$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.mft File: UyaKJzal_1VLlAcD83T8NXkijDA.mft (raw, json) Hash identifier: 56gKVQNLM1OIw5+4+S+14Db3zuhm7AFuZv4B0CLmJ1Y= Subject key identifier: E5:97:45:58:BA:82:88:93:4E:68:C4:D6:AB:6A:3E:71:11:5A:E0:C7 Authority key identifier: 53:26:8A:27:36:A5:FF:55:4B:94:07:03:F3:74:FC:35:79:22:8C:30 Certificate issuer: /CN=A91DCBAD/serialNumber=53268A2736A5FF554B940703F374FC3579228C30 Certificate serial: 0966 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyaKJzal_1VLlAcD83T8NXkijDA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.mft Manifest number: 0960 Signing time: Sat 18 May 2024 21:02:56 +0000 Manifest this update: Sat 18 May 2024 21:02:54 +0000 Manifest next update: Sat 25 May 2024 21:02:54 +0000 Files and hashes: 1: UyaKJzal_1VLlAcD83T8NXkijDA.crl (hash: LurkMSFe4TfhwKEM9Q+WP4VMpRtbc4nhQ0NuqIXq4TM=) 2: CF072592709211EAB1D2FA0FC4F9AE02.roa (hash: ZUxDH7e3yZrKdxOW1WhteD8IH7JG8883mFKbtU7XxhA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.crl rsync://rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyaKJzal_1VLlAcD83T8NXkijDA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2406 (0x966) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCBAD/serialNumber=53268A2736A5FF554B940703F374FC3579228C30 Validity Not Before: May 18 21:02:54 2024 GMT Not After : May 25 21:02:54 2024 GMT Subject: CN=6649177f-0965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ef:15:ef:1a:b1:71:99:bd:c3:f4:59:6d:c9: b8:61:e5:d0:94:b9:45:43:77:47:c2:26:17:cc:66: d3:f3:ac:90:55:7b:5a:20:b2:29:cf:c4:c2:03:e9: ca:e5:d8:15:aa:fc:34:fa:5e:09:21:aa:66:fb:44: 4b:38:7a:2b:1d:20:9a:8d:0c:2f:3b:20:76:c9:f9: 56:e8:14:4c:10:7d:95:ff:ad:80:da:04:34:98:6a: d3:82:f6:fe:20:4b:82:49:6e:23:d0:2f:f1:3b:e7: 25:f2:ee:20:02:ec:4d:22:18:66:99:70:86:02:74: 5d:77:7e:2f:53:20:fa:a8:47:b5:10:36:b5:bb:dc: b7:c5:7e:32:0f:1e:43:76:13:1a:90:d2:20:58:80: d9:9f:4c:e9:a7:ee:4e:a7:e8:25:a8:03:7a:e1:9b: 44:70:db:c3:51:f5:4a:ad:3b:8d:ba:42:d3:db:df: 3a:f3:0d:4d:af:9d:54:62:b9:e2:ca:46:40:ac:23: 92:7e:60:da:eb:80:5c:91:da:e1:96:5f:0e:33:2e: 8f:33:ae:5e:7a:ec:2e:fc:8f:08:50:bb:58:d1:0f: 6e:27:36:37:36:95:5f:29:74:cf:18:71:c0:d4:f4: 71:26:ec:4c:cf:78:2a:48:01:5a:8b:08:12:6c:18: b1:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:97:45:58:BA:82:88:93:4E:68:C4:D6:AB:6A:3E:71:11:5A:E0:C7 X509v3 Authority Key Identifier: