$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.mft File: xVznjEX0hWCLgkNgYAPYCooWzNY.mft (raw, json) Hash identifier: kpOSGx7zwH9AXI462cpdVI+63KG4mW8ZDmGd40x6wd8= Subject key identifier: 3D:8F:B3:C7:66:DA:E2:35:F4:18:C5:57:CB:07:76:39:9A:B9:DC:78 Authority key identifier: C5:5C:E7:8C:45:F4:85:60:8B:82:43:60:60:03:D8:0A:8A:16:CC:D6 Certificate issuer: /CN=A91E6E96/serialNumber=C55CE78C45F485608B8243606003D80A8A16CCD6 Certificate serial: 03D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xVznjEX0hWCLgkNgYAPYCooWzNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.mft Manifest number: 03D6 Signing time: Sun 19 May 2024 02:21:18 +0000 Manifest this update: Sun 19 May 2024 02:21:17 +0000 Manifest next update: Sun 26 May 2024 02:21:17 +0000 Files and hashes: 1: xVznjEX0hWCLgkNgYAPYCooWzNY.crl (hash: UcjT/YB0l+XiNGAiefAFJnsSx+pXJYGg8McV0nYCkvk=) 2: 64DE26F6386011EC83DC2E23C4F9AE02.roa (hash: /Jf7jeGDDsQSkiO2YVPWOb/kzpD/kg9bHZrDl1rWPXQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.crl rsync://rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xVznjEX0hWCLgkNgYAPYCooWzNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 01:19:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 985 (0x3d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6E96/serialNumber=C55CE78C45F485608B8243606003D80A8A16CCD6 Validity Not Before: May 19 02:21:17 2024 GMT Not After : May 26 02:21:17 2024 GMT Subject: CN=6649621e-d14d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5a:38:ea:35:4e:0f:69:2c:30:8a:bc:06:cf: ef:79:96:e9:8e:9d:7a:03:54:62:b6:65:10:50:8c: 07:93:50:4e:62:fc:0d:6c:d6:e0:95:c5:e6:23:98: c7:ca:fc:30:c1:19:fd:e9:5d:28:fa:a7:36:d1:fa: e5:bd:a9:3e:28:a6:fb:a1:d4:7a:96:f2:40:cd:ed: be:61:da:20:59:10:ed:32:cd:54:33:ff:ed:16:07: 78:d6:ce:4f:20:6c:97:b3:33:79:d6:6a:c4:c6:f8: 0f:13:e2:2f:78:00:06:96:1a:7d:73:39:a1:d2:88: 0b:8b:81:a0:d6:c7:2f:73:f5:7a:f3:72:f5:2d:8a: 47:4f:a5:db:4c:49:9c:a3:1d:1f:7f:87:20:ef:06: a1:9a:37:74:c1:47:67:17:6e:bc:47:8f:81:87:3e: de:ec:9d:fe:b6:5d:5e:0f:8b:77:78:1e:9a:e5:1a: b6:c0:3c:38:7c:09:7d:80:5b:cd:aa:06:0e:18:74: 30:8b:67:e8:aa:94:1f:fb:e1:72:00:f4:65:85:56: 1f:bc:b9:2a:95:2d:80:e5:cb:cc:38:e3:35:cd:72: 23:a9:51:0c:ab:82:6c:7d:2e:1a:27:46:6c:29:d9: a8:ec:04:59:d2:01:90:ef:49:11:24:e1:42:b3:be: cd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:8F:B3:C7:66:DA:E2:35:F4:18:C5:57:CB:07:76:39:9A:B9:DC:78 X509v3 Authority Key Identifier: keyid:C5:5C:E7:8C:45:F4:85:60:8B:82:43:60:60:03:D8:0A:8A:16:CC:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xVznjEX0hWCLgkNgYAPYCooWzNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6E96/7B9D3DEA385C11EC9C258778C4F9AE02/xVznjEX0hWCLgkNgYAPYCooWzNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:6e:15:bb:2f:df:41:d5:09:00:3f:87:b0:12:fd:e3:73:5b: 13:40:40:e2:88:09:e4:10:e3:8e:14:25:84:d6:d0:52:c2:6a: 20:4a:e0:1f:b1:2e:8c:4c:3b:73:6a:13:ee:47:bd:dc:5e:70: 75:a5:e9:7f:ef:91:66:79:08:42:1b:16:cd:6c:2e:ff:d8:92: 29:61:eb:ac:37:1e:db:e6:b8:dc:99:8f:40:ab:4f:c1:75:55: 76:ba:17:f5:9a:46:3a:4a:05:99:d8:ab:ce:c0:15:7f:05:72: f4:b9:f7:25:45:30:d6:d1:4d:57:89:4a:bd:dc:29:44:1f:24: 84:f0:e4:d5:0b:0b:24:a0:7a:76:89:1e:19:29:d7:de:19:9d: b7:2e:0a:12:b1:a8:f3:0c:4d:4c:60:1c:8f:0b:73:ce:c4:f0: 13:fd:38:96:c2:d8:cb:82:82:74:07:41:bb:75:5a:35:d7:1d: 42:c5:cd:86:47:28:e0:42:80:33:f5:3e:b0:09:00:27:05:c5: 28:28:ec:18:43:96:bd:0d:72:ed:8a:9a:53:a6:7c:9e:dc:08: 6e:3e:8f:76:ee:36:19:99:0a:db:b7:fb:98:b8:bf:37:7b:d1: 75:52:a1:20:4f:7f:c1:5e:d1:2b:ef:aa:c9:0d:78:af:0f:6f: c1:36:30:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZFOTYxMTAvBgNVBAUTKEM1NUNFNzhDNDVGNDg1NjA4QjgyNDM2MDYwMDNEODBB OEExNkNDRDYwHhcNMjQwNTE5MDIyMTE3WhcNMjQwNTI2MDIyMTE3WjAYMRYwFAYD VQQDEw02NjQ5NjIxZS1kMTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqVo46jVOD2ksMIq8Bs/veZbpjp16A1RitmUQUIwHk1BOYvwNbNbglcXmI5jH yvwwwRn96V0o+qc20frlvak+KKb7odR6lvJAze2+YdogWRDtMs1UM//tFgd41s5P IGyXszN51mrExvgPE+IveAAGlhp9czmh0ogLi4Gg1scvc/V683L1LYpHT6XbTEmc ox0ff4cg7wahmjd0wUdnF268R4+Bhz7e7J3+tl1eD4t3eB6a5Rq2wDw4fAl9gFvN qgYOGHQwi2foqpQf++FyAPRlhVYfvLkqlS2A5cvMOOM1zXIjqVEMq4JsfS4aJ0Zs Kdmo7ARZ0gGQ70kRJOFCs77NQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD2Ps8dm 2uI19BjFV8sHdjmaudx4MB8GA1UdIwQYMBaAFMVc54xF9IVgi4JDYGAD2AqKFszW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkU5Ni83QjlEM0RFQTM4 NUMxMUVDOUMyNTg3NzhDNEY5QUUwMi94VnpuakVYMGhXQ0xna05nWUFQWUNvb1d6 TlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hWem5qRVgwaFdDTGdrTmdZQVBZQ29vV3pOWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkU5Ni83QjlEM0RFQTM4NUMxMUVDOUMyNTg3NzhDNEY5QUUwMi94VnpuakVYMGhX Q0xna05nWUFQWUNvb1d6TlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIbhW7L99B1QkAP4ewEv3jc1sTQEDiiAnkEOOOFCWE1tBSwmogSuAf sS6MTDtzahPuR73cXnB1pel/75FmeQhCGxbNbC7/2JIpYeusNx7b5rjcmY9Aq0/B dVV2uhf1mkY6SgWZ2KvOwBV/BXL0ufclRTDW0U1XiUq93ClEHySE8OTVCwskoHp2 iR4ZKdfeGZ23LgoSsajzDE1MYByPC3POxPAT/TiWwtjLgoJ0B0G7dVo11x1Cxc2G RyjgQoAz9T6wCQAnBcUoKOwYQ5a9DXLtippTpnye3AhuPo927jYZmQrbt/uYuL83 e9F1UqEgT3/BXtEr76rJDXivD2/BNjDw -----END CERTIFICATE-----Generated at Sun May 19 02:59:16 2024 by rpki-client on console-ams.rpki-client.org