$ rpki-client -vvf rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.mft File: 0pm8o5yZPbgNETe5mbIhhGrPVWs.mft (raw, json) Hash identifier: cgdNiAFCi4WY+01LiMYUszaZm5IMzy2PbVIs3P0ZwAw= Subject key identifier: 99:CF:81:38:38:52:FD:43:7E:68:23:C2:8F:16:25:66:73:73:26:49 Authority key identifier: D2:99:BC:A3:9C:99:3D:B8:0D:11:37:B9:99:B2:21:84:6A:CF:55:6B Certificate issuer: /CN=A9115C2E/serialNumber=D299BCA39C993DB80D1137B999B221846ACF556B Certificate serial: 040A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0pm8o5yZPbgNETe5mbIhhGrPVWs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.mft Manifest number: 0405 Signing time: Sat 04 May 2024 21:28:11 +0000 Manifest this update: Sat 04 May 2024 21:28:11 +0000 Manifest next update: Sat 11 May 2024 21:28:11 +0000 Files and hashes: 1: 0pm8o5yZPbgNETe5mbIhhGrPVWs.crl (hash: c9GflRoqrN8f8DpWABCu1B/soB29ji+D7+1Jew7YfZ4=) 2: F490AE2431D811ECA3C4CE3EC4F9AE02.roa (hash: GNe1dYVb0FXMLRJYiYZC+2IVLRAXBrZcFwZEBywqRfM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.crl rsync://rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0pm8o5yZPbgNETe5mbIhhGrPVWs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 21:20:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1034 (0x40a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9115C2E/serialNumber=D299BCA39C993DB80D1137B999B221846ACF556B Validity Not Before: May 4 21:28:11 2024 GMT Not After : May 11 21:28:11 2024 GMT Subject: CN=6636a86b-b6ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2b:c2:da:71:29:dd:29:a4:c0:17:de:cb:f0: 59:65:cd:92:93:89:bd:c6:b3:48:33:d2:b0:07:ab: 29:e3:c5:d2:80:45:e5:a1:84:30:33:1b:6b:cb:cf: 09:b2:7c:d7:48:d0:12:4c:02:e0:fe:34:fb:93:78: d1:9c:95:2e:93:39:91:3b:bf:61:42:b0:ab:84:46: 84:af:b2:16:0a:5c:13:d3:ff:ac:17:cf:06:2c:f9: 45:d0:e6:95:bb:b5:cd:1a:0f:94:f1:4f:74:b2:49: 34:50:28:4b:a5:bd:4c:ac:68:b0:4c:08:ce:fd:7c: 29:ec:74:3d:15:67:b0:dc:0e:ab:da:f3:34:25:5a: 67:86:20:ee:65:ad:66:70:d5:36:29:52:92:42:28: 38:ff:a0:1a:55:df:0a:e5:c7:d2:df:e1:f2:1a:f7: bc:2e:a2:48:38:cc:33:a3:ab:3d:ec:32:b5:57:d1: d3:d6:d2:c7:78:d3:32:ab:97:05:1c:a7:25:6c:19: fd:2a:3f:3f:20:7c:c1:5c:2c:76:2f:b5:86:b7:0e: 7c:b7:02:55:3d:ba:bf:b9:09:60:8d:66:16:2f:0a: cb:dc:28:e6:b2:04:c7:f3:13:e6:6a:4b:3c:9d:e1: f8:86:68:77:d6:a3:de:6f:57:5e:cd:49:c6:27:3c: f0:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:CF:81:38:38:52:FD:43:7E:68:23:C2:8F:16:25:66:73:73:26:49 X509v3 Authority Key Identifier: keyid:D2:99:BC:A3:9C:99:3D:B8:0D:11:37:B9:99:B2:21:84:6A:CF:55:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0pm8o5yZPbgNETe5mbIhhGrPVWs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/9527E6B4268E11EC8ED0BA6EC4F9AE02/0pm8o5yZPbgNETe5mbIhhGrPVWs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:d6:26:83:1c:63:b6:39:2f:da:04:6b:69:1c:2d:72:99:90: 1d:1c:f8:d1:79:34:8c:a0:1b:2e:c3:55:99:bb:c8:29:bc:7a: d9:be:60:6a:2d:9c:bd:4e:5c:3d:a4:be:86:9a:de:86:44:a3: 99:72:3c:77:c8:75:0a:20:78:d8:d8:b9:c9:dd:b3:fa:b3:bc: d6:4c:e5:4f:d6:18:e9:1b:e2:5d:bc:81:1e:52:8e:b7:4a:63: b2:71:56:7e:d1:9a:04:05:7b:0d:82:10:2a:a1:0a:28:1a:73: 25:eb:05:51:bf:7d:c7:11:de:fe:09:aa:43:c9:1a:c7:af:2b: 1a:e4:db:d4:af:b8:0b:e6:7c:cc:83:00:5b:a2:48:1d:bd:04: e0:69:4f:84:97:50:d5:df:10:a9:ab:c8:13:33:42:5c:e3:4b: ac:7e:35:6d:63:e7:03:a0:9d:83:8f:6e:75:fc:02:a7:9e:b2: da:e9:30:30:29:c2:88:e7:27:5b:61:83:0b:79:c3:aa:af:d3: 1b:37:82:ca:8a:c1:35:4a:b2:47:a4:90:8c:b2:90:43:8c:69: 96:d3:71:2b:80:1b:88:7c:87:d6:9b:90:61:e2:98:d4:32:b2: fd:5e:34:d5:01:1b:33:4d:e8:d4:91:27:7a:67:4b:2b:ec:0c: 86:42:b1:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBAowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTVDMkUxMTAvBgNVBAUTKEQyOTlCQ0EzOUM5OTNEQjgwRDExMzdCOTk5QjIyMTg0 NkFDRjU1NkIwHhcNMjQwNTA0MjEyODExWhcNMjQwNTExMjEyODExWjAYMRYwFAYD VQQDEw02NjM2YTg2Yi1iNmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqSvC2nEp3SmkwBfey/BZZc2Sk4m9xrNIM9KwB6sp48XSgEXloYQwMxtry88J snzXSNASTALg/jT7k3jRnJUukzmRO79hQrCrhEaEr7IWClwT0/+sF88GLPlF0OaV u7XNGg+U8U90skk0UChLpb1MrGiwTAjO/Xwp7HQ9FWew3A6r2vM0JVpnhiDuZa1m cNU2KVKSQig4/6AaVd8K5cfS3+HyGve8LqJIOMwzo6s97DK1V9HT1tLHeNMyq5cF HKclbBn9Kj8/IHzBXCx2L7WGtw58twJVPbq/uQlgjWYWLwrL3CjmsgTH8xPmaks8 neH4hmh31qPeb1dezUnGJzzwswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJnPgTg4 Uv1Dfmgjwo8WJWZzcyZJMB8GA1UdIwQYMBaAFNKZvKOcmT24DRE3uZmyIYRqz1Vr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUMyRS85NTI3RTZCNDI2 OEUxMUVDOEVEMEJBNkVDNEY5QUUwMi8wcG04bzV5WlBiZ05FVGU1bWJJaGhHclBW V3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzBwbThvNXlaUGJnTkVUZTVtYkloaEdyUFZXcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NUMyRS85NTI3RTZCNDI2OEUxMUVDOEVEMEJBNkVDNEY5QUUwMi8wcG04bzV5WlBi Z05FVGU1bWJJaGhHclBWV3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAX1iaDHGO2OS/aBGtpHC1ymZAdHPjReTSMoBsuw1WZu8gpvHrZvmBq LZy9Tlw9pL6Gmt6GRKOZcjx3yHUKIHjY2LnJ3bP6s7zWTOVP1hjpG+JdvIEeUo63 SmOycVZ+0ZoEBXsNghAqoQooGnMl6wVRv33HEd7+CapDyRrHrysa5NvUr7gL5nzM gwBbokgdvQTgaU+El1DV3xCpq8gTM0Jc40usfjVtY+cDoJ2Dj251/AKnnrLa6TAw KcKI5ydbYYMLecOqr9MbN4LKisE1SrJHpJCMspBDjGmW03ErgBuIfIfWm5Bh4pjU MrL9XjTVARszTejUkSd6Z0sr7AyGQrEC -----END CERTIFICATE-----Generated at Sat May 4 22:06:51 2024 by rpki-client on console-ams.rpki-client.org