$ rpki-client -vvf rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.mft File: aecBsfM0KSOA56u5AcNCYzLGqlo.mft (raw, json) Hash identifier: 5FQfm3pmugWOWNFrUUGWB2bF9AvQqRePhQDeog+Nem0= Subject key identifier: 02:68:27:C6:A7:62:F9:B6:5D:7C:EE:B3:FF:1B:C3:2E:6B:D7:D1:A0 Authority key identifier: 69:E7:01:B1:F3:34:29:23:80:E7:AB:B9:01:C3:42:63:32:C6:AA:5A Certificate issuer: /CN=A91F44EA/serialNumber=69E701B1F334292380E7ABB901C3426332C6AA5A Certificate serial: 1503 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aecBsfM0KSOA56u5AcNCYzLGqlo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.mft Manifest number: 14F7 Signing time: Sat 18 May 2024 17:20:52 +0000 Manifest this update: Sat 18 May 2024 17:20:51 +0000 Manifest next update: Sat 25 May 2024 17:20:51 +0000 Files and hashes: 1: aecBsfM0KSOA56u5AcNCYzLGqlo.crl (hash: i4oq3lXnblukXvUAJomfMz+KNsa1Qh0mjm3RoL+ehDg=) 2: F6CE4EEC56F911E997D5B40AC4F9AE02.roa (hash: 9C784IBxLe0fhILSbdR042ngGdZtxQwkitJCEb6EQFU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.crl rsync://rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aecBsfM0KSOA56u5AcNCYzLGqlo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5379 (0x1503) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F44EA/serialNumber=69E701B1F334292380E7ABB901C3426332C6AA5A Validity Not Before: May 18 17:20:51 2024 GMT Not After : May 25 17:20:51 2024 GMT Subject: CN=6648e374-6cb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d7:d5:cf:c9:3c:89:5b:cf:81:4d:21:62:5b: e5:64:e6:34:f7:e8:11:e3:87:6e:e5:9b:6f:9a:65: 7a:07:30:48:b7:56:05:51:60:52:73:7f:90:3e:f3: ac:3f:33:1d:15:be:8e:e8:eb:bf:ad:c2:8e:ec:47: 87:f8:49:c4:24:bc:78:bc:ff:b7:6e:6a:c5:ac:a2: a1:5d:03:1f:c8:92:a1:5c:59:27:16:54:a4:67:ee: 85:8a:ea:21:33:f5:4a:64:ff:9e:a9:3c:23:e3:45: 3f:76:64:89:6a:3f:3d:be:fc:77:40:3f:82:82:b8: c3:b7:a9:09:8e:6a:fd:27:c3:f7:d1:77:05:c6:4c: f7:b8:9a:ff:14:71:a9:45:6f:e9:dd:c8:d2:db:b1: 56:01:1b:d6:e1:80:ac:08:e8:70:80:4c:ab:c6:d8: ba:fe:fa:0d:5d:98:14:22:62:c9:89:9c:16:53:fb: 64:1b:0e:83:6e:93:7e:0d:79:b1:ac:71:23:72:43: 1b:58:7d:38:36:5a:29:30:ea:fb:76:5c:54:95:53: 69:12:f5:cc:bd:5d:a8:50:2b:88:ea:ff:55:eb:d1: 75:14:ae:59:1f:5c:86:b7:57:34:87:f4:fc:f1:e2: ac:41:2a:9f:45:08:6d:e8:08:78:e0:bf:f2:ec:6b: 89:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:68:27:C6:A7:62:F9:B6:5D:7C:EE:B3:FF:1B:C3:2E:6B:D7:D1:A0 X509v3 Authority Key Identifier: