$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: kuEfT/HWImkfTfzdBtVottdjMFjoKd+pBsoSZJddYls= Subject key identifier: 37:35:89:02:B8:63:49:8B:A6:0E:31:C8:F0:0A:59:AB:29:49:FF:CE Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 33CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 33C6 Signing time: Sat 18 May 2024 15:00:27 +0000 Manifest this update: Sat 18 May 2024 15:00:26 +0000 Manifest next update: Sat 25 May 2024 15:00:26 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: N2XTfhSfs5dtqwR1sg2T9K9nc4JqnnuD2XzVgyI0t+M=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: gBhtfDqbYf+6FfnwqEokkFBRyUrjeS3Q2Oprg2azRMM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13258 (0x33ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: May 18 15:00:26 2024 GMT Not After : May 25 15:00:26 2024 GMT Subject: CN=6648c28b-ecfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0e:00:d9:e9:8c:1a:91:ed:87:79:00:e7:e8: 2f:60:2b:21:b4:d3:1f:3d:a8:21:c7:3c:9c:a3:86: dd:67:cd:cf:45:01:57:96:fe:1b:c7:14:ce:3f:7b: 9b:86:d9:75:5c:8b:1b:67:dc:1d:06:ac:51:84:5c: ce:23:ca:04:7f:bf:47:7c:78:bc:84:c7:55:e6:bd: b3:51:63:2c:c6:be:93:e5:cd:a9:bf:85:05:c7:2a: 30:01:20:81:8a:f3:ae:4e:40:37:79:1b:6b:46:49: 56:fe:54:37:c6:32:7e:10:8b:6a:d6:48:b4:b7:fa: 94:40:ae:dc:97:52:79:6a:5c:51:e0:c8:05:c9:26: 6e:d0:59:d7:e8:6d:7a:73:24:2c:1e:bf:89:42:d1: 1a:0c:d9:45:d2:b4:39:3d:c1:a0:2d:6a:d7:5a:0d: 5d:c3:71:92:f8:ce:9f:19:ae:cf:51:b9:de:1b:8c: a0:7c:95:32:2f:ac:5c:44:b0:28:c5:fe:dd:0a:9c: 78:b7:ec:1c:0d:be:56:39:8f:bb:74:01:6c:b4:1d: f7:fd:47:48:50:b0:ea:ae:53:63:e8:f2:b3:6e:b0: 2e:ed:ff:95:97:04:3d:7a:22:ea:99:1d:6b:53:d9: d2:f1:9f:8f:5c:d8:56:f7:75:cc:23:04:61:b3:92: 8d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:35:89:02:B8:63:49:8B:A6:0E:31:C8:F0:0A:59:AB:29:49:FF:CE X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:6c:68:c2:a7:54:65:5c:55:79:91:48:ed:05:45:73:3f:a6: 92:08:02:37:94:f3:ab:64:86:6c:09:f3:28:39:3b:19:0a:45: 51:bd:1b:a8:36:fa:07:c2:b5:14:d5:b1:bb:72:1f:2f:1a:4c: ce:07:0f:39:45:9e:08:2e:41:23:97:46:f5:2c:fc:ce:e9:e4: 0d:68:c7:66:92:81:6e:ee:46:9a:fb:09:07:b8:e2:b5:23:74: 71:de:75:08:69:3f:24:9e:84:66:7f:82:6f:88:74:81:25:8c: 0b:ee:7a:3d:b5:3b:fa:c2:29:35:10:87:85:e8:82:7b:8d:05: 4f:d4:b3:2e:6d:06:3d:13:a6:37:0a:bc:ef:66:e5:fd:76:fe: b7:36:ed:2b:09:0d:70:9e:cf:84:01:2a:e5:e8:d9:c1:b2:d7: 64:a1:30:8a:67:b8:32:71:2a:23:6c:ec:b0:f3:52:f1:17:4e: 3d:11:28:87:33:64:a3:26:e1:46:c8:c2:b0:53:7c:6f:3e:c2: 3e:9b:bd:4d:37:dc:79:e7:1f:16:f9:2d:33:eb:c3:6e:9b:83: 4d:73:fa:29:71:56:e9:50:5d:9b:67:74:01:1f:1b:ac:ee:cd: 8d:70:a2:df:5a:2b:91:17:e5:94:6d:84:8e:b3:2f:61:eb:5c: 6b:cd:46:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjQwNTE4MTUwMDI2WhcNMjQwNTI1MTUwMDI2WjAYMRYwFAYD VQQDEw02NjQ4YzI4Yi1lY2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxA4A2emMGpHth3kA5+gvYCshtNMfPaghxzyco4bdZ83PRQFXlv4bxxTOP3ub htl1XIsbZ9wdBqxRhFzOI8oEf79HfHi8hMdV5r2zUWMsxr6T5c2pv4UFxyowASCB ivOuTkA3eRtrRklW/lQ3xjJ+EItq1ki0t/qUQK7cl1J5alxR4MgFySZu0FnX6G16 cyQsHr+JQtEaDNlF0rQ5PcGgLWrXWg1dw3GS+M6fGa7PUbneG4ygfJUyL6xcRLAo xf7dCpx4t+wcDb5WOY+7dAFstB33/UdIULDqrlNj6PKzbrAu7f+VlwQ9eiLqmR1r U9nS8Z+PXNhW93XMIwRhs5KNJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDc1iQK4 Y0mLpg4xyPAKWaspSf/OMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKbGjCp1RlXFV5kUjtBUVzP6aSCAI3lPOrZIZsCfMoOTsZCkVRvRuo NvoHwrUU1bG7ch8vGkzOBw85RZ4ILkEjl0b1LPzO6eQNaMdmkoFu7kaa+wkHuOK1 I3Rx3nUIaT8knoRmf4JviHSBJYwL7no9tTv6wik1EIeF6IJ7jQVP1LMubQY9E6Y3 CrzvZuX9dv63Nu0rCQ1wns+EASrl6NnBstdkoTCKZ7gycSojbOyw81LxF049ESiH M2SjJuFGyMKwU3xvPsI+m71NN9x55x8W+S0z68Num4NNc/opcVbpUF2bZ3QBHxus 7s2NcKLfWiuRF+WUbYSOsy9h61xrzUb5 -----END CERTIFICATE-----Generated at Sat May 18 15:58:27 2024 by rpki-client on console-ams.rpki-client.org