$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft File: epYXaVSeCq0Km_mSVoO673M6Lxo.mft (raw, json) Hash identifier: 3VMrscCkWIZketwLInmfhymCakvGP2MCa5qtk+fHp/E= Subject key identifier: 89:6D:FD:47:DA:CF:57:5E:C4:57:90:76:CC:5F:B3:A5:C2:15:10:E3 Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Certificate serial: 33E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft Manifest number: 33CE Signing time: Thu 02 May 2024 14:23:40 +0000 Manifest this update: Thu 02 May 2024 14:23:40 +0000 Manifest next update: Thu 09 May 2024 14:23:40 +0000 Files and hashes: 1: epYXaVSeCq0Km_mSVoO673M6Lxo.crl (hash: Doi8Y25NrBOok92KJAqZyEaG5oJiLcsFhKB2AfGxF2w=) 2: 3E8B52A4C34F11EE8EFD7916C4F9AE02.roa (hash: +yYkETmiz4f1WjO0VI/D0V/XhkpjRjIPDeg46cPjkmg=) 3: 1A83389CC35211EE8CE04C38C4F9AE02.roa (hash: ABHRVa51+3FPp63vvRRjd9rbI2IwdKCW8s6MHnP0STY=) 4: 1F5CD892C35111EE9D744F36C4F9AE02.roa (hash: kWNVfDLs1+2Y53t+8wep1l/lz0MK8fqRm6f70PeE45Y=) 5: DA202262C34F11EE93BC8317C4F9AE02.roa (hash: UPNy9mXh9V1JREa7xBmKEY6nu0QxtMbBhZWdNaDQGV0=) 6: 61A65BF2C35011EE95366E18C4F9AE02.roa (hash: JeLyuHAlbKpP/f4B6s1W4jn3AabFiwBPCpy341c6Qe4=) 7: 1EEE3E0AC35111EE9D744F36C4F9AE02.roa (hash: DSZWfSJyTwlWzEMYtybTq8RbGq0Spn7l88rd5LsPi5U=) 8: AC3033FAC35011EE8A0A4819C4F9AE02.roa (hash: /OBT7LfaLNKCK43gSEXr65RRwwTpkiBa1i6HSuZOLxo=) 9: A50EE218C34D11EEBC95A913C4F9AE02.roa (hash: JfCY4kglkn7+akZh2gV81bsJmnXHR/kuI+sxoT8tNSI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 14:23:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13281 (0x33e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Validity Not Before: May 2 14:23:40 2024 GMT Not After : May 9 14:23:40 2024 GMT Subject: CN=6633a1ec-2aca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a1:49:c5:8a:cf:ae:75:97:46:50:e5:3c:84: c1:8f:20:e1:16:82:32:49:92:13:28:5d:25:49:20: 89:b2:17:87:6f:e5:d5:4b:db:dd:fe:37:fe:f2:ce: e0:98:68:a8:8e:85:b8:64:7c:f4:2a:bb:ed:3d:58: 93:9a:6c:00:ff:d3:20:8a:50:b2:78:2b:dc:5b:33: 11:80:35:42:b5:8c:4d:e0:04:43:46:ca:82:bf:bd: 18:02:85:1e:2d:b8:30:b1:fc:27:b1:4f:71:e2:26: ac:88:08:49:74:18:1b:84:5f:8d:42:20:94:ae:f0: cf:bc:45:35:7d:39:a9:f7:0a:26:15:7a:f5:90:b6: 5e:92:86:86:3e:99:87:60:83:b7:a4:e4:ae:c2:4f: fd:6d:36:70:66:0b:25:63:ae:bd:42:9e:f3:31:d6: d5:d2:ba:ba:75:56:1c:07:ac:55:2b:aa:e6:63:1a: 95:5d:03:ce:84:5b:35:85:18:0f:de:6f:ac:3f:fe: 2c:e5:73:51:01:85:63:a6:51:04:86:ec:cd:9f:ac: