$ rpki-client -vvf rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft File: G_l27-qyMS6i2shrmKOYzwxb1vA.mft (raw, json) Hash identifier: V2Yr6ETNBpoY+6WbNdvaBEtAPe7FlqwEGGv/gKdG0JY= Subject key identifier: 33:E5:10:7B:BC:2F:65:F1:96:69:C0:37:AF:57:64:5D:E4:B9:04:0C Authority key identifier: 1B:F9:76:EF:EA:B2:31:2E:A2:DA:C8:6B:98:A3:98:CF:0C:5B:D6:F0 Certificate issuer: /CN=A91E772F/serialNumber=1BF976EFEAB2312EA2DAC86B98A398CF0C5BD6F0 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft Manifest number: 21 Signing time: Sun 19 May 2024 08:34:41 +0000 Manifest this update: Sun 19 May 2024 08:34:41 +0000 Manifest next update: Sun 26 May 2024 08:34:41 +0000 Files and hashes: 1: G_l27-qyMS6i2shrmKOYzwxb1vA.crl (hash: 3tXb6cVk8R8UWZOdCDLTHtou8QSxJkIWxuBkBgpZr3g=) 2: 82743A06E2EB11EEBAC73D0CC4F9AE02.roa (hash: y03lKIB42nw4jlkFQ7G75iFQPvcCfwFRDTzAnmoLg+c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.crl rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E772F/serialNumber=1BF976EFEAB2312EA2DAC86B98A398CF0C5BD6F0 Validity Not Before: May 19 08:34:41 2024 GMT Not After : May 26 08:34:41 2024 GMT Subject: CN=6649b9a1-0b72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9d:16:f5:18:82:47:33:26:7a:61:22:48:c6: b7:18:11:68:d1:25:7c:78:c6:05:66:aa:f5:bd:2f: b9:90:02:34:b0:56:30:09:f0:15:09:8a:a4:0f:8e: 11:8f:55:16:54:4c:6a:fc:7b:97:34:89:0b:35:b9: a5:f8:1e:72:c0:47:f4:69:bf:f7:19:46:cc:b9:60: d2:9e:20:78:83:78:ed:3f:78:fa:58:41:d3:90:46: 8a:eb:5f:97:a0:c8:65:09:15:98:85:60:9b:e9:c9: a8:16:d4:8c:2e:d7:02:59:1d:7a:c0:6d:25:10:19: 40:be:ac:e3:ee:6c:2c:c1:87:5d:56:bc:75:64:38: 80:fc:d3:e0:18:1f:58:fb:ca:52:c3:93:9e:fa:a9: 1e:3f:4c:22:96:ed:f1:2b:74:6e:6c:ba:a0:42:2e: d4:a5:95:5d:95:cf:5a:75:e4:49:30:bc:4c:93:53: e6:0d:fc:d2:4d:e9:93:1b:78:bf:d5:5a:86:d1:ed: 6e:81:e2:2e:99:d6:9e:a6:1d:c5:eb:70:c5:1f:25: e7:e7:e2:50:a7:43:f1:7a:2f:34:15:df:01:54:c4: a1:b6:92:d4:70:d3:0a:34:e9:4b:2d:9c:7d:c0:5e: aa:c4:2a:05:ab:56:f8:88:8c:27:1a:52:2d:54:66: 0b:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E5:10:7B:BC:2F:65:F1:96:69:C0:37:AF:57:64:5D:E4:B9:04:0C X509v3 Authority Key Identifier: keyid:1B:F9:76:EF:EA:B2:31:2E:A2:DA:C8:6B:98:A3:98:CF:0C:5B:D6:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:32:b0:c6:07:8b:89:f8:75:fb:d3:31:07:91:c6:60:b4:21: 