$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: /upBJ9B2c4mXS6p1ESsssIidjLjY3Xp0IFHSpht36/c= Subject key identifier: E0:57:B6:3E:85:61:BD:E3:E1:B4:DF:4A:35:57:D3:B3:D5:B3:3D:DE Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 20DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 20AC Signing time: Sat 18 May 2024 16:17:56 +0000 Manifest this update: Sat 18 May 2024 16:17:56 +0000 Manifest next update: Sat 25 May 2024 16:17:55 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: 1yeFR+dP31fvjSDDDNfjYT2h1Ebc3Ps4PqiDEg1yLrg=) 2: 85DE87DC47AF11EEA0A5EB62C4F9AE02.roa (hash: rH2vNsfq5ersexmZDiVvwe39yhBGVAKGaeovnGkZbS0=) 3: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: uVlM8HNY3NDmZuTJ/98xK6ucMIdX8gkJyRYRKke/tSI=) 4: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: vStZnM9WCgxtVX8wfoyGf3Lbbte/JmkQGjn+i0zi598=) 5: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 1KNG804HJXbmuscPZGxeo+rIAhTe5LA9W6bCRM5ho8E=) 6: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: Tziz2C2qn61onOhQ/7eEcg4qDtF40KkoiHOBMO6jD30=) 7: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: sD/Lha1/h/4VymmtWUgMkaUP/2C8au09wbb4DSwjklc=) 8: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: cMZRax7yg+Jh41+iL95xVmrPzqbsdWq+nKamnxLnIZ8=) 9: 1C628A90671411EEA0040661C4F9AE02.roa (hash: 0N5bttIpbIcm1sEA9sXBrACSJP3bYLL7Dk0nt1z4P4c=) 10: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: oAhOsIRZKzn8oGm73RuC520wGrl8tzxqzdqMFZJePBc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8414 (0x20de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: May 18 16:17:56 2024 GMT Not After : May 25 16:17:55 2024 GMT Subject: CN=6648d4b4-62ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:49:08:ec:d5:e5:33:10:97:92:bb:83:d7:b7: 1c:5c:bb:29:e0:91:5e:d6:ab:bd:92:ad:1f:2c:15: b2:e6:5e:3a:6f:86:c3:ba:f6:e4:4e:22:00:bd:02: 2a:a5:d7:a5:0f:93:ee:3d:4d:16:70:bf:92:3a:8b: aa:78:ce:6f:a6:ad:c7:81:19:e9:7b:5c:18:fb:40: 3f:62:91:c3:1e:dd:ba:e2:a3:4c:99:1b:7f:6c:2e: d7:f8:5e:91:e2:4a:a4:82:32:70:12:17:62:fd:80: 55:06:57:c6:11:e5:56:78:96:3e:cb:5b:49:76:62: ca:de:a9:29:12:3f:3c:23:8d:c1:8c:ad:a7:7c:63: 30:6e:13:0c:33:d7:28:c2:8f:93:e3:e3:44:ed:3a: 51:7f:8a:96:d2:12:d3:2b:65:e0:53:f1:28:5c:93: d0:2c:0a:65:99:df:4a:4e:8c:f8:78:43:2f:85:9f: f0:62:61:e2:ab:5a:c5:a7:2e:d6:bd:78:1f:5a:54: 45:98:c5:09:e7:b3:50:1c:33:2c:8d:9c:c1:ed:10: 4d:81:b1:11:8a:b9:28:e2:3d:cd:d1:60:e8:84:84: 8d:ba:75:85:e4:a1:8d:37:09:57:ef:4a:3d:f0:01: ef:bc:72:10:27:9b:e3:4a:ae:91:02:20:20:28:c9: fe:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:57:B6:3E:85:61:BD:E3:E1:B4:DF:4A:35:57:D3:B3:D5:B3:3D:DE X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:9c:da:f9:48:5e:66:59:f9:7e:17:2c:0d:52:99:e1:f3:09: 23:b0:13:82:90:16:88:ac:1f:91:da:aa:62:b8:51:6d:61:d6: 62:1e:97:18:77:f4:1f:b0:76:20:e4:72:34:ab:c0:ed:aa:c3: 21:cd:c4:34:80:30:60:ea:ce:ec:f6:02:03:fe:d0:f5:ae:27: 88:4e:46:30:a9:47:48:ff:76:04:42:13:e0:e8:02:6a:aa:09: f9:ac:02:71:b0:5c:03:53:79:88:3f:ec:bc:4c:ad:23:d2:59: 1c:72:28:09:ff:51:ab:3f:c0:12:07:88:23:04:f2:5c:06:62: 02:36:cf:d6:8e:8c:2f:f6:af:20:d1:be:4e:38:5f:3d:06:f9: 44:60:c4:68:54:aa:77:e3:26:52:d1:15:d4:f3:75:2d:d7:52: 93:1b:7c:65:be:95:09:4e:51:ba:52:a3:24:44:c1:01:05:a7: 46:ae:34:bd:20:01:29:28:c2:fa:3a:b4:ac:61:c2:d5:1b:38: 09:83:a8:6c:18:9b:a1:85:fa:6a:6d:23:e7:c5:82:6b:c8:4a: 6a:45:41:a7:07:83:8e:6f:fd:15:6d:c0:c8:dc:8d:4f:d1:d2: 5f:0f:e3:84:c9:a0:ac:78:e9:00:57:49:b8:77:fa:8b:3c:f8: e3:53:0a:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjQwNTE4MTYxNzU2WhcNMjQwNTI1MTYxNzU1WjAYMRYwFAYD VQQDEw02NjQ4ZDRiNC02MmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyEkI7NXlMxCXkruD17ccXLsp4JFe1qu9kq0fLBWy5l46b4bDuvbkTiIAvQIq pdelD5PuPU0WcL+SOouqeM5vpq3HgRnpe1wY+0A/YpHDHt264qNMmRt/bC7X+F6R 4kqkgjJwEhdi/YBVBlfGEeVWeJY+y1tJdmLK3qkpEj88I43BjK2nfGMwbhMMM9co wo+T4+NE7TpRf4qW0hLTK2XgU/EoXJPQLAplmd9KToz4eEMvhZ/wYmHiq1rFpy7W vXgfWlRFmMUJ57NQHDMsjZzB7RBNgbERirko4j3N0WDohISNunWF5KGNNwlX70o9 8AHvvHIQJ5vjSq6RAiAgKMn+EQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOBXtj6F Yb3j4bTfSjVX07PVsz3eMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCnNr5SF5mWfl+FywNUpnh8wkjsBOCkBaIrB+R2qpiuFFtYdZiHpcY d/QfsHYg5HI0q8DtqsMhzcQ0gDBg6s7s9gID/tD1rieITkYwqUdI/3YEQhPg6AJq qgn5rAJxsFwDU3mIP+y8TK0j0lkccigJ/1GrP8ASB4gjBPJcBmICNs/Wjowv9q8g 0b5OOF89BvlEYMRoVKp34yZS0RXU83Ut11KTG3xlvpUJTlG6UqMkRMEBBadGrjS9 IAEpKML6OrSsYcLVGzgJg6hsGJuhhfpqbSPnxYJryEpqRUGnB4OOb/0VbcDI3I1P 0dJfD+OEyaCseOkAV0m4d/qLPPjjUwqc -----END CERTIFICATE-----Generated at Sat May 18 17:20:36 2024 by rpki-client on console-ams.rpki-client.org