$ rpki-client -vvf rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft File: thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft (raw, json) Hash identifier: braSohifp8LCXUtFERseXTN3mxeicRXPqO7KkJBaQNQ= Subject key identifier: 89:0F:A2:8F:68:E2:32:32:6A:D1:78:26:42:46:8D:F9:22:B1:46:78 Authority key identifier: B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 Certificate issuer: /CN=A9118B32/serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Certificate serial: 02D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft Manifest number: 02D4 Signing time: Sun 05 May 2024 03:31:45 +0000 Manifest this update: Sun 05 May 2024 03:31:44 +0000 Manifest next update: Sun 12 May 2024 03:31:44 +0000 Files and hashes: 1: thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl (hash: /NvIJczZEh7nuaF/VnnYw4ayFV+XP4BGn8n4FFpVeUY=) 2: 0F291AFE9D2811EC83448E6FC4F9AE02.roa (hash: guTq71O2LSxBtq9wp1j3np+TPnuYZq23yDrd9yyvAgk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 02:50:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 728 (0x2d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118B32/serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Validity Not Before: May 5 03:31:44 2024 GMT Not After : May 12 03:31:44 2024 GMT Subject: CN=6636fda1-d17d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e6:8b:a6:ed:37:21:94:d3:74:e0:d7:79:46: ba:1a:ae:44:31:e4:05:b7:47:ef:f8:a2:f9:6f:9e: 32:86:7c:be:4e:a9:82:a9:1b:c6:c9:39:e2:7a:07: 1b:0f:6a:f2:25:1d:0c:94:67:19:19:5c:69:2f:20: 15:65:50:fa:cb:7c:3f:07:f5:1b:34:c3:27:ce:31: bd:e6:5b:d0:96:59:be:bf:eb:b0:3d:7b:e5:ea:93: 57:ec:bb:46:2d:93:da:75:6b:a6:3c:1a:ef:6a:e3: e6:20:fd:8c:df:5b:18:ea:d4:3c:ad:8f:14:23:03: f3:00:f6:30:3f:92:b3:ce:bc:b8:4b:08:64:05:6a: 74:74:fb:40:a3:48:40:eb:89:ba:65:97:0f:5f:71: 4c:cc:59:c5:08:73:7f:17:a6:3c:02:f8:6a:13:74: 25:35:34:63:60:08:7b:ce:81:d2:de:32:14:7e:26: 14:86:84:69:a0:d9:3b:ec:70:40:e6:19:53:01:26: 51:49:f5:e4:c7:ad:a5:ba:c4:0e:68:21:c1:1a:0f: 01:da:7e:e8:f9:52:58:48:8d:44:b0:29:7d:ec:8f: 0d:bd:9e:a8:52:80:d5:17:ed:21:c3:fc:6a:4c:6e: 00:04:e8:db:5a:57:f8:74:68:8d:88:3a:e0:ff:93: cf:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:0F:A2:8F:68:E2:32:32:6A:D1:78:26:42:46:8D:F9:22:B1:46:78 X509v3 Authority Key Identifier: keyid:B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:3a:6e:39:d9:f5:d3:fa:5d:b2:ac:fa:53:90:63:de:5b:88: d1:74:38:ad:4c:73:76:3a:27:c7:1b:80:e6:82:bb:4c:82:a9: 5a:51:cb:4d:c2:5b:79:3b:66:96:f6:c5:8f:3d:5b:dc:b2:48: a7:0b:2b:84:08:c1:c5:c2:c6:05:da:73:f7:65:27:cf:6a:1d: 33:4a:74:4d:d4:24:bb:a8:9e:cc:20:97:3f:21:4c:e7:49:bf: 05:b2:c3:0c:4f:31:3d:53:49:be:c9:0f:f0:6a:f9:d3:3c:b8: d2:64:48:57:64:ee:36:9f:f6:3c:d3:80:55:ae:bc:0e:60:1e: 25:0c:bd:3b:65:1f:7f:f8:5a:4a:e5:0a:f9:01:25:c8:1f:67: 74:6b:ef:68:7e:68:6f:d6:59:b4:55:0b:0a:5d:45:d6:38:2d: d0:1d:a2:6a:0a:75:77:35:d9:d2:fb:67:1e:8d:d2:2a:48:7b: a6:5f:62:ef:02:02:af:4b:c9:1a:5c:2d:c0:5e:e4:26:d6:21: f7:b1:d1:99:78:b5:25:01:4e:29:8c:41:0b:0c:d0:96:0b:eb: b1:97:f8:c3:8d:cc:71:ec:ce:e9:2e:ab:e2:39:06:1d:2b:d5: 3c:ab:5b:0b:cf:9d:89:62:ee:b7:f5:2e:58:b8:a3:f0:6a:b9: 28:cd:ac:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThCMzIxMTAvBgNVBAUTKEI2MTEwM0E1QzlDQzYwRUFEMTg4QTJGOUZEMTFFNjNE NTIzM0Q5OTUwHhcNMjQwNTA1MDMzMTQ0WhcNMjQwNTEyMDMzMTQ0WjAYMRYwFAYD VQQDEw02NjM2ZmRhMS1kMTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApuaLpu03IZTTdODXeUa6Gq5EMeQFt0fv+KL5b54yhny+TqmCqRvGyTniegcb D2ryJR0MlGcZGVxpLyAVZVD6y3w/B/UbNMMnzjG95lvQllm+v+uwPXvl6pNX7LtG LZPadWumPBrvauPmIP2M31sY6tQ8rY8UIwPzAPYwP5Kzzry4SwhkBWp0dPtAo0hA 64m6ZZcPX3FMzFnFCHN/F6Y8AvhqE3QlNTRjYAh7zoHS3jIUfiYUhoRpoNk77HBA 5hlTASZRSfXkx62lusQOaCHBGg8B2n7o+VJYSI1EsCl97I8NvZ6oUoDVF+0hw/xq TG4ABOjbWlf4dGiNiDrg/5PPPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIkPoo9o 4jIyatF4JkJGjfkisUZ4MB8GA1UdIwQYMBaAFLYRA6XJzGDq0Yii+f0R5j1SM9mV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEIzMi9GRjc3MUJCQzlE MjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlPclJpS0w1X1JIbVBWSXoy WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RoRURwY25NWU9yUmlLTDVfUkhtUFZJejJaVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEIzMi9GRjc3MUJCQzlEMjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlP clJpS0w1X1JIbVBWSXoyWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASOm452fXT+l2yrPpTkGPeW4jRdDitTHN2OifHG4DmgrtMgqlaUctN wlt5O2aW9sWPPVvcskinCyuECMHFwsYF2nP3ZSfPah0zSnRN1CS7qJ7MIJc/IUzn Sb8FssMMTzE9U0m+yQ/wavnTPLjSZEhXZO42n/Y804BVrrwOYB4lDL07ZR9/+FpK 5Qr5ASXIH2d0a+9ofmhv1lm0VQsKXUXWOC3QHaJqCnV3NdnS+2cejdIqSHumX2Lv AgKvS8kaXC3AXuQm1iH3sdGZeLUlAU4pjEELDNCWC+uxl/jDjcxx7M7pLqviOQYd K9U8q1sLz52JYu639S5YuKPwarkozawB -----END CERTIFICATE-----Generated at Sun May 5 04:39:57 2024 by rpki-client on console-ams.rpki-client.org