh+YEpd/BR v9Q3Gh2llqSDikaqB3rpvMH6dTYw8LdDm9Dm0b5YnELBNIjE8lRKynDNWjgNe3Fp faCD3aq8wIKtdxT3gJ5x4vjk7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDoU5908 32ehH4VqUnkDGFOKwEfUMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6Z5AJJxTz/THdNqkp+PFGVkM9TsaR+8Oy2lMPC7q/WcnJvQ1oDDAy fwFt1NXPoMFLAU2S/tkrm2ThdF/Knhn+tcnDerCYn7WuBgoNciORzqU73TiAQ3+Z VmFizvC5PYNGFDEggaSbgQ3p1juaiOAunxlIN4eGR1VztpblDg60owtTFC+zBHb6 3BNw+5sNbHElSPkcwihlz6UdKHwypV2CT5uTjtPXP1J1SpO/56ZQeTpuIlSHBKy3 YrWj+Hb2yxQWHUi9inWn4bZC0TGVgrf6RthXfaFzXHxazm3dlae15SMIB+x1iw3R 7MOY+0/L1L3DBsv8LPjwfhDASGFwg3Ia -----END CERTIFICATE-----Generated at Sat May 18 15:26:07 2024 by rpki-client on console-fra.rpki-client.org