$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.mft File: KMruhJZWnFc8PlsYkMWhs0z8jjA.mft (raw, json) Hash identifier: wiQksWjYk629PLV6Yef6j8uJJ6pi8KPGqfnDjJPtAgs= Subject key identifier: B1:22:2B:67:F9:30:0B:5A:F0:4B:C6:C0:6C:F7:86:50:EF:B1:33:55 Authority key identifier: 28:CA:EE:84:96:56:9C:57:3C:3E:5B:18:90:C5:A1:B3:4C:FC:8E:30 Certificate issuer: /CN=A91E4EF6/serialNumber=28CAEE8496569C573C3E5B1890C5A1B34CFC8E30 Certificate serial: 0629 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.mft Manifest number: 0FC4 Signing time: Sat 18 May 2024 20:50:52 +0000 Manifest this update: Sat 18 May 2024 20:50:52 +0000 Manifest next update: Sat 25 May 2024 20:50:52 +0000 Files and hashes: 1: KMruhJZWnFc8PlsYkMWhs0z8jjA.crl (hash: CYug+u05LdDWX2gY+HY+4x1LQ3HuGJydYaurcYULDl0=) 2: 377B6620506B11EBAD849641C4F9AE02.roa (hash: l67TXmYzX11ydKu0rEHDmPeizjtCpkC5Dw8UPLRU3aU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.crl rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1577 (0x629) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4EF6/serialNumber=28CAEE8496569C573C3E5B1890C5A1B34CFC8E30 Validity Not Before: May 18 20:50:52 2024 GMT Not After : May 25 20:50:52 2024 GMT Subject: CN=664914ac-d9c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6f:c9:7f:7b:3f:e4:f3:8d:96:56:f1:ea:43: c4:5a:69:d9:e7:5c:e6:f1:72:02:c6:81:51:2a:6d: 7b:57:81:19:c2:f3:8d:9d:ef:d1:1f:8d:14:03:ac: cb:d2:8b:d3:ef:4a:43:e8:23:5f:09:e6:be:49:c1: 67:33:bc:84:93:c7:21:86:00:aa:b7:73:3f:3f:ba: 0e:17:44:1a:13:18:83:29:42:d1:da:67:17:6d:94: 93:cf:76:d3:fa:01:a2:78:0c:d9:f2:03:00:b0:50: dc:73:27:7c:04:a5:ac:ae:96:7d:80:5a:a1:eb:9a: 93:c2:ac:72:ff:6a:e2:5d:4b:f7:54:aa:91:ef:40: 14:4f:b0:0c:0f:fa:3a:5b:d1:8f:cb:51:ef:1f:7c: d7:e3:f5:85:bb:cf:84:9a:1a:4e:c9:11:e9:a8:5c: 83:4f:7f:ae:96:09:3c:95:27:a9:25:0c:16:6b:1d: 6b:8b:b0:e9:c0:80:75:78:fa:0a:1d:ac:74:a9:53: 2b:fd:23:0b:9a:f5:1f:9a:0e:e1:4f:bb:e5:e9:e2: 96:1b:13:9d:b1:99:06:a3:0a:df:9e:0c:96:85:6c: 8d:9d:6b:74:f1:0c:c6:6a:06:5b:ce:5d:c6:67:fb: b6:e7:27:9d:0b:40:96:e2:ed:84:83:28:49:30:61: 72:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:22:2B:67:F9:30:0B:5A:F0:4B:C6:C0:6C:F7:86:50:EF:B1:33:55 X509v3 Authority Key Identifier: keyid:28:CA:EE:84:96:56:9C:57:3C:3E:5B:18:90:C5:A1:B3:4C:FC:8E:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMruhJZWnFc8PlsYkMWhs0z8jjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4EF6/9380078E61D611EAB8D0155BC4F9AE02/KMruhJZWnFc8PlsYkMWhs0z8jjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:48:99:f4:55:8c:53:79:f9:c3:17:4d:bc:ce:dd:a0:6f:2f: 