f0:47:46:88:18:f0:38:7f:8d:4d:23:73:c9:0f:b1: 3f:48:a2:bd:ab:a2:1b:1f:b7:77:b0:38:58:cd:88: 96:ba:1d:c1:aa:34:6f:6d:10:41:36:24:44:07:74: 85:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:6D:FD:47:DA:CF:57:5E:C4:57:90:76:CC:5F:B3:A5:C2:15:10:E3 X509v3 Authority Key Identifier: keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:04:31:db:64:cd:56:87:e3:ca:0f:97:7b:87:33:1d:8a:f8: 1e:79:ef:6c:03:18:63:ab:bb:8e:eb:63:e2:87:93:3d:74:d4: 8e:fa:dc:69:c7:da:6b:50:f2:78:67:77:23:a5:81:23:ae:30: 9d:a0:62:01:ad:6f:fc:3b:fa:72:09:b7:41:cb:01:e7:f6:c5: 91:7d:52:1e:04:1b:cf:01:b7:8e:98:51:d4:8e:0f:c5:e8:e6: b1:c3:24:e6:bf:58:4a:27:7c:ad:f3:1b:d1:6c:08:5f:79:cf: f2:35:12:05:cc:25:02:01:df:f5:ce:3c:76:95:0c:de:fb:a1: 29:b7:7c:cf:fd:17:86:18:34:d0:ed:1b:79:0c:77:78:85:db: 27:d3:5c:7c:08:a1:4b:06:86:fa:a5:37:55:e3:43:c6:55:47: 5c:02:1a:c3:98:93:e4:fd:5e:e3:64:e2:dd:d8:80:e4:7a:2a: 3a:47:18:67:dd:05:91:3e:7f:20:dd:3c:cd:2f:33:bf:f7:d9: 7d:99:38:ab:d8:a3:a2:39:d4:25:3f:96:40:32:4d:74:8e:72: e4:19:d2:ae:ce:31:2a:aa:79:88:c7:29:1f:45:38:6f:3e:02: c8:e8:7b:f1:7b:7a:3b:28:22:1a:f6:7b:39:78:d3:9f:27:b4: cc:56:f2:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG NzMzQTJGMUEwHhcNMjQwNTAyMTQyMzQwWhcNMjQwNTA5MTQyMzQwWjAYMRYwFAYD VQQDEw02NjMzYTFlYy0yYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxaFJxYrPrnWXRlDlPITBjyDhFoIySZITKF0lSSCJsheHb+XVS9vd/jf+8s7g mGiojoW4ZHz0KrvtPViTmmwA/9MgilCyeCvcWzMRgDVCtYxN4ARDRsqCv70YAoUe LbgwsfwnsU9x4iasiAhJdBgbhF+NQiCUrvDPvEU1fTmp9womFXr1kLZekoaGPpmH YIO3pOSuwk/9bTZwZgslY669Qp7zMdbV0rq6dVYcB6xVK6rmYxqVXQPOhFs1hRgP 3m+sP/4s5XNRAYVjplEEhuzNn6zwR0aIGPA4f41NI3PJD7E/SKK9q6IbH7d3sDhY zYiWuh3BqjRvbRBBNiREB3SFjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlt/Ufa z1dexFeQdsxfs6XCFRDjMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzVCMC80MEM4RDVBNjFEODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNx MEttX21TVm9PNjczTTZMeG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNBDHbZM1Wh+PKD5d7hzMdivgeee9sAxhjq7uO62Pih5M9dNSO+txp x9prUPJ4Z3cjpYEjrjCdoGIBrW/8O/pyCbdBywHn9sWRfVIeBBvPAbeOmFHUjg/F 6OaxwyTmv1hKJ3yt8xvRbAhfec/yNRIFzCUCAd/1zjx2lQze+6Ept3zP/ReGGDTQ 7Rt5DHd4hdsn01x8CKFLBob6pTdV40PGVUdcAhrDmJPk/V7jZOLd2IDkeio6Rxhn 3QWRPn8g3TzNLzO/99l9mTir2KOiOdQlP5ZAMk10jnLkGdKuzjEqqnmIxykfRThv PgLI6Hvxe3o7KCIa9ns5eNOfJ7TMVvKy -----END CERTIFICATE-----Generated at Thu May 2 17:43:03 2024 by rpki-client on console-fra.rpki-client.org