$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: JfAtvMhLeRUZi6bJKqcdMMJk8MvZbc0u6+fbbErC/T4= Subject key identifier: 47:6A:6E:29:28:E3:C1:38:50:F9:38:53:4E:B6:09:68:98:F9:75:3C Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 02BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 02B9 Signing time: Fri 03 May 2024 03:37:14 +0000 Manifest this update: Fri 03 May 2024 03:37:14 +0000 Manifest next update: Fri 10 May 2024 03:37:14 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: +VeLZBg/M0Gun1kVRVJrvDjbwqC1kPmgDSbKNcbtF80=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: M/lr8xkMBnLxQ2UuVdrqkJdSJqLPZmrgr/WgiGu36x0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 03:37:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 701 (0x2bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: May 3 03:37:14 2024 GMT Not After : May 10 03:37:14 2024 GMT Subject: CN=66345bea-c25b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:44:6d:00:bd:cf:bb:6b:fe:ba:65:67:e9:6e: 81:66:4f:55:ee:aa:63:75:67:d7:65:e7:42:b1:60: 1e:44:ac:99:4d:73:d9:1a:a0:db:d7:37:01:5d:2b: b2:f2:47:08:7a:0e:f0:40:c0:af:e7:c4:af:0a:e1: 32:ec:76:23:39:21:07:26:48:b7:18:66:9f:23:24: 47:6a:81:1c:4a:42:6a:6d:d4:0f:54:94:56:08:55: 4e:bc:0c:0f:0c:91:20:ea:6b:c9:b8:c8:6f:47:8a: e5:1f:02:e2:3a:9d:8e:0b:30:7b:59:0d:1b:4d:cd: 35:56:c0:5e:82:68:00:1d:18:0b:fb:87:99:56:17: a9:04:32:7f:2a:c4:2e:ac:52:8c:37:4a:82:4a:25: c8:81:ff:e6:b6:fe:1e:a8:54:44:a7:67:ae:f5:0c: d4:18:cb:13:c4:c2:63:01:f9:83:af:b7:d3:04:a3: 51:1b:94:28:89:ed:8c:c9:e4:9f:68:da:3d:18:47: b4:7e:f5:80:f0:c0:42:77:ce:ff:8d:cf:56:88:e8: 37:49:ba:b3:43:74:40:72:aa:b0:8e:14:4a:e6:5b: 25:3e:28:2a:d5:4c:5a:7b:16:6d:3a:7a:7e:35:f4: 51:ab:bc:99:f3:28:bf:be:ee:55:9b:46:c8:2f:37: 7f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:6A:6E:29:28:E3:C1:38:50:F9:38:53:4E:B6:09:68:98:F9:75:3C X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption f1:5a:ee:55:02:70:9f:79:f7:cd:7e:4b:52:be:be:00:e8:af: 61:8d:42:a4:dd:b5:89:f8:02:e7:b4:ce:22:b9:39:dd:eb:56: 93:aa:b8:54:d7:04:dd:84:c8:5d:98:18:53:13:7e:01:67:df: 16:34:61:1a:92:42:68:e8:19:66:01:4e:ea:91:71:29:f2:a7: 04:24:35:77:56:f4:4f:2f:f9:c5:d5:25:66:b5:fd:3f:3e:93: ea:ea:51:d3:59:a4:db:83:89:76:d6:b0:6d:50:51:55:45:30: 09:91:88:43:12:78:8d:00:74:9f:b0:4b:c9:7b:90:5b:aa:0e: df:6b:35:a9:39:5c:82:e5:e8:d5:f2:e9:e4:32:f3:18:c8:51: 16:a0:16:19:e1:40:92:b8:9c:4f:1a:d8:7d:a8:f3:df:e1:c3: 96:ca:2a:fd:60:89:31:03:5a:25:c3:83:86:cc:b8:9c:e9:88: db:54:15:ce:54:9c:c4:4c:08:f2:28:46:2b:eb:82:7f:63:f6: 97:33:c5:4d:69:d6:40:ed:98:bc:2b:76:29:a5:14:ad:4a:37: f2:88:ef:21:08:43:76:a0:21:9a:20:6c:52:57:ba:77:87:dc: 64:ff:34:19:f5:b5:8a:f7:00:e2:27:20:cc:27:7f:e5:d4:ce: 60:ed:6d:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjQwNTAzMDMzNzE0WhcNMjQwNTEwMDMzNzE0WjAYMRYwFAYD VQQDEw02NjM0NWJlYS1jMjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAukRtAL3Pu2v+umVn6W6BZk9V7qpjdWfXZedCsWAeRKyZTXPZGqDb1zcBXSuy 8kcIeg7wQMCv58SvCuEy7HYjOSEHJki3GGafIyRHaoEcSkJqbdQPVJRWCFVOvAwP DJEg6mvJuMhvR4rlHwLiOp2OCzB7WQ0bTc01VsBegmgAHRgL+4eZVhepBDJ/KsQu rFKMN0qCSiXIgf/mtv4eqFREp2eu9QzUGMsTxMJjAfmDr7fTBKNRG5Qoie2MyeSf aNo9GEe0fvWA8MBCd87/jc9WiOg3SbqzQ3RAcqqwjhRK5lslPigq1UxaexZtOnp+ NfRRq7yZ8yi/vu5Vm0bILzd/yQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdqbiko 48E4UPk4U062CWiY+XU8MB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDxWu5VAnCfeffNfktSvr4A6K9hjUKk3bWJ+ALntM4iuTnd61aTqrhU 1wTdhMhdmBhTE34BZ98WNGEakkJo6BlmAU7qkXEp8qcEJDV3VvRPL/nF1SVmtf0/ PpPq6lHTWaTbg4l21rBtUFFVRTAJkYhDEniNAHSfsEvJe5Bbqg7fazWpOVyC5ejV 8unkMvMYyFEWoBYZ4UCSuJxPGth9qPPf4cOWyir9YIkxA1olw4OGzLic6YjbVBXO VJzETAjyKEYr64J/Y/aXM8VNadZA7Zi8K3YppRStSjfyiO8hCEN2oCGaIGxSV7p3 h9xk/zQZ9bWK9wDiJyDMJ3/l1M5g7W34 -----END CERTIFICATE-----Generated at Fri May 3 04:36:44 2024 by rpki-client on console-ams.rpki-client.org