60:56:2b:a6:80:f4:78:08:f6:4e:4e:7a:cb:99:37:f5:40:a4: ce:4d:63:3a:00:6d:d9:d7:0f:f5:54:13:0d:a9:7b:03:00:0f: 8b:7e:55:c8:4f:09:f4:44:ac:0d:3b:30:ed:cc:58:cb:b9:f0: 58:68:9d:5e:b9:68:2b:1b:94:e2:52:b3:12:94:bd:f7:90:2a: f2:4c:63:2e:af:92:e6:b5:10:82:3d:1f:97:bd:33:0f:77:8b: 3b:49:5f:9a:e1:e1:34:5f:58:f8:47:67:bd:12:24:22:b7:2e: 0a:5d:03:00:be:e4:9f:30:de:70:a2:9e:93:6a:5b:2e:0f:e9: 99:09:29:48:1a:bc:0a:35:06:7e:bb:01:57:fc:05:a2:be:59: b3:0d:3f:bd:f9:a2:74:18:36:d4:3b:08:ba:13:d9:d3:01:85: fa:46:fe:21:16:7b:a0:00:32:aa:9c:8d:3d:b2:40:89:a2:f7: 36:58:9f:ba:ce:64:d8:f9:c3:74:f3:13:d8:63:d0:66:5f:66: c0:9a:ec:43:1e:fc:12:72:64:7c:f1:0f:81:33:35:e3:c5:27: 11:7a:83:0d:32:83:27:71:50:3d:31:a8:39:d0:62:ee:60:fa: b1:fe:01:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRFRjYxMTAvBgNVBAUTKDI4Q0FFRTg0OTY1NjlDNTczQzNFNUIxODkwQzVBMUIz NENGQzhFMzAwHhcNMjQwNTE4MjA1MDUyWhcNMjQwNTI1MjA1MDUyWjAYMRYwFAYD VQQDEw02NjQ5MTRhYy1kOWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwm/Jf3s/5PONllbx6kPEWmnZ51zm8XICxoFRKm17V4EZwvONne/RH40UA6zL 0ovT70pD6CNfCea+ScFnM7yEk8chhgCqt3M/P7oOF0QaExiDKULR2mcXbZSTz3bT +gGieAzZ8gMAsFDccyd8BKWsrpZ9gFqh65qTwqxy/2riXUv3VKqR70AUT7AMD/o6 W9GPy1HvH3zX4/WFu8+EmhpOyRHpqFyDT3+ulgk8lSepJQwWax1ri7DpwIB1ePoK Hax0qVMr/SMLmvUfmg7hT7vl6eKWGxOdsZkGowrfngyWhWyNnWt08QzGagZbzl3G Z/u25yedC0CW4u2EgyhJMGFykQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLEiK2f5 MAta8EvGwGz3hlDvsTNVMB8GA1UdIwQYMBaAFCjK7oSWVpxXPD5bGJDFobNM/I4w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEVGNi85MzgwMDc4RTYx RDYxMUVBQjhEMDE1NUJDNEY5QUUwMi9LTXJ1aEpaV25GYzhQbHNZa01XaHMwejhq akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tNcnVoSlpXbkZjOFBsc1lrTVdoczB6OGpqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEVGNi85MzgwMDc4RTYxRDYxMUVBQjhEMDE1NUJDNEY5QUUwMi9LTXJ1aEpaV25G YzhQbHNZa01XaHMwejhqakEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuSJn0VYxTefnDF028zt2gby9gViumgPR4CPZOTnrLmTf1QKTOTWM6 AG3Z1w/1VBMNqXsDAA+LflXITwn0RKwNOzDtzFjLufBYaJ1euWgrG5TiUrMSlL33 kCryTGMur5LmtRCCPR+XvTMPd4s7SV+a4eE0X1j4R2e9EiQity4KXQMAvuSfMN5w op6TalsuD+mZCSlIGrwKNQZ+uwFX/AWivlmzDT+9+aJ0GDbUOwi6E9nTAYX6Rv4h FnugADKqnI09skCJovc2WJ+6zmTY+cN08xPYY9BmX2bAmuxDHvwScmR88Q+BMzXj xScReoMNMoMncVA9Mag50GLuYPqx/gG9 -----END CERTIFICATE-----Generated at Sat May 18 21:24:23 2024 by rpki-client on console-fra.rpki-client.org