keyid:69:E7:01:B1:F3:34:29:23:80:E7:AB:B9:01:C3:42:63:32:C6:AA:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aecBsfM0KSOA56u5AcNCYzLGqlo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F44EA/689033962B4111E884579387C4F9AE02/aecBsfM0KSOA56u5AcNCYzLGqlo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:3c:0e:32:55:43:77:99:f0:14:dd:93:33:5f:72:b6:0b:c3: 33:a4:d9:66:6f:6d:2e:09:f7:7d:b5:29:d0:ff:a0:ad:d1:bc: 8c:7d:18:2c:27:fb:3f:01:e9:9a:ef:01:b3:d9:87:ca:ee:e3: 42:cb:3e:31:a1:9c:a6:d8:11:2a:a2:9b:d5:ce:01:50:72:69: 94:2d:09:9b:8c:b6:e4:10:e2:33:89:b6:52:0e:bf:96:ca:fa: 76:d6:ef:9b:72:67:8e:05:4d:e5:98:b1:23:df:a6:a5:65:a3: dc:86:18:fd:6c:6f:37:38:ec:07:66:7d:5b:7a:6c:36:1b:03: 65:9f:5c:1f:43:0f:1f:5d:49:85:a0:72:9e:6e:6c:3b:68:e0: f5:1d:26:63:fd:c0:3e:5f:c5:59:11:c6:28:b8:ea:cf:95:a6: a6:82:02:65:64:cf:35:23:11:42:25:b8:bc:ab:1e:22:81:5e: 42:1b:90:75:6f:df:06:ed:59:e0:0e:ce:13:6e:ea:cf:34:c8: 1d:fa:40:f4:d0:00:b3:af:00:7c:39:02:2a:5e:ea:30:c6:f6: 91:b0:7d:b0:9d:9d:6b:1d:ee:dd:4b:e9:4f:d5:cc:26:60:0a: 2a:50:5b:60:0c:32:e5:cb:1c:60:09:b2:47:c3:9c:39:24:7a: 39:26:b5:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQ0RUExMTAvBgNVBAUTKDY5RTcwMUIxRjMzNDI5MjM4MEU3QUJCOTAxQzM0MjYz MzJDNkFBNUEwHhcNMjQwNTE4MTcyMDUxWhcNMjQwNTI1MTcyMDUxWjAYMRYwFAYD VQQDEw02NjQ4ZTM3NC02Y2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9fVz8k8iVvPgU0hYlvlZOY09+gR44du5ZtvmmV6BzBIt1YFUWBSc3+QPvOs PzMdFb6O6Ou/rcKO7EeH+EnEJLx4vP+3bmrFrKKhXQMfyJKhXFknFlSkZ+6Fiuoh M/VKZP+eqTwj40U/dmSJaj89vvx3QD+CgrjDt6kJjmr9J8P30XcFxkz3uJr/FHGp RW/p3cjS27FWARvW4YCsCOhwgEyrxti6/voNXZgUImLJiZwWU/tkGw6DbpN+DXmx rHEjckMbWH04NlopMOr7dlxUlVNpEvXMvV2oUCuI6v9V69F1FK5ZH1yGt1c0h/T8 8eKsQSqfRQht6Ah44L/y7GuJXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAJoJ8an Yvm2XXzus/8bwy5r19GgMB8GA1UdIwQYMBaAFGnnAbHzNCkjgOeruQHDQmMyxqpa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDRFQS82ODkwMzM5NjJC NDExMUU4ODQ1NzkzODdDNEY5QUUwMi9hZWNCc2ZNMEtTT0E1NnU1QWNOQ1l6TEdx bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FlY0JzZk0wS1NPQTU2dTVBY05DWXpMR3Fsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDRFQS82ODkwMzM5NjJCNDExMUU4ODQ1NzkzODdDNEY5QUUwMi9hZWNCc2ZNMEtT T0E1NnU1QWNOQ1l6TEdxbG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPPA4yVUN3mfAU3ZMzX3K2C8MzpNlmb20uCfd9tSnQ/6Ct0byMfRgs J/s/Aema7wGz2YfK7uNCyz4xoZym2BEqopvVzgFQcmmULQmbjLbkEOIzibZSDr+W yvp21u+bcmeOBU3lmLEj36alZaPchhj9bG83OOwHZn1bemw2GwNln1wfQw8fXUmF oHKebmw7aOD1HSZj/cA+X8VZEcYouOrPlaamggJlZM81IxFCJbi8qx4igV5CG5B1 b98G7VngDs4TburPNMgd+kD00ACzrwB8OQIqXuowxvaRsH2wnZ1rHe7dS+lP1cwm YAoqUFtgDDLlyxxgCbJHw5w5JHo5JrUN -----END CERTIFICATE-----Generated at Sat May 18 18:12:34 2024 by rpki-client on console-fra.rpki-client.org