4e:a1:af:73:b1:d7:96:44:8f:e4:2e:23:6d:d9:48:46:a8:8c: bb:c9:76:5c:0c:7d:9d:dc:6b:3f:3c:4f:5e:6b:4c:c0:5d:26: fd:d5:3a:b6:74:71:bd:46:82:8a:12:60:1e:52:c8:f9:79:0e: 95:da:06:09:a3:34:06:04:33:c8:a2:ca:89:4a:1a:64:2a:af: 2b:67:7c:b4:ea:cb:1b:17:9e:61:67:63:29:dc:33:28:2b:c7: f3:a6:1a:2f:6b:49:5a:75:f2:95:40:b0:a2:93:11:49:07:7e: 6f:88:c5:5d:ff:9d:db:d2:ec:25:1d:7c:a5:a5:11:7d:bc:bc: d4:fc:ac:e6:7d:b7:b4:0d:3e:d5:91:6d:a6:12:12:cd:48:29: e1:4e:55:a5:7d:f4:57:6b:d1:1b:21:22:1e:22:ff:72:f7:b1: b4:83:18:0e:89:2b:c1:51:a4:8e:e4:a6:52:1b:90:8d:6b:ff: 8d:45:2d:61:8c:e2:b7:82:16:a3:1b:7a:42:f9:78:ea:cc:8e: 8c:e4:68:32:32:59:07:64:57:17:73:cb:a5:93:fe:4b:3b:3f: 12:24:6c:0f:c1:1f:d9:6c:29:20:bd:9a:46:8d:28:16:d6:30: ba:f9:8a:b6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NzcyRjExMC8GA1UEBRMoMUJGOTc2RUZFQUIyMzEyRUEyREFDODZCOThBMzk4Q0Yw QzVCRDZGMDAeFw0yNDA1MTkwODM0NDFaFw0yNDA1MjYwODM0NDFaMBgxFjAUBgNV BAMTDTY2NDliOWExLTBiNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5nRb1GIJHMyZ6YSJIxrcYEWjRJXx4xgVmqvW9L7mQAjSwVjAJ8BUJiqQPjhGP VRZUTGr8e5c0iQs1uaX4HnLAR/Rpv/cZRsy5YNKeIHiDeO0/ePpYQdOQRorrX5eg yGUJFZiFYJvpyagW1Iwu1wJZHXrAbSUQGUC+rOPubCzBh11WvHVkOID80+AYH1j7 ylLDk576qR4/TCKW7fErdG5suqBCLtSllV2Vz1p15EkwvEyTU+YN/NJN6ZMbeL/V WobR7W6B4i6Z1p6mHcXrcMUfJefn4lCnQ/F6LzQV3wFUxKG2ktRw0wo06UstnH3A XqrEKgWrVviIjCcaUi1UZgspAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUM+UQe7wv ZfGWacA3r1dkXeS5BAwwHwYDVR0jBBgwFoAUG/l27+qyMS6i2shrmKOYzwxb1vAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3NzJGLzFFNzdFNzMyRTJF QjExRUVBRDZFOUEwQkM0RjlBRTAyL0dfbDI3LXF5TVM2aTJzaHJtS09Zend4YjF2 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvR19sMjctcXlNUzZpMnNocm1LT1l6d3hiMXZBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU3 NzJGLzFFNzdFNzMyRTJFQjExRUVBRDZFOUEwQkM0RjlBRTAyL0dfbDI3LXF5TVM2 aTJzaHJtS09Zend4YjF2QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC4ysMYHi4n4dfvTMQeRxmC0IU6hr3Ox15ZEj+QuI23ZSEaojLvJdlwM fZ3caz88T15rTMBdJv3VOrZ0cb1GgooSYB5SyPl5DpXaBgmjNAYEM8iiyolKGmQq rytnfLTqyxsXnmFnYyncMygrx/OmGi9rSVp18pVAsKKTEUkHfm+IxV3/ndvS7CUd fKWlEX28vNT8rOZ9t7QNPtWRbaYSEs1IKeFOVaV99Fdr0RshIh4i/3L3sbSDGA6J K8FRpI7kplIbkI1r/41FLWGM4reCFqMbekL5eOrMjozkaDIyWQdkVxdzy6WT/ks7 PxIkbA/BH9lsKSC9mkaNKBbWMLr5irY= -----END CERTIFICATE-----Generated at Sun May 19 09:04:14 2024 by rpki-client on console-fra.rpki-client.org