$ rpki-client -vvf rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.mft File: kYwDAKqskerP1p2NeSXuqybpU0A.mft (raw, json) Hash identifier: WMIt1C03cfJlhhnzNoOwP9UMy2rP+cmUe5WkQN28tKA= Subject key identifier: 22:1D:E6:DD:FD:86:72:1D:ED:45:62:AB:EF:87:54:AE:B1:9A:A4:08 Authority key identifier: 91:8C:03:00:AA:AC:91:EA:CF:D6:9D:8D:79:25:EE:AB:26:E9:53:40 Certificate issuer: /CN=A911A4EF/serialNumber=918C0300AAAC91EACFD69D8D7925EEAB26E95340 Certificate serial: 1DDD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kYwDAKqskerP1p2NeSXuqybpU0A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.mft Manifest number: 1DD5 Signing time: Sat 04 May 2024 16:30:39 +0000 Manifest this update: Sat 04 May 2024 16:30:39 +0000 Manifest next update: Sat 11 May 2024 16:30:39 +0000 Files and hashes: 1: kYwDAKqskerP1p2NeSXuqybpU0A.crl (hash: ber2Hd99wjuxAnsAriA0TWsGByQbs4foyfuHChXRGE0=) 2: 12C2F34C6B5111E6BB95083DC4F9AE02.roa (hash: LwQa/m8/d5GOkJV4mc3F8XfuVatFxoGCDElXXbEYDjU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.crl rsync://rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kYwDAKqskerP1p2NeSXuqybpU0A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 16:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7645 (0x1ddd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911A4EF/serialNumber=918C0300AAAC91EACFD69D8D7925EEAB26E95340 Validity Not Before: May 4 16:30:39 2024 GMT Not After : May 11 16:30:39 2024 GMT Subject: CN=663662af-4ad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9d:be:15:47:f4:ff:b0:2d:85:b5:f1:9f:d8: cd:67:72:fb:49:d8:0b:df:5a:08:0c:ef:25:18:90: e0:cb:fd:54:5d:3c:6c:bc:36:5a:13:5c:e5:b6:fc: 97:e0:49:39:8d:ac:e9:7f:84:6c:ab:b6:bd:ac:48: 27:c3:1f:e7:3b:3e:6d:a9:f3:93:12:ca:42:ce:42: 3f:13:e9:0b:ff:aa:62:38:04:fa:1b:87:ac:7b:59: c1:0f:d0:c4:5e:ed:28:6f:25:dd:2f:5a:e2:7b:90: b8:4e:50:04:df:ba:ef:0b:74:b4:64:b5:41:38:14: 86:9e:17:16:94:31:1a:c1:7a:b6:31:6b:06:ef:47: 4b:bb:4c:9d:b7:5b:93:ea:e9:1c:04:ad:e8:f0:1a: e3:f0:2a:d1:9e:58:b7:c4:ca:eb:9e:33:81:f8:78: 25:82:64:b8:26:66:6d:db:3a:27:1a:4d:2a:ba:30: e0:75:ec:41:b6:44:0b:76:e1:fa:8e:24:d0:8e:d2: 13:17:f7:43:76:ea:93:83:78:89:f3:35:2c:6e:50: 65:e1:24:52:6d:33:32:a4:ac:27:84:98:28:35:56: 9c:92:d2:af:6b:e8:6e:8f:93:ed:74:5e:ef:ff:4e: ca:d9:a6:d3:f7:54:be:8b:fc:cb:d4:97:fe:49:48: a6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:1D:E6:DD:FD:86:72:1D:ED:45:62:AB:EF:87:54:AE:B1:9A:A4:08 X509v3 Authority Key Identifier: keyid:91:8C:03:00:AA:AC:91:EA:CF:D6:9D:8D:79:25:EE:AB:26:E9:53:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kYwDAKqskerP1p2NeSXuqybpU0A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911A4EF/DFC7C69E6B4F11E692315138C4F9AE02/kYwDAKqskerP1p2NeSXuqybpU0A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:d1:02:f4:9e:9f:e1:fc:3c:e1:29:e8:01:22:45:f2:07:9c: f7:82:20:a1:49:74:e0:5b:53:b1:fe:19:22:8f:47:43:0e:21: bf:28:7d:b0:cd:6b:1c:9c:d9:53:23:e5:bd:48:72:c1:cb:7d: 7c:c8:a5:88:5a:60:84:0c:4a:b1:b9:a4:1f:92:f6:eb:b3:60: 59:60:ea:a1:dc:d2:6b:f4:4f:f7:fa:8f:e2:b2:49:19:f6:fd: 14:14:be:37:e0:b9:2a:8a:ef:bc:77:55:56:e1:11:7e:63:75: d3:c6:d6:d2:e2:d7:81:ba:37:95:09:aa:47:1d:59:d7:c5:5d: 28:4a:f8:e5:a1:80:19:76:0b:49:ab:fb:66:b0:7b:e9:17:64: e1:c3:c1:5f:68:4a:cd:69:a8:15:ed:42:d2:c0:ca:4b:95:e6: 38:eb:3a:eb:b0:79:06:fd:24:2b:9b:f4:6d:78:f0:dc:f4:76: 25:ee:4e:8d:4f:30:06:0d:5b:e7:38:7f:4a:44:09:76:a2:65: 30:96:49:de:11:29:50:b6:b8:50:02:28:3f:07:9d:4d:c5:9f: 73:2e:4d:82:72:d8:8e:81:71:dd:8d:a0:17:50:d1:b1:b9:63: 1d:9d:2c:7f:73:90:73:7d:23:bc:02:92:78:5c:a6:20:12:59: bb:75:65:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUE0RUYxMTAvBgNVBAUTKDkxOEMwMzAwQUFBQzkxRUFDRkQ2OUQ4RDc5MjVFRUFC MjZFOTUzNDAwHhcNMjQwNTA0MTYzMDM5WhcNMjQwNTExMTYzMDM5WjAYMRYwFAYD VQQDEw02NjM2NjJhZi00YWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJ2+FUf0/7AthbXxn9jNZ3L7SdgL31oIDO8lGJDgy/1UXTxsvDZaE1zltvyX 4Ek5jazpf4Rsq7a9rEgnwx/nOz5tqfOTEspCzkI/E+kL/6piOAT6G4ese1nBD9DE Xu0obyXdL1rie5C4TlAE37rvC3S0ZLVBOBSGnhcWlDEawXq2MWsG70dLu0ydt1uT 6ukcBK3o8Brj8CrRnli3xMrrnjOB+HglgmS4JmZt2zonGk0qujDgdexBtkQLduH6 jiTQjtITF/dDduqTg3iJ8zUsblBl4SRSbTMypKwnhJgoNVacktKva+huj5PtdF7v /07K2abT91S+i/zL1Jf+SUimeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCId5t39 hnId7UViq++HVK6xmqQIMB8GA1UdIwQYMBaAFJGMAwCqrJHqz9adjXkl7qsm6VNA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQTRFRi9ERkM3QzY5RTZC NEYxMUU2OTIzMTUxMzhDNEY5QUUwMi9rWXdEQUtxc2tlclAxcDJOZVNYdXF5YnBV MEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tZd0RBS3Fza2VyUDFwMk5lU1h1cXlicFUwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QTRFRi9ERkM3QzY5RTZCNEYxMUU2OTIzMTUxMzhDNEY5QUUwMi9rWXdEQUtxc2tl clAxcDJOZVNYdXF5YnBVMEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC10QL0np/h/DzhKegBIkXyB5z3giChSXTgW1Ox/hkij0dDDiG/KH2w zWscnNlTI+W9SHLBy318yKWIWmCEDEqxuaQfkvbrs2BZYOqh3NJr9E/3+o/iskkZ 9v0UFL434Lkqiu+8d1VW4RF+Y3XTxtbS4teBujeVCapHHVnXxV0oSvjloYAZdgtJ q/tmsHvpF2Thw8FfaErNaagV7ULSwMpLleY46zrrsHkG/SQrm/RtePDc9HYl7k6N TzAGDVvnOH9KRAl2omUwlkneESlQtrhQAig/B51NxZ9zLk2CctiOgXHdjaAXUNGx uWMdnSx/c5BzfSO8ApJ4XKYgElm7dWUr -----END CERTIFICATE-----Generated at Sat May 4 17:44:37 2024 by rpki-client on console-ams.rpki-client.org