$ rpki-client -vvf rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft File: A4zy4oB33yytpFdW-12ZpuJA_Qk.mft (raw, json) Hash identifier: 1TDQEWdSOJFXzRrySep+Y/+hZc775jP5KiD0JpUM4/w= Subject key identifier: B8:BA:13:CE:FA:7A:F6:75:3F:9B:72:83:16:CE:7C:9D:80:45:B9:A7 Authority key identifier: 03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 Certificate issuer: /CN=A9112CEC/serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Certificate serial: 33C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft Manifest number: 33BF Signing time: Sat 04 May 2024 15:24:08 +0000 Manifest this update: Sat 04 May 2024 15:24:07 +0000 Manifest next update: Sat 11 May 2024 15:24:07 +0000 Files and hashes: 1: A4zy4oB33yytpFdW-12ZpuJA_Qk.crl (hash: e4nGa1g+Vz6EYez/1tTWTG7On1ukkA1s+76SBwHUz3w=) 2: 55A4C5C004AA11E8935B7021C4F9AE02.roa (hash: kLGnvctfxK1o6enisg6yXGklS8A8vSfR07CMbXiCzIk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 14:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13256 (0x33c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9112CEC/serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Validity Not Before: May 4 15:24:07 2024 GMT Not After : May 11 15:24:07 2024 GMT Subject: CN=66365318-97c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b2:c6:b4:08:2f:5a:cd:a1:fd:cc:9f:07:47: 99:1d:af:bd:5b:2d:77:35:72:51:e0:dd:95:b1:4f: fa:3c:d7:ec:42:87:73:50:14:63:11:07:f5:8e:c3: da:c1:3a:90:58:12:d8:e0:89:1f:9c:b2:fa:ba:1e: fd:ec:e4:f4:9e:e5:96:74:f2:ee:40:92:ae:88:ce: e5:a1:ea:9a:d8:47:7e:1f:39:ab:f9:8e:49:55:0d: 13:8f:1c:3b:c1:38:50:60:b5:ca:43:2d:47:fe:ad: ac:12:b7:2a:3e:70:39:73:ae:d3:54:e0:42:19:bf: f6:be:b2:0e:b0:90:66:f0:c7:f8:33:60:fa:77:ca: 6c:ea:cb:93:34:64:22:18:c7:36:ea:2e:1a:ed:bd: ea:6d:cf:57:49:91:0a:c9:55:30:9e:07:97:90:e1: 5b:88:d2:9d:a3:41:99:92:b9:d4:a8:e2:a8:ee:04: ca:c4:d0:cc:b7:e5:9c:0a:d9:4a:59:5b:85:c0:8e: 65:93:f0:33:6e:41:8a:c8:97:59:5e:a1:40:25:72: 16:e3:0f:f1:4d:03:49:04:1f:e2:c2:20:07:6d:7a: e9:3e:98:f2:e6:cd:11:0e:e8:fe:f5:ba:32:b6:21: c6:68:2a:7c:12:24:c9:8e:2f:b1:1a:25:00:ce:6e: 85:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:BA:13:CE:FA:7A:F6:75:3F:9B:72:83:16:CE:7C:9D:80:45:B9:A7 X509v3 Authority Key Identifier: keyid:03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:12:b4:88:76:aa:6a:76:d2:ea:6c:c6:f1:a5:76:62:47:40: 6d:7c:cb:f1:6d:93:df:bf:40:f6:4b:c8:bc:d4:3d:81:09:1c: 59:6e:7a:29:d3:2a:50:b7:9d:f4:7e:48:2e:5e:ed:df:fe:2d: 77:88:92:d8:82:cd:eb:1b:92:aa:32:0e:85:55:de:5a:36:5b: 60:16:bb:06:74:b7:6e:ff:6f:14:b5:9a:ed:39:e7:88:c0:ed: 4e:b9:46:0d:a0:d8:d6:10:17:4f:0b:07:af:22:d4:31:bb:7d: 49:69:66:15:6a:a5:83:d4:31:71:13:4b:bd:14:cc:37:d1:12: c3:82:85:73:d6:6d:07:27:fa:06:96:da:6a:cb:d7:b0:b5:3f: a8:70:0b:b0:cb:e9:16:0c:35:6b:0c:08:a5:ae:9c:66:c5:62: 7c:df:55:c6:c9:97:90:11:f6:d4:d0:28:f9:fd:30:49:7e:84: 69:7c:59:3c:71:ea:8f:85:d8:40:45:31:a7:f4:55:f0:15:26: ae:16:cd:e4:9f:b6:45:f6:cc:9c:6d:3f:f7:1b:c0:73:22:19: d1:ac:a3:0f:bd:3e:b9:d0:54:7a:a5:dd:59:d3:f6:bf:97:50: 62:55:ce:fb:ec:df:66:ef:b5:27:ef:88:2b:3b:df:a1:76:fc: dc:0c:bf:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM8gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTJDRUMxMTAvBgNVBAUTKDAzOENGMkUyODA3N0RGMkNBREE0NTc1NkZCNUQ5OUE2 RTI0MEZEMDkwHhcNMjQwNTA0MTUyNDA3WhcNMjQwNTExMTUyNDA3WjAYMRYwFAYD VQQDEw02NjM2NTMxOC05N2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyLLGtAgvWs2h/cyfB0eZHa+9Wy13NXJR4N2VsU/6PNfsQodzUBRjEQf1jsPa wTqQWBLY4IkfnLL6uh797OT0nuWWdPLuQJKuiM7loeqa2Ed+Hzmr+Y5JVQ0Tjxw7 wThQYLXKQy1H/q2sErcqPnA5c67TVOBCGb/2vrIOsJBm8Mf4M2D6d8ps6suTNGQi GMc26i4a7b3qbc9XSZEKyVUwngeXkOFbiNKdo0GZkrnUqOKo7gTKxNDMt+WcCtlK WVuFwI5lk/AzbkGKyJdZXqFAJXIW4w/xTQNJBB/iwiAHbXrpPpjy5s0RDuj+9boy tiHGaCp8EiTJji+xGiUAzm6FZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLi6E876 evZ1P5tygxbOfJ2ARbmnMB8GA1UdIwQYMBaAFAOM8uKAd98sraRXVvtdmabiQP0J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkNFQy9COEIwQzc4ODFE QTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5eXRwRmRXLTEyWnB1SkFf UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E0enk0b0IzM3l5dHBGZFctMTJacHVKQV9Ray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MkNFQy9COEIwQzc4ODFEQTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5 eXRwRmRXLTEyWnB1SkFfUWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwErSIdqpqdtLqbMbxpXZiR0BtfMvxbZPfv0D2S8i81D2BCRxZbnop 0ypQt530fkguXu3f/i13iJLYgs3rG5KqMg6FVd5aNltgFrsGdLdu/28UtZrtOeeI wO1OuUYNoNjWEBdPCwevItQxu31JaWYVaqWD1DFxE0u9FMw30RLDgoVz1m0HJ/oG ltpqy9ewtT+ocAuwy+kWDDVrDAilrpxmxWJ831XGyZeQEfbU0Cj5/TBJfoRpfFk8 ceqPhdhARTGn9FXwFSauFs3kn7ZF9sycbT/3G8BzIhnRrKMPvT650FR6pd1Z0/a/ l1BiVc777N9m77Un74grO9+hdvzcDL+X -----END CERTIFICATE-----Generated at Sat May 4 16:33:54 2024 by rpki-client on console-fra.rpki-client.org