$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft File: YcuQhfAv-PpF5zL1gDQPQkngDKI.mft (raw, json) Hash identifier: nF0doRWQT6Wu+dKd0wwZfBDF6PJtSjq2jI+TKynl6y4= Subject key identifier: 1A:FF:4C:0D:1E:44:26:76:BF:67:7A:59:17:20:B6:2B:42:4B:13:FF Authority key identifier: 61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2 Certificate issuer: /CN=A91DCB25/serialNumber=61CB9085F02FF8FA45E732F580340F4249E00CA2 Certificate serial: 10CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft Manifest number: 10C2 Signing time: Fri 31 May 2024 18:17:39 +0000 Manifest this update: Fri 31 May 2024 18:17:39 +0000 Manifest next update: Fri 07 Jun 2024 18:17:39 +0000 Files and hashes: 1: YcuQhfAv-PpF5zL1gDQPQkngDKI.crl (hash: TvQ7kQOVt9g2GgBRCAcW8/THTJZ0ZB9U5jmbk8/dU+s=) 2: BDC1AB0AFDA611E88FA5E26DC4F9AE02.roa (hash: W8Pn/sq38ZFH49tNBuEJsAdeSaButY/8Fr7mt/fCMSg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.crl rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:17:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4298 (0x10ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCB25/serialNumber=61CB9085F02FF8FA45E732F580340F4249E00CA2 Validity Not Before: May 31 18:17:39 2024 GMT Not After : Jun 7 18:17:39 2024 GMT Subject: CN=665a1443-14a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2c:db:f6:e0:0b:13:4b:2b:7c:7d:50:bb:75: eb:10:ea:04:1b:96:f0:3b:30:33:08:29:5f:f3:0e: d6:83:b7:9e:c9:ca:75:d3:64:33:88:38:72:9b:9a: cf:d5:51:9b:07:47:2b:1a:af:84:4d:ff:7a:31:8d: fc:43:09:6f:8c:d8:d8:0c:40:d1:a8:18:1f:01:35: 75:5b:b7:c1:2c:a6:2b:f3:ca:63:7d:1b:c5:d8:c2: 93:23:b6:84:83:63:7c:36:e8:cd:97:43:35:41:be: 94:d8:bb:a5:a2:3a:b6:fc:62:08:33:19:6a:f3:11: c3:d3:11:ab:c8:83:f1:98:26:44:0d:12:e3:42:f6: 46:e0:d1:0b:9b:7a:8b:c5:aa:b4:e3:0d:9f:bf:b3: 3f:da:00:1a:f6:42:85:6a:78:a5:9f:a3:7b:1a:21: c8:43:09:55:32:f8:83:be:cf:59:f9:d5:a0:7c:e2: e0:b2:93:46:fb:5c:6e:d0:1c:82:9e:46:79:7c:bb: d7:a3:78:ad:0b:f0:f4:e2:47:48:cc:ec:02:6d:e4: 3d:94:c1:7a:d0:49:d6:72:c9:78:a1:01:a1:48:65: 59:a7:58:da:38:73:72:61:29:ce:35:fc:53:1d:4c: 0c:2c:37:1b:3d:96:c0:82:57:31:e7:87:d2:29:72: 91:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:FF:4C:0D:1E:44:26:76:BF:67:7A:59:17:20:B6:2B:42:4B:13:FF X509v3 Authority Key Identifier: keyid:61:CB:90:85:F0:2F:F8:FA:45:E7:32:F5:80:34:0F:42:49:E0:0C:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YcuQhfAv-PpF5zL1gDQPQkngDKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCB25/2C60DFD8FDA511E88859C06BC4F9AE02/YcuQhfAv-PpF5zL1gDQPQkngDKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:4b:e8:98:8c:07:65:bd:35:72:04:f4:71:71:d4:8e:38:a2: 