$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: 2x/C1VvEB3mdyuJsb3VtF4Z+jkwwpMOWiwleLO/pw0g= Subject key identifier: 59:02:75:81:B5:3A:BA:3D:A7:BB:C4:1D:4E:80:6D:7E:E8:8A:80:04 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0DC2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0D83 Signing time: Sat 18 May 2024 18:38:24 +0000 Manifest this update: Sat 18 May 2024 18:38:24 +0000 Manifest next update: Sat 25 May 2024 18:38:24 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: hauhfWL+YfRaMzW3jlBXYFzqog4VulN1275cNF1niMY=) 2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: iCk6VUHMVH5gHtg/PREmheSPvw2aWyW21P7KHrsfjDI=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: vrkSfrIO1esiQb62oklUF19uRzO1YJ77hK8qAtotf54=) 4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: MSLBrmZhOVTKN/R6HTT7BdBFhHLlDs6tCvAZclp5GvU=) 5: 427DCF0C3D8211EEA0E4DD46C4F9AE02.roa (hash: ovSA2wmqnVri8Bae8yZNqfuQWsSrO5RS1cz+upo4tCM=) 6: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: HtFhpWD7ofpi/nRu+ku3OEZsNHklE9FGBRQ+B81U48w=) 7: 3FE88D863D8211EEA0E4DD46C4F9AE02.roa (hash: DFTEkTpMYUZaChNCOS5LYT0aN5b0z7gmucXMygWogJU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3522 (0xdc2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: May 18 18:38:24 2024 GMT Not After : May 25 18:38:24 2024 GMT Subject: CN=6648f5a0-6f0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:d7:30:8d:9b:0d:e9:e7:ea:83:b1:e2:1c:73: b3:e4:d0:8f:16:80:f6:3d:fc:af:51:66:a3:2f:6e: 0e:98:ad:34:e5:a2:17:70:1f:47:0b:1e:f4:7e:cf: 97:11:91:9b:88:d8:9f:70:2d:9d:b5:68:97:91:fa: aa:05:c8:12:88:e7:85:90:59:b6:98:26:bb:78:ae: 64:a6:2f:e3:8d:2f:e3:aa:3a:05:c5:55:5b:f8:6b: 0d:37:8a:ef:58:65:62:45:3e:c7:2a:9e:38:45:da: dd:82:ec:f3:cc:b6:7e:35:48:3b:8a:bd:27:b6:bf: ef:7d:9b:fd:a0:a9:53:73:d3:3a:4d:3e:53:a0:3f: cc:de:28:3e:f9:c4:33:f0:43:08:69:c4:7a:7c:26: e5:f5:18:dd:93:38:2c:81:8f:20:09:e9:fc:30:54: 85:1a:cb:52:47:b2:99:e9:53:42:e2:10:3f:72:25: ec:ee:c9:02:aa:17:50:cb:4e:b9:fc:63:85:0b:09: 32:78:52:59:bd:00:fd:98:1d:5e:9a:37:77:33:26: 41:6e:6b:f5:a5:33:51:85:2a:9d:70:a3:d2:c0:1a: c4:ac:80:9a:54:1e:03:90:5a:48:2b:99:f3:23:6f: e0:e2:a6:27:05:27:e5:64:4c:5d:d6:29:4c:e3:35: e2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:02:75:81:B5:3A:BA:3D:A7:BB:C4:1D:4E:80:6D:7E:E8:8A:80:04 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:42:b0:13:68:79:c9:7c:23:2d:8e:6c:79:35:80:cb:e3:15: 16:a3:d8:6d:f6:86:d6:6d:2c:5a:6d:69:e8:cd:60:50:9c:56: 49:cf:46:23:81:3e:d5:32:c6:34:73:05:45:6f:22:59:cd:1f: 7f:60:45:c1:41:75:b5:a1:8b:f7:78:70:40:78:24:31:89:50: 6c:5c:e3:f2:1e:3a:8e:9b:29:0f:73:37:45:a5:48:4b:bd:e8: 64:4c:55:d4:af:8c:41:c0:8c:00:a7:04:48:64:20:c5:2c:bd: f2:5b:6d:c9:14:bb:be:44:16:00:4f:45:37:53:71:4e:25:fb: 43:1c:a8:86:a8:8e:6c:58:1d:62:12:bf:3b:11:26:46:8d:74: 06:5b:8e:f8:cd:a5:60:a4:de:14:82:c0:55:b7:2d:fa:be:63: 30:59:9c:3c:1f:68:45:cd:78:e2:0c:da:8c:a1:c6:1d:ea:fc: 7d:35:34:5d:8a:43:e6:9d:13:b0:36:43:64:ac:c0:7d:9a:be: 41:8b:50:71:ad:c2:21:95:46:54:a3:d9:aa:5b:2e:94:24:0e: 13:4b:4d:6e:50:5f:1a:69:1b:23:02:25:d1:a9:17:70:af:c4: 15:04:47:b0:a1:cf:3d:e7:8d:4f:37:d5:6f:1a:be:f8:ce:3f: 8c:31:31:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjQwNTE4MTgzODI0WhcNMjQwNTI1MTgzODI0WjAYMRYwFAYD VQQDEw02NjQ4ZjVhMC02ZjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3dcwjZsN6efqg7HiHHOz5NCPFoD2PfyvUWajL24OmK005aIXcB9HCx70fs+X EZGbiNifcC2dtWiXkfqqBcgSiOeFkFm2mCa7eK5kpi/jjS/jqjoFxVVb+GsNN4rv WGViRT7HKp44RdrdguzzzLZ+NUg7ir0ntr/vfZv9oKlTc9M6TT5ToD/M3ig++cQz 8EMIacR6fCbl9RjdkzgsgY8gCen8MFSFGstSR7KZ6VNC4hA/ciXs7skCqhdQy065 /GOFCwkyeFJZvQD9mB1emjd3MyZBbmv1pTNRhSqdcKPSwBrErICaVB4DkFpIK5nz I2/g4qYnBSflZExd1ilM4zXi4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkCdYG1 Oro9p7vEHU6AbX7oioAEMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnQrATaHnJfCMtjmx5NYDL4xUWo9ht9obWbSxabWnozWBQnFZJz0Yj gT7VMsY0cwVFbyJZzR9/YEXBQXW1oYv3eHBAeCQxiVBsXOPyHjqOmykPczdFpUhL vehkTFXUr4xBwIwApwRIZCDFLL3yW23JFLu+RBYAT0U3U3FOJftDHKiGqI5sWB1i Er87ESZGjXQGW474zaVgpN4UgsBVty36vmMwWZw8H2hFzXjiDNqMocYd6vx9NTRd ikPmnROwNkNkrMB9mr5Bi1BxrcIhlUZUo9mqWy6UJA4TS01uUF8aaRsjAiXRqRdw r8QVBEewoc89541PN9VvGr74zj+MMTHy -----END CERTIFICATE-----Generated at Sat May 18 19:15:26 2024 by rpki-client on console-ams.rpki-client.org