$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft File: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft (raw, json) Hash identifier: uMtsQefqqZEpOuPiHokOrQcxwzKdQMdgeSNWKDm6bgE= Subject key identifier: C8:BB:36:72:A2:59:77:37:18:04:90:A6:96:4C:13:23:2E:15:B4:17 Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Certificate serial: 09EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft Manifest number: 0952 Signing time: Thu 02 May 2024 21:29:38 +0000 Manifest this update: Thu 02 May 2024 21:29:37 +0000 Manifest next update: Thu 09 May 2024 21:29:37 +0000 Files and hashes: 1: Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl (hash: F4pJ2gdCjzj79nDr4U2MmuA2mOjAxDPLwGMz/BX9rsI=) 2: C3E2252E205F11EE8117111CC4F9AE02.roa (hash: 9bnCggl0fvzfuGxXiZ3dUvooNgJDnt9ZmP/W7MKEPCY=) 3: 8626FFC65AE511EBA452D33EC4F9AE02.roa (hash: hKx/w/S039humUk4iHQL5u0Z8G8XH5zp8Qok64O9/Es=) 4: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (hash: imQI59DVhgLieNmEpbCajiVFxlcjtCyGh3DF40cezqI=) 5: 84023C06D24611EABDDF5344C4F9AE02.roa (hash: u9pUuFckbA0lalpdZimCBaZQxyWHNXXozEpb+d8oil4=) 6: 553170245AC511EBA052F663C4F9AE02.roa (hash: QGnpgaIGy5AOir91I7lncP9FpImJiqaLPZ1wopdnD1I=) 7: 61EFB2ACAC3611EDA5995F3FC4F9AE02.roa (hash: QTFQxSGbHvXz5vkvFn+KK94bpSwxQ7fT3LT2GWe203M=) 8: DCF88EAE5ED811EBAB677671C4F9AE02.roa (hash: oO02yNbnDa4fMcN9qWc6Kj7arsuZ0bSU/AyW3pIl50M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 21:27:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2543 (0x9ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6 Validity Not Before: May 2 21:29:37 2024 GMT Not After : May 9 21:29:37 2024 GMT Subject: CN=663405c2-841d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1a:33:30:17:c2:dc:5f:4d:69:4d:5c:02:a6: 2e:51:e8:55:b1:b9:50:e4:80:38:0b:16:9e:d7:38: 5d:eb:a9:4e:6b:b1:8f:90:b8:7d:11:d1:fa:5e:73: 5e:ac:cf:26:5e:3a:4e:7a:f1:c7:99:e5:dd:28:43: 31:33:3a:bd:fd:ac:95:8f:ab:cb:1f:ce:7d:06:73: ac:67:3e:03:b6:51:c3:f0:0f:ee:53:37:8b:78:40: b7:15:b5:38:d9:3d:e9:e5:58:11:80:b7:fa:77:ef: ea:fb:ca:6d:d4:19:4e:7f:13:52:9c:46:34:ce:3f: 39:b9:fe:3c:dc:61:36:56:4b:65:c6:b9:f2:cc:95: ba:be:82:59:a9:1f:77:bc:c6:fd:4b:82:9e:63:96: f4:be:a3:3b:9c:34:a6:8d:1b:c6:f4:c2:94:03:9d: 29:3b:18:6a:c2:5a:b3:6e:88:73:e8:a7:56:76:20: 5b:8f:92:49:fa:2a:3a:6b:64:54:21:7b:db:69:f7: cf:13:4d:6e:54:65:85:f1:84:78:59:e2:08:5a:f3: 7e:6e:b0:e0:d6:ef:fd:70:ea:d7:a6:b8:03:f0:03: 