$ rpki-client -vvf rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft File: hEIqhfpOTNTW7plGMaPQ8OboLTo.mft (raw, json) Hash identifier: t1Y+IQQWjO3FnZwTuACiLQrFpSlbT5ZV+X/AhPXgk+o= Subject key identifier: 59:92:48:8F:23:1F:90:AA:5A:5D:12:CF:E3:9B:5D:B3:C5:7D:7F:B6 Authority key identifier: 84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A Certificate issuer: /CN=A911C61C/serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Certificate serial: 0295 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft Manifest number: 0291 Signing time: Wed 01 May 2024 03:57:58 +0000 Manifest this update: Wed 01 May 2024 03:57:57 +0000 Manifest next update: Wed 08 May 2024 03:57:57 +0000 Files and hashes: 1: hEIqhfpOTNTW7plGMaPQ8OboLTo.crl (hash: YrJbQvU51B+zlSQsGJixamwLAZXzc/LcgGvjc3x7uSU=) 2: 214E0454B58A11ECAF32FE29C4F9AE02.roa (hash: pBbwlRGBpC2tDZKkxngbZ3HbOh4/vWaEBE463DX52ac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 03:45:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 661 (0x295) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C61C/serialNumber=84422A85FA4E4CD4D6EE994631A3D0F0E6E82D3A Validity Not Before: May 1 03:57:57 2024 GMT Not After : May 8 03:57:57 2024 GMT Subject: CN=6631bdc6-d798 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6f:7d:46:9c:23:ea:d3:6a:2f:69:49:63:e4: 84:14:a8:d6:2e:a7:91:ff:be:74:7d:ef:81:0d:22: 97:56:10:a1:64:de:64:24:21:be:68:d9:30:82:f7: 75:0e:30:49:41:73:4c:df:28:86:e9:09:4f:fb:32: 0c:15:72:83:3d:f1:73:b1:0b:82:fb:06:c7:9d:53: f5:99:0e:e8:4d:5e:89:ff:ac:fb:45:16:2e:43:cd: 8e:6e:4c:c6:1d:4b:f9:59:54:5d:0b:1c:ad:b8:74: 7c:41:46:09:94:62:9a:77:5a:c6:53:f5:93:48:d3: df:de:cf:a2:a3:42:a8:f4:da:41:24:19:0a:1b:c8: 07:bc:13:45:7c:1f:76:d0:d4:81:c7:62:62:5b:91: d7:e9:c6:34:0f:c6:4d:ec:da:2e:23:9f:ed:c5:1f: a8:d0:cf:b8:0a:4c:23:f7:34:11:71:ae:0c:8f:0c: 6e:bb:27:48:14:5a:9d:0b:27:6e:c3:0c:16:8f:58: 5f:8a:2a:e3:f2:86:88:c7:d7:e2:75:d4:ee:64:39: d4:d3:96:f4:81:90:63:85:fc:ad:e7:90:ca:23:40: 05:d5:cf:65:14:77:82:4a:0d:39:4a:f7:96:75:f8: e2:f8:c8:7c:72:2a:3a:07:e0:15:fc:bb:3a:20:ba: ab:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:92:48:8F:23:1F:90:AA:5A:5D:12:CF:E3:9B:5D:B3:C5:7D:7F:B6 X509v3 Authority Key Identifier: keyid:84:42:2A:85:FA:4E:4C:D4:D6:EE:99:46:31:A3:D0:F0:E6:E8:2D:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hEIqhfpOTNTW7plGMaPQ8OboLTo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C61C/2A7090FAB58611ECAE81ED22C4F9AE02/hEIqhfpOTNTW7plGMaPQ8OboLTo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:c2:a5:ec:7a:c4:f1:11:ca:73:ee:37:d3:e2:b6:3a:70:1d: 3a:e5:da:a9:c1:a9:da:84:15:6d:89:27:5d:2a:bd:13:9f:24: 46:23:92:3a:70:45:82:8f:47:5a:8f:01:ce:4b:84:d8:52:7c: 5b:ec:2e:f6:e9:1e:a1:43:19:b5:c3:7a:b7:93:76:c7:0a:cb: ff:79:23:84:eb:60:0b:ae:f3:28:11:ec:83:90:af:cc:db:fe: d3:5e:06:6a:f3:6a:ee:f8:7e:ab:b9:09:5f:5f:ce:89:89:22: a6:67:89:f4:71:b1:5a:d4:a0:73:0e:0f:e6:6a:b5:58:f9:29: 6e:bb:3f:cb:3a:80:de:eb:0e:0c:e4:f5:aa:cf:4a:9c:68:41: 60:cc:8b:47:22:ff:c8:19:b4:c3:4c:1d:94:68:fd:38:c2:b9: 19:a9:23:b7:f0:ff:92:a3:4e:20:4b:24:7a:c4:54:d3:fa:d4: 79:4a:d2:d9:9e:68:13:d1:54:ee:5a:42:a1:33:86:dd:0a:45: 10:08:84:cb:66:3f:2e:f2:18:66:1a:b5:7b:1d:c5:9a:e5:b2: 8d:ec:d4:c1:bb:5a:f9:09:86:16:83:fd:ea:d2:5a:62:4a:ba: b8:dc:ba:d9:2a:28:28:fe:0e:e7:e8:d5:fa:5d:c9:6b:cd:2c: 1e:f2:7f:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM2MUMxMTAvBgNVBAUTKDg0NDIyQTg1RkE0RTRDRDRENkVFOTk0NjMxQTNEMEYw RTZFODJEM0EwHhcNMjQwNTAxMDM1NzU3WhcNMjQwNTA4MDM1NzU3WjAYMRYwFAYD VQQDEw02NjMxYmRjNi1kNzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvW99Rpwj6tNqL2lJY+SEFKjWLqeR/750fe+BDSKXVhChZN5kJCG+aNkwgvd1 DjBJQXNM3yiG6QlP+zIMFXKDPfFzsQuC+wbHnVP1mQ7oTV6J/6z7RRYuQ82ObkzG HUv5WVRdCxytuHR8QUYJlGKad1rGU/WTSNPf3s+io0Ko9NpBJBkKG8gHvBNFfB92 0NSBx2JiW5HX6cY0D8ZN7NouI5/txR+o0M+4Ckwj9zQRca4MjwxuuydIFFqdCydu wwwWj1hfiirj8oaIx9fiddTuZDnU05b0gZBjhfyt55DKI0AF1c9lFHeCSg05SveW dfji+Mh8cio6B+AV/Ls6ILqrVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFmSSI8j H5CqWl0Sz+ObXbPFfX+2MB8GA1UdIwQYMBaAFIRCKoX6TkzU1u6ZRjGj0PDm6C06 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzYxQy8yQTcwOTBGQUI1 ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1ROVFc3cGxHTWFQUThPYm9M VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hFSXFoZnBPVE5UVzdwbEdNYVBROE9ib0xUby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzYxQy8yQTcