$ rpki-client -vvf rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft File: 2CIvXKRzliJE_BNBFXEOvtXjlWA.mft (raw, json) Hash identifier: ZV7mQNM2el6LB4hoGD4AVh+7FFuzO83GQTtsz3DOVkg= Subject key identifier: 31:5C:05:D6:D4:1E:13:34:0B:2D:45:70:C9:F2:D4:BC:C1:BB:C9:17 Authority key identifier: D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 Certificate issuer: /CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Certificate serial: 0B40 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft Manifest number: 0B3B Signing time: Thu 02 May 2024 18:57:56 +0000 Manifest this update: Thu 02 May 2024 18:57:55 +0000 Manifest next update: Thu 09 May 2024 18:57:55 +0000 Files and hashes: 1: 2CIvXKRzliJE_BNBFXEOvtXjlWA.crl (hash: kO2C0XzJAEd4U2/3nqefWt8kMKl8pPmmUq+1DAjie6U=) 2: A4049C06213E11EAAA89A95DC4F9AE02.roa (hash: XqNcL9YfvPxJbDsy1jbRzM9OJH/0mTt3c6WrfOsRgVU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 18:55:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2880 (0xb40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119624/serialNumber=D8222F5CA473962244FC134115710EBED5E39560 Validity Not Before: May 2 18:57:55 2024 GMT Not After : May 9 18:57:55 2024 GMT Subject: CN=6633e234-1529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c3:7e:f0:fe:de:15:2f:e3:3c:65:39:4f:9f: 28:e2:39:d4:0b:15:77:36:1f:e6:b5:62:08:be:5f: 26:92:7b:f8:cf:67:b6:87:50:a8:9e:ed:2c:74:09: fb:e7:5d:01:8b:9a:36:36:e2:6c:a9:7b:57:62:a4: dc:1b:f6:01:31:fe:44:8d:7b:63:e2:cb:a0:6d:64: 62:39:62:3d:5f:fb:0d:a4:0a:d6:98:91:46:c8:41: f3:70:a8:79:76:a3:22:81:4e:91:a7:7b:27:2f:7e: e3:23:4f:d5:81:e0:04:46:00:cd:69:f8:b9:ca:bf: 67:66:a4:00:52:3c:55:43:07:23:4b:df:7e:0b:41: a2:7c:64:fb:18:13:f4:65:23:dd:7d:0d:36:5d:39: 6e:04:8f:b1:5b:f5:f8:f0:74:f2:57:45:47:60:bf: 7e:8f:1e:c3:2a:06:10:0d:81:2c:90:88:2e:88:99: d0:e5:6b:51:ef:66:18:43:d1:45:f9:2d:db:de:fa: 50:b4:d8:f6:4a:db:21:e6:33:dd:ad:f1:aa:f6:3a: d5:14:5e:b7:ae:c1:06:9e:3f:d5:ef:9d:be:1f:48: 58:3f:c2:24:6e:68:72:4a:89:6b:91:06:3e:da:03: eb:1e:d0:eb:35:49:e2:81:e1:42:bf:c5:a0:88:05: 8f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:5C:05:D6:D4:1E:13:34:0B:2D:45:70:C9:F2:D4:BC:C1:BB:C9:17 X509v3 Authority Key Identifier: keyid:D8:22:2F:5C:A4:73:96:22:44:FC:13:41:15:71:0E:BE:D5:E3:95:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2CIvXKRzliJE_BNBFXEOvtXjlWA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119624/C694823610E011EA9BD1A55DC4F9AE02/2CIvXKRzliJE_BNBFXEOvtXjlWA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:7b:f4:e5:36:90:6f:1a:b0:ea:e7:d3:ca:7a:42:c7:25:0c: 26:90:11:2f:0c:d7:2b:07:73:3a:b1:f5:7b:ed:8c:94:aa:35: 4a:51:9e:79:a5:eb:a3:0c:0b:81:c5:a2:e8:af:e3:49:5f:da: 82:dd:57:87:d8:69:09:4e:1a:60:08:34:ec:f6:d7:84:38:2e: 06:9a:42:38:91:00:d6:1a:4f:9a:96:57:99:36:b8:02:bd:3f: e7:b0:3d:7b:5a:82:1d:92:82:f5:d9:1e:24:69:aa:df:99:2d: f9:31:8b:7b:ec:34:19:84:b6:75:11:d3:d3:47:a8:12:09:7a: f5:b1:c7:e4:3d:bc:08:ed:59:d6:98:46:5d:07:d6:2a:96:c6: 28:0b:19:fa:fb:bc:bb:40:93:b2:16:01:f4:56:aa:32:8a:6d: cc:dd:96:69:ab:53:fd:d6:6d:a9:7b:fe:77:50:cb:70:da:fc: 8d:b7:d0:7c:14:cb:21:7d:81:4c:45:da:1a:1e:76:dd:27:ad: 0e:ba:ab:e6:aa:ec:20:3d:b4:52:86:31:04:27:77:14:85:08: fb:ef:99:1f:3a:da:db:2f:b5:75:c4:2b:cb:1b:d8:5d:a1:a2: e0:d2:dc:5a:67:cd:52:a0:a5:0b:32:e2:96:e5:03:ac:9d:1a: 15:12:d9:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2MjQxMTAvBgNVBAUTKEQ4MjIyRjVDQTQ3Mzk2MjI0NEZDMTM0MTE1NzEwRUJF RDVFMzk1NjAwHhcNMjQwNTAyMTg1NzU1WhcNMjQwNTA5MTg1NzU1WjAYMRYwFAYD VQQDEw02NjMzZTIzNC0xNTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwcN+8P7eFS/jPGU5T58o4jnUCxV3Nh/mtWIIvl8mknv4z2e2h1Conu0sdAn7 510Bi5o2NuJsqXtXYqTcG/YBMf5EjXtj4sugbWRiOWI9X/sNpArWmJFGyEHzcKh5 dqMigU6Rp3snL37jI0/VgeAERgDNafi5yr9nZqQAUjxVQwcjS99+C0GifGT7GBP0 ZSPdfQ02XTluBI+xW/X48HTyV0VHYL9+jx7DKgYQDYEskIguiJnQ5WtR72YYQ9FF +S3b3vpQtNj2Stsh5jPdrfGq9jrVFF63rsEGnj/V752+H0hYP8IkbmhySolrkQY+ 2gPrHtDrNUnigeFCv8WgiAWPCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDFcBdbU HhM0Cy1FcMny1LzBu8kXMB8GA1UdIwQYMBaAFNgiL1ykc5YiRPwTQRVxDr7V45Vg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTYyNC9DNjk0ODIzNjEw RTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxpSkVfQk5CRlhFT3Z0WGps V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJDSXZYS1J6bGlKRV9CTkJGWEVPdnRYamxXQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTYyNC9DNjk0ODIzNjEwRTAxMUVBOUJEMUE1NURDNEY5QUUwMi8yQ0l2WEtSemxp SkVfQk5CRlhFT3Z0WGpsV0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASe/TlNpBvGrDq59PKekLHJQwmkBEvDNcrB3M6sfV77YyUqjVKUZ55 peujDAuBxaLor+NJX9qC3VeH2GkJThpgCDTs9teEOC4GmkI4kQDWGk+alleZNrgC vT/nsD17WoIdkoL12R4kaarfmS35MYt77DQZhLZ1EdPTR6gSCXr1scfkPbwI7VnW mEZdB9YqlsYoCxn6+7y7QJOyFgH0Vqoyim3M3ZZpq1P91m2pe/53UMtw2vyNt9B8 FMshfYFMRdoaHnbdJ60OuqvmquwgPbRShjEEJ3cUhQj775kfOtrbL7V1xCvLG9hd oaLg0txaZ81SoKULMuKW5QOsnRoVEtm7 -----END CERTIFICATE-----Generated at Thu May 2 20:50:19 2024 by rpki-client on console-fra.rpki-client.org