95:30:7d:b4:4e:69:1d:f9:c3:04:8e:93:dc:65:49:56:16:dc: b8:55:c9:2c:ba:f5:c6:06:ab:1f:60:83:fd:19:cd:f6:ac:75: 40:22:c9:04:04:bf:99:fa:4c:80:8c:10:3d:83:30:2d:71:7a: f7:27:dd:9c:30:ae:c9:b7:ad:86:5c:26:9a:26:63:37:31:17: cb:b3:50:11:f0:0e:4d:14:c1:f7:68:ab:a7:73:51:82:88:aa: 60:7b:a0:92:ff:6f:c1:7d:58:49:a3:41:89:ad:2a:18:9d:72: 99:5d:3d:39:01:cd:cf:83:44:37:ff:ad:a3:14:17:0e:91:79: 40:60:8a:d8:89:b8:29:9f:5c:7e:72:3c:12:d8:c1:27:21:af: 1a:af:d5:d2:b6:00:06:73:57:41:b8:99:b0:23:da:ff:61:45: 32:79:5f:4f:d7:76:69:54:f3:6f:bb:6e:b0:ba:e7:51:99:31: 37:48:31:d6:4f:be:3b:f8:e1:23:d5:25:4d:be:81:9c:bd:b3: 56:8a:c2:a5:45:f5:7d:17:68:ed:29:aa:c8:7b:4b:82:f9:0a: fe:ca:6d:3f:05:85:c0:aa:07:f4:ab:ad:a1:ce:7d:76:a0:83: ff:c5:3a:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENCMjUxMTAvBgNVBAUTKDYxQ0I5MDg1RjAyRkY4RkE0NUU3MzJGNTgwMzQwRjQy NDlFMDBDQTIwHhcNMjQwNTMxMTgxNzM5WhcNMjQwNjA3MTgxNzM5WjAYMRYwFAYD VQQDEw02NjVhMTQ0My0xNGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3izb9uALE0srfH1Qu3XrEOoEG5bwOzAzCClf8w7Wg7eeycp102QziDhym5rP 1VGbB0crGq+ETf96MY38QwlvjNjYDEDRqBgfATV1W7fBLKYr88pjfRvF2MKTI7aE g2N8NujNl0M1Qb6U2Lulojq2/GIIMxlq8xHD0xGryIPxmCZEDRLjQvZG4NELm3qL xaq04w2fv7M/2gAa9kKFaniln6N7GiHIQwlVMviDvs9Z+dWgfOLgspNG+1xu0ByC nkZ5fLvXo3itC/D04kdIzOwCbeQ9lMF60EnWcsl4oQGhSGVZp1jaOHNyYSnONfxT HUwMLDcbPZbAglcx54fSKXKRgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBr/TA0e RCZ2v2d6WRcgtitCSxP/MB8GA1UdIwQYMBaAFGHLkIXwL/j6Recy9YA0D0JJ4Ayi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0IyNS8yQzYwREZEOEZE QTUxMUU4ODg1OUMwNkJDNEY5QUUwMi9ZY3VRaGZBdi1QcEY1ekwxZ0RRUFFrbmdE S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ljdVFoZkF2LVBwRjV6TDFnRFFQUWtuZ0RLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Q0IyNS8yQzYwREZEOEZEQTUxMUU4ODg1OUMwNkJDNEY5QUUwMi9ZY3VRaGZBdi1Q cEY1ekwxZ0RRUFFrbmdES0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaS+iYjAdlvTVyBPRxcdSOOKKVMH20Tmkd+cMEjpPcZUlWFty4Vcks uvXGBqsfYIP9Gc32rHVAIskEBL+Z+kyAjBA9gzAtcXr3J92cMK7Jt62GXCaaJmM3 MRfLs1AR8A5NFMH3aKunc1GCiKpge6CS/2/BfVhJo0GJrSoYnXKZXT05Ac3Pg0Q3 /62jFBcOkXlAYIrYibgpn1x+cjwS2MEnIa8ar9XStgAGc1dBuJmwI9r/YUUyeV9P 13ZpVPNvu26wuudRmTE3SDHWT747+OEj1SVNvoGcvbNWisKlRfV9F2jtKarIe0uC +Qr+ym0/BYXAqgf0q62hzn12oIP/xTpQ -----END CERTIFICATE-----Generated at Fri May 31 20:34:18 2024 by rpki-client on console-ams.rpki-client.org