2b:6e:ac:03:cc:7e:fb:26:c4:78:a3:34:e5:15:ee: fc:f2:6e:75:93:9f:ce:8b:77:1d:ea:f9:c7:8b:44: da:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:BB:36:72:A2:59:77:37:18:04:90:A6:96:4C:13:23:2E:15:B4:17 X509v3 Authority Key Identifier: keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cf:24:d7:25:24:04:dd:60:b4:2f:4f:0f:f2:38:ae:b1:aa:13: 80:de:fa:f8:97:2c:54:d7:13:d5:71:15:45:92:2e:4d:d4:bd: 68:5e:f1:74:9a:92:23:7f:c7:06:d5:11:95:a2:2a:9d:3a:4b: ff:88:40:2f:73:77:10:13:71:79:77:93:ec:a8:9c:7d:8b:b8: 89:1f:d6:39:51:69:c5:44:bb:99:8d:02:ec:0e:4e:9a:d2:63: 1d:db:61:c9:15:d0:a2:10:da:eb:d5:1b:ce:f5:0f:f3:15:29: 53:ad:92:72:65:63:1a:0c:2b:aa:bc:c9:e9:00:8c:5a:b4:4d: 90:3b:41:6b:e9:20:7c:1f:0e:8d:a6:c0:3d:16:ef:7b:87:0e: 97:c7:53:a0:be:4b:ac:ab:78:cd:74:96:81:fc:74:36:0c:0f: c2:ef:9c:33:2c:8c:d0:09:0a:fc:c8:b9:e5:69:29:4b:d1:64: e3:f4:26:75:c3:39:6b:f3:43:91:b2:c2:e1:71:46:da:ca:5e: 87:5b:be:7f:25:38:9e:31:4f:bd:04:d7:0b:b7:74:10:c4:18: 19:b4:46:d6:54:5f:09:d2:22:f5:a7:07:cc:58:3d:88:7c:c7: f1:cc:72:6e:d8:46:b2:bd:05:b7:6f:79:02:d2:2e:cc:39:2b: a8:36:f4:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE NTQ0QTYyQTYwHhcNMjQwNTAyMjEyOTM3WhcNMjQwNTA5MjEyOTM3WjAYMRYwFAYD VQQDEw02NjM0MDVjMi04NDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxozMBfC3F9NaU1cAqYuUehVsblQ5IA4Cxae1zhd66lOa7GPkLh9EdH6XnNe rM8mXjpOevHHmeXdKEMxMzq9/ayVj6vLH859BnOsZz4DtlHD8A/uUzeLeEC3FbU4 2T3p5VgRgLf6d+/q+8pt1BlOfxNSnEY0zj85uf483GE2VktlxrnyzJW6voJZqR93 vMb9S4KeY5b0vqM7nDSmjRvG9MKUA50pOxhqwlqzbohz6KdWdiBbj5JJ+io6a2RU IXvbaffPE01uVGWF8YR4WeIIWvN+brDg1u/9cOrXprgD8AMrbqwDzH77JsR4ozTl Fe788m51k5/Oi3cd6vnHi0TaUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMi7NnKi WXc3GASQppZMEyMuFbQXMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1 MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NjQ3Qy80MzdDQzQwNjg1MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhL ZEJ4cUpKM0FGYWJWUktZcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDPJNclJATdYLQvTw/yOK6xqhOA3vr4lyxU1xPVcRVFki5N1L1oXvF0 mpIjf8cG1RGVoiqdOkv/iEAvc3cQE3F5d5PsqJx9i7iJH9Y5UWnFRLuZjQLsDk6a 0mMd22HJFdCiENrr1RvO9Q/zFSlTrZJyZWMaDCuqvMnpAIxatE2QO0Fr6SB8Hw6N psA9Fu97hw6Xx1Ogvkusq3jNdJaB/HQ2DA/C75wzLIzQCQr8yLnlaSlL0WTj9CZ1 wzlr80ORssLhcUbayl6HW75/JTieMU+9BNcLt3QQxBgZtEbWVF8J0iL1pwfMWD2I fMfxzHJu2EayvQW3b3kC0i7MOSuoNvQ0 -----END CERTIFICATE-----Generated at Thu May 2 22:28:47 2024 by rpki-client on console-ams.rpki-client.org