$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft File: yq3LrMUbKkZS3XMHTygsM00BAnc.mft (raw, json) Hash identifier: zQhIkyJESdTyHAQE1/B654SWjzjvGxMD8saXZWl2sb8= Subject key identifier: 89:C8:5D:FC:36:B0:7C:4C:9D:45:FF:6F:48:B5:77:2A:A9:F2:60:42 Authority key identifier: CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77 Certificate issuer: /CN=A91DCCB3/serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277 Certificate serial: 08E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft Manifest number: 08DE Signing time: Fri 31 May 2024 22:05:25 +0000 Manifest this update: Fri 31 May 2024 22:05:24 +0000 Manifest next update: Fri 07 Jun 2024 22:05:24 +0000 Files and hashes: 1: yq3LrMUbKkZS3XMHTygsM00BAnc.crl (hash: pohOgBqqivE0q+uWTsbEizaBMQPy3KFttR7ptDKFV2s=) 2: 57EE11D0895D11EA81B43245C4F9AE02.roa (hash: LuM8gmLzaSTxQEZimYZff6zRAqrVPiLTeic+naOJw/U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 22:05:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2275 (0x8e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCCB3/serialNumber=CAADCBACC51B2A4652DD73074F282C334D010277 Validity Not Before: May 31 22:05:24 2024 GMT Not After : Jun 7 22:05:24 2024 GMT Subject: CN=665a49a5-ce5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:04:65:62:83:d4:5b:c7:ef:0b:b3:90:e5:d0: 1e:48:18:bf:86:90:13:21:cf:0d:5b:25:f6:5b:f8: 31:93:14:37:a0:e6:19:55:ae:a8:dd:d9:ee:1b:0d: 62:fc:2d:41:e2:bc:83:e5:2d:93:59:c2:20:be:b1: 06:3a:03:73:96:5c:29:cb:4d:aa:47:bf:9f:54:7a: 96:27:33:1c:fe:c9:19:89:d1:bb:2e:74:b2:03:8f: e2:03:64:88:54:29:a7:6f:64:2a:8d:41:5a:8e:ac: 80:62:dd:5d:e7:d5:be:c7:e7:f2:07:70:fb:22:e2: 40:64:ce:7f:c4:7c:cf:06:a9:c4:f3:7c:07:1d:b5: a8:66:21:58:74:0a:bc:3f:e5:66:3d:7e:08:49:b3: 5c:61:5c:71:51:9d:8f:1a:c1:3c:4d:6f:ef:cb:e4: b9:4e:f1:a6:39:29:24:cc:84:93:0b:80:ef:85:51: 56:24:a7:ac:c6:2c:77:b8:f1:27:16:6d:8b:c5:0b: ee:97:28:3d:ac:fb:42:f9:9b:d6:c4:e4:72:31:54: 49:21:99:60:fc:8f:63:ef:6b:8c:08:80:6d:fd:e7: 95:e2:a6:dd:75:c2:12:5c:7c:fe:62:6e:e8:ae:27: e3:6b:60:3a:b1:43:92:96:11:17:ab:f4:5b:ab:b4: cb:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C8:5D:FC:36:B0:7C:4C:9D:45:FF:6F:48:B5:77:2A:A9:F2:60:42 X509v3 Authority Key Identifier: keyid:CA:AD:CB:AC:C5:1B:2A:46:52:DD:73:07:4F:28:2C:33:4D:01:02:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yq3LrMUbKkZS3XMHTygsM00BAnc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCCB3/41FD6016895C11EA890C6343C4F9AE02/yq3LrMUbKkZS3XMHTygsM00BAnc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:7f:c5:ce:d0:44:81:26:2f:6c:bd:2e:28:b7:ac:36:7e:9e: