$ rpki-client -vvf rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft File: 3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft (raw, json) Hash identifier: iwxmehPsbBAV9ZqKhZkbbUuS9THgE/oE1NK/r8q8y+Y= Subject key identifier: 3A:B3:B2:19:FC:81:68:B3:07:09:10:BA:AE:49:DE:40:12:B0:7B:6E Authority key identifier: DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5 Certificate issuer: /CN=A911035A/serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5 Certificate serial: 0922 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft Manifest number: 091A Signing time: Sat 04 May 2024 21:23:25 +0000 Manifest this update: Sat 04 May 2024 21:23:24 +0000 Manifest next update: Sat 11 May 2024 21:23:24 +0000 Files and hashes: 1: 3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl (hash: Rom1bGkhMcFvQFWBRQ+OBOjo+ZY5EIhuRRnBPROnx+0=) 2: 5B57754A026F11EDBE22EF64C4F9AE02.roa (hash: 1HFLFVcOO0LUQO4rRQ5Ol/sMGSHPJCO5RT00EtcBsvU=) 3: 5A472FBA026F11EDBE22EF64C4F9AE02.roa (hash: 7Agv1/JySUrEu/AR9TTNeoR37zqqidCo+E0dFtw8QQ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 21:20:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2338 (0x922) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911035A/serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5 Validity Not Before: May 4 21:23:24 2024 GMT Not After : May 11 21:23:24 2024 GMT Subject: CN=6636a74c-a13f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:92:f9:bf:4b:df:90:c6:dd:6d:42:c6:20:6a: ce:7c:53:61:37:a1:12:7e:8c:56:28:82:ec:43:9b: 2d:83:e2:36:73:90:c1:f1:e3:0a:26:08:97:de:19: 4b:f5:02:32:c7:d7:2f:17:4d:35:be:67:5f:69:6d: ee:ea:ea:4d:82:43:7f:ad:77:34:d2:07:67:10:6d: cc:ba:f8:75:47:e6:d6:dd:7b:95:27:44:5a:85:09: f2:e0:9f:de:d0:14:c4:1e:be:70:e0:25:af:13:d8: 21:fd:13:7c:2d:51:f1:0c:19:23:bd:72:07:1c:89: cc:69:ec:a0:e8:79:1f:04:b6:e0:2f:28:71:b9:ca: 26:fe:4d:61:c3:a2:2c:55:a4:c5:25:26:fd:35:eb: 49:0a:e9:cb:2e:6c:27:83:c7:5e:b0:31:ae:eb:41: 66:62:b0:79:66:1d:75:61:62:33:56:19:ec:b5:1b: 68:65:ab:2e:0c:3c:45:60:9a:e6:50:f6:2a:96:2c: ee:dc:b4:9d:d5:7f:25:0c:71:cb:2e:b3:65:13:b8: 59:7f:2f:6e:88:68:a4:ef:21:83:1a:c6:05:ce:17: db:57:43:61:e8:41:bb:45:5a:db:8d:5b:97:b5:cc: 43:56:50:73:a4:dc:20:8c:c8:5f:bc:7a:04:74:d2: b9:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B3:B2:19:FC:81:68:B3:07:09:10:BA:AE:49:DE:40:12:B0:7B:6E X509v3 Authority Key Identifier: keyid:DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:e3:5d:b3:4c:d8:2f:b0:db:bb:be:91:85:9f:0d:9e:86:7a: 1b:44:d9:6a:be:89:8d:3e:fb:06:b6:a7:c1:f4:02:9b:b4:81: 4d:ce:b5:10:6d:5e:92:eb:1b:a7:30:c1:ca:e8:e3:09:5d:f1: 69:a7:94:0f:cc:61:ba:86:87:f7:13:a0:7b:06:f1:33:23:cf: f2:ba:85:9f:37:6e:f5:0c:4e:ed:ac:cd:5b:4f:23:57:a8:74: 47:50:a4:ef:ac:5f:d2:92:91:2b:da:d2:04:17:e0:db:78:94: 65:9e:28:2c:db:99:c4:8b:6e:0d:89:76:97:dd:a9:23:11:08: f4:2f:42:a2:f7:75:54:42:f4:07:90:89:97:71:5c:07:ca:a0: d7:3a:f6:9a:08:9e:dc:39:a1:da:a0:d4:38:21:a3:0f:0e:0d: 8b:7e:95:0f:2c:cc:af:d6:c8:18:ce:0e:b5:61:86:6b:f1:cf: 39:8a:33:1c:3e:18:c0:b4:ea:1a:62:c9:53:63:86:09:7f:d8: a2:84:ea:fe:5e:ba:04:ad:e1:42:b9:77:63:c4:f4:0c:03:0e: 6c:d9:74:64:ff:13:81:5f:38:7f:f1:6b:f5:ac:10:7d:fe:db: 3c:f5:10:46:64:f4:7a:7c:70:35:ae:3c:ce:49:69:74:e8:1d: 2a:4b:0b:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCSIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTAzNUExMTAvBgNVBAUTKERDNjIyMDA4QThBMUFENDJCRTJBMjU0OTQzNDkxQUZB QTg0NTQ5QTUwHhcNMjQwNTA0MjEyMzI0WhcNMjQwNTExMjEyMzI0WjAYMRYwFAYD VQQDEw02NjM2YTc0Yy1hMTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZL5v0vfkMbdbULGIGrOfFNhN6ESfoxWKILsQ5stg+I2c5DB8eMKJgiX3hlL 9QIyx9cvF001vmdfaW3u6upNgkN/rXc00gdnEG3Muvh1R+bW3XuVJ0RahQny4J/e 0BTEHr5w4CWvE9gh/RN8LVHxDBkjvXIHHInMaeyg6HkfBLbgLyhxucom/k1hw6Is VaTFJSb9NetJCunLLmwng8desDGu60FmYrB5Zh11YWIzVhnstRtoZasuDDxFYJrm UPYqlizu3LSd1X8lDHHLLrNlE7hZfy9uiGik7yGDGsYFzhfbV0Nh6EG7RVrbjVuX tcxDVlBzpNwgjMhfvHoEdNK5+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDqzshn8 gWizBwkQuq5J3kASsHtuMB8GA1UdIwQYMBaAFNxiIAiooa1CviolSUNJGvqoRUml MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMDM1QS8zQzYwOUI0NDdD NjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJVSy1LaVZKUTBrYS1xaEZT YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNHSWdDS2loclVLLUtpVkpRMGthLXFoRlNhVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MDM1QS8zQzYwOUI0NDdDNjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJV Sy1LaVZKUTBrYS1xaEZTYVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCS412zTNgvsNu7vpGFnw2ehnobRNlqvomNPvsGtqfB9AKbtIFNzrUQ bV6S6xunMMHK6OMJXfFpp5QPzGG6hof3E6B7BvEzI8/yuoWfN271DE7trM1bTyNX qHRHUKTvrF/SkpEr2tIEF+DbeJRlnigs25nEi24NiXaX3akjEQj0L0Ki93VUQvQH kImXcVwHyqDXOvaaCJ7cOaHaoNQ4IaMPDg2LfpUPLMyv1sgYzg61YYZr8c85ijMc PhjAtOoaYslTY4YJf9iihOr+XroEreFCuXdjxPQMAw5s2XRk/xOBXzh/8Wv1rBB9 /ts89RBGZPR6fHA1rjzOSWl06B0qSwub -----END CERTIFICATE-----Generated at Sun May 5 00:12:19 2024 by rpki-client on console-fra.rpki-client.org