keyid:53:26:8A:27:36:A5:FF:55:4B:94:07:03:F3:74:FC:35:79:22:8C:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyaKJzal_1VLlAcD83T8NXkijDA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCBAD/3659E7AE709111EA8A9B4E0DC4F9AE02/UyaKJzal_1VLlAcD83T8NXkijDA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:7b:7b:3d:39:db:d6:6c:35:f8:86:32:f6:ac:f5:f6:73:51: 87:67:2d:c9:b6:f2:0c:e7:7e:ea:be:fb:c3:b6:80:c2:1c:84: c4:70:3a:c6:eb:5f:84:b7:23:98:b7:33:a7:7f:24:80:26:0b: df:3e:69:f1:25:02:06:f9:96:4a:52:ab:0a:4e:9b:fa:e9:75: c9:ad:34:3b:5c:97:04:b6:23:14:5c:7f:6b:4c:65:9f:f1:42: ab:5f:7d:84:a1:e9:76:27:98:f2:81:73:95:60:13:15:d7:59: 46:34:bb:6b:4b:8a:4b:6d:91:a5:bb:24:4d:ae:db:b0:4c:92: e3:b5:0f:b5:97:6a:a3:c7:04:a2:a7:46:7b:c2:57:31:d7:48: 14:87:0d:57:ba:f1:85:dd:7a:a5:99:5a:0f:1a:d3:1f:0b:3d: e7:05:0f:b4:ef:b5:a2:65:6a:bf:22:d3:e8:4c:df:bf:92:6d: 4a:4e:93:ae:cd:d6:25:f5:c9:f3:f1:90:2c:a9:09:df:dd:23: 6e:e7:1f:42:93:ac:26:38:dc:39:26:1b:65:44:98:c5:1b:a2: c1:40:81:3c:90:35:05:35:04:99:83:f5:42:8f:30:e4:00:36: c2:d9:9a:63:6b:35:8a:5a:bd:80:68:9d:a1:64:e4:8d:96:41: e4:69:43:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENCQUQxMTAvBgNVBAUTKDUzMjY4QTI3MzZBNUZGNTU0Qjk0MDcwM0YzNzRGQzM1 NzkyMjhDMzAwHhcNMjQwNTE4MjEwMjU0WhcNMjQwNTI1MjEwMjU0WjAYMRYwFAYD VQQDEw02NjQ5MTc3Zi0wOTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6+8V7xqxcZm9w/RZbcm4YeXQlLlFQ3dHwiYXzGbT86yQVXtaILIpz8TCA+nK 5dgVqvw0+l4JIapm+0RLOHorHSCajQwvOyB2yflW6BRMEH2V/62A2gQ0mGrTgvb+ IEuCSW4j0C/xO+cl8u4gAuxNIhhmmXCGAnRdd34vUyD6qEe1EDa1u9y3xX4yDx5D dhMakNIgWIDZn0zpp+5Op+glqAN64ZtEcNvDUfVKrTuNukLT29868w1Nr51UYrni ykZArCOSfmDa64Bckdrhll8OMy6PM65eeuwu/I8IULtY0Q9uJzY3NpVfKXTPGHHA 1PRxJuxMz3gqSAFaiwgSbBix+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOWXRVi6 goiTTmjE1qtqPnERWuDHMB8GA1UdIwQYMBaAFFMmiic2pf9VS5QHA/N0/DV5Ioww MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0JBRC8zNjU5RTdBRTcw OTExMUVBOEE5QjRFMERDNEY5QUUwMi9VeWFLSnphbF8xVkxsQWNEODNUOE5Ya2lq REEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1V5YUtKemFsXzFWTGxBY0Q4M1Q4TlhraWpEQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Q0JBRC8zNjU5RTdBRTcwOTExMUVBOEE5QjRFMERDNEY5QUUwMi9VeWFLSnphbF8x VkxsQWNEODNUOE5Ya2lqREEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFe3s9OdvWbDX4hjL2rPX2c1GHZy3JtvIM537qvvvDtoDCHITEcDrG 61+EtyOYtzOnfySAJgvfPmnxJQIG+ZZKUqsKTpv66XXJrTQ7XJcEtiMUXH9rTGWf 8UKrX32Eoel2J5jygXOVYBMV11lGNLtrS4pLbZGluyRNrtuwTJLjtQ+1l2qjxwSi p0Z7wlcx10gUhw1XuvGF3XqlmVoPGtMfCz3nBQ+077WiZWq/ItPoTN+/km1KTpOu zdYl9cnz8ZAsqQnf3SNu5x9Ck6wmONw5JhtlRJjFG6LBQIE8kDUFNQSZg/VCjzDk ADbC2ZpjazWKWr2AaJ2hZOSNlkHkaUPy -----END CERTIFICATE-----Generated at Sat May 18 22:28:01 2024 by rpki-client on console-ams.rpki-client.org