c5:cb:66:4d:cf:57:14:3e:41:77:80:c0:b3:9d:fc:d4:7f:fa: 85:0e:86:21:07:b5:ee:11:5e:85:ce:b9:ab:25:2e:94:a6:47: 3f:f9:f7:d9:19:06:fc:5a:81:3a:00:43:aa:5e:2d:cc:73:f2: 0b:50:60:0f:58:f0:41:39:ca:71:87:8f:37:90:d2:ee:97:4f: d9:49:f4:0f:c0:fd:ad:e5:3b:17:c2:fe:f5:ff:7e:be:af:40: ba:6c:6f:a7:5e:b8:47:f1:39:c8:60:e3:89:fd:46:18:77:fd: 08:db:df:4c:1d:7c:ea:a4:21:a9:9a:71:17:bb:e5:ab:61:4e: 84:25:9d:64:1d:12:b7:55:75:8d:94:ec:c6:fb:da:8c:43:79: a0:94:3a:c1:99:ec:5e:85:24:99:c3:bd:d7:18:f1:a5:ef:0b: 9e:a4:db:14:88:43:9b:07:f3:66:05:8f:fc:9b:7d:28:80:14: 96:20:f6:f2:29:d8:08:26:00:e4:8e:25:84:33:24:fc:6d:f2: 87:ab:61:e1:90:a4:ef:e7:2c:5f:7d:b0:b8:c4:1d:18:3c:4b: 55:e9:58:3e:18:4b:c0:ea:ef:c3:52:b2:11:ff:fb:67:95:88: 6f:5a:90:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENDQjMxMTAvBgNVBAUTKENBQURDQkFDQzUxQjJBNDY1MkRENzMwNzRGMjgyQzMz NEQwMTAyNzcwHhcNMjQwNTMxMjIwNTI0WhcNMjQwNjA3MjIwNTI0WjAYMRYwFAYD VQQDEw02NjVhNDlhNS1jZTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8ARlYoPUW8fvC7OQ5dAeSBi/hpATIc8NWyX2W/gxkxQ3oOYZVa6o3dnuGw1i /C1B4ryD5S2TWcIgvrEGOgNzllwpy02qR7+fVHqWJzMc/skZidG7LnSyA4/iA2SI VCmnb2QqjUFajqyAYt1d59W+x+fyB3D7IuJAZM5/xHzPBqnE83wHHbWoZiFYdAq8 P+VmPX4ISbNcYVxxUZ2PGsE8TW/vy+S5TvGmOSkkzISTC4DvhVFWJKesxix3uPEn Fm2LxQvulyg9rPtC+ZvWxORyMVRJIZlg/I9j72uMCIBt/eeV4qbddcISXHz+Ym7o rifja2A6sUOSlhEXq/Rbq7TLgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInIXfw2 sHxMnUX/b0i1dyqp8mBCMB8GA1UdIwQYMBaAFMqty6zFGypGUt1zB08oLDNNAQJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0NCMy80MUZENjAxNjg5 NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktrWlMzWE1IVHlnc00wMEJB bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lxM0xyTVViS2taUzNYTUhUeWdzTTAwQkFuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE Q0NCMy80MUZENjAxNjg5NUMxMUVBODkwQzYzNDNDNEY5QUUwMi95cTNMck1VYktr WlMzWE1IVHlnc00wMEJBbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxf8XO0ESBJi9svS4ot6w2fp7Fy2ZNz1cUPkF3gMCznfzUf/qFDoYh B7XuEV6FzrmrJS6Upkc/+ffZGQb8WoE6AEOqXi3Mc/ILUGAPWPBBOcpxh483kNLu l0/ZSfQPwP2t5TsXwv71/36+r0C6bG+nXrhH8TnIYOOJ/UYYd/0I299MHXzqpCGp mnEXu+WrYU6EJZ1kHRK3VXWNlOzG+9qMQ3mglDrBmexehSSZw73XGPGl7wuepNsU iEObB/NmBY/8m30ogBSWIPbyKdgIJgDkjiWEMyT8bfKHq2HhkKTv5yxffbC4xB0Y PEtV6Vg+GEvA6u/DUrIR//tnlYhvWpBH -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:30 2024 by rpki-client on console-ams.rpki-client.org