$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft File: KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft (raw, json) Hash identifier: 4FL8GYzPo+0UmG5ud68bz6iapmREe0zPdps+b3A0xzU= Subject key identifier: 75:13:35:87:14:65:31:B8:02:1F:64:52:0A:DD:29:DB:EF:98:2B:9E Authority key identifier: 2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58 Certificate issuer: /CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958 Certificate serial: 1B07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft Manifest number: 1AFF Signing time: Sat 18 May 2024 16:41:24 +0000 Manifest this update: Sat 18 May 2024 16:41:23 +0000 Manifest next update: Sat 25 May 2024 16:41:23 +0000 Files and hashes: 1: KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl (hash: XFSQjIQm/OOpWBKTAtUG+7tRn1hLIVxGSenkOn+Furc=) 2: A3436BD6FA5D11E6AA12A219C4F9AE02.roa (hash: AEkbhlHCZoSAdf5bTxzBqec94+uTUsF0jdM0DiiwKmA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6919 (0x1b07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958 Validity Not Before: May 18 16:41:23 2024 GMT Not After : May 25 16:41:23 2024 GMT Subject: CN=6648da33-0862 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:40:b6:ea:a1:a8:2c:58:5a:42:74:a0:d4:98: 57:3a:23:92:59:93:03:28:e8:e2:2b:29:31:be:50: e5:b6:54:fa:e5:b2:76:34:4b:78:f4:c8:38:54:49: d4:12:8b:91:30:c5:a0:7d:db:8c:74:5e:f1:f2:a6: 57:ad:c1:8b:2e:3e:d7:ca:9a:4d:e1:9c:73:e3:18: aa:21:57:7c:85:db:c5:8c:90:25:41:6e:4f:d9:92: f2:ee:1c:8d:2e:25:51:aa:bb:20:a4:99:f9:90:d0: a5:9c:99:38:59:87:01:91:68:46:b6:24:c8:42:45: 0d:1d:37:ac:ff:2c:8e:fc:8e:16:d5:26:f2:b1:23: 72:91:18:a8:78:d7:16:b5:aa:cd:15:a5:40:7d:11: 54:b9:80:01:57:7b:26:50:db:c7:40:f2:1c:74:05: f3:17:ba:38:3a:a9:a2:c5:4e:1c:00:e8:4d:48:86: c9:da:18:3b:ce:e3:a1:0d:b5:ee:a6:ff:c0:90:b4: 38:a8:60:fa:f1:06:ac:bf:0e:fe:3f:f7:75:6a:23: 45:30:1f:04:ce:22:7f:ef:57:df:11:16:59:ea:79: 61:7f:6e:b7:86:f0:70:3f:63:e0:ef:15:4c:a4:92: f4:32:e4:fb:b0:f7:5d:53:59:80:8a:f9:11:19:4c: e8:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:13:35:87:14:65:31:B8:02:1F:64:52:0A:DD:29:DB:EF:98:2B:9E X509v3 Authority Key Identifier: keyid:2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:9a:9d:f2:5e:3f:7f:7a:12:46:f8:e4:b4:ed:e9:08:c1:8d: 8e:af:59:e4:94:27:71:ea:69:d2:85:7b:e5:3d:ad:03:cf:01: 09:9e:4d:68:c2:c8:53:a3:e3:2e:46:38:f3:60:6a:9a:19:59: f0:cb:69:f9:e0:d1:4e:40:c5:a8:49:c9:18:d1:2e:57:49:a5: c1:4c:64:e9:1a:ed:b8:7c:2f:e6:9e:8e:68:a3:54:ff:52:57: df:7b:4c:c2:24:3d:2c:79:e9:81:c3:3c:d9:f9:5f:07:61:53: 59:99:ca:b6:49:6e:03:98:e5:39:43:5a:7e:93:75:3f:3f:be: 64:c1:41:07:c5:cd:fe:6c:b6:94:0d:b0:28:4b:3a:1d:26:5c: 5b:7b:0c:fd:6a:6d:44:a3:39:ec:13:83:ab:fb:20:fb:67:c4: 5e:73:59:0a:3e:af:49:84:3b:4b:d8:33:db:c3:4f:ef:93:5a: 08:b5:52:ca:09:f6:96:19:02:71:0c:41:9b:0c:81:0b:47:e0: 46:77:5f:0f:ca:eb:5e:23:62:4a:9c:d2:88:39:04:65:e3:d3: a1:d3:2e:15:83:8b:3b:e6:08:bd:93:e8:ee:ce:77:1e:73:bf: dc:fa:d9:0a:5d:46:f3:2d:fd:0f:ba:e1:c5:bf:e2:a5:6b:7a: 1b:9f:28:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGwcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUxRkIxMTAvBgNVBAUTKDJBRTYzMzMxRjcxOTlBNTVBMkJBRDlDQjE0RjgzRkFC NTA2NkU5NTgwHhcNMjQwNTE4MTY0MTIzWhcNMjQwNTI1MTY0MTIzWjAYMRYwFAYD VQQDEw02NjQ4ZGEzMy0wODYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEC26qGoLFhaQnSg1JhXOiOSWZMDKOjiKykxvlDltlT65bJ2NEt49Mg4VEnU EouRMMWgfduMdF7x8qZXrcGLLj7XyppN4Zxz4xiqIVd8hdvFjJAlQW5P2ZLy7hyN LiVRqrsgpJn5kNClnJk4WYcBkWhGtiTIQkUNHTes/yyO/I4W1SbysSNykRioeNcW tarNFaVAfRFUuYABV3smUNvHQPIcdAXzF7o4OqmixU4cAOhNSIbJ2hg7zuOhDbXu pv/AkLQ4qGD68Qasvw7+P/d1aiNFMB8EziJ/71ffERZZ6nlhf263hvBwP2Pg7xVM pJL0MuT7sPddU1mAivkRGUzowQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHUTNYcU ZTG4Ah9kUgrdKdvvmCueMB8GA1UdIwQYMBaAFCrmMzH3GZpVorrZyxT4P6tQZulY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTFGQi80NTg0QzE0OEZB NUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZjWm1sV2l1dG5MRlBnX3ExQm02 VmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t1WXpNZmNabWxXaXV0bkxGUGdfcTFCbTZWZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RTFGQi80NTg0QzE0OEZBNUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZjWm1s V2l1dG5MRlBnX3ExQm02VmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwmp3yXj9/ehJG+OS07ekIwY2Or1nklCdx6mnShXvlPa0DzwEJnk1o wshTo+MuRjjzYGqaGVnwy2n54NFOQMWoSckY0S5XSaXBTGTpGu24fC/mno5oo1T/ Ulffe0zCJD0seemBwzzZ+V8HYVNZmcq2SW4DmOU5Q1p+k3U/P75kwUEHxc3+bLaU DbAoSzodJlxbewz9am1EoznsE4Or+yD7Z8Rec1kKPq9JhDtL2DPbw0/vk1oItVLK CfaWGQJxDEGbDIELR+BGd18PyuteI2JKnNKIOQRl49Oh0y4Vg4s75gi9k+juznce c7/c+tkKXUbzLf0PuuHFv+Kla3obnyiq -----END CERTIFICATE-----Generated at Sat May 18 17:37:34 2024 by rpki-client on console-fra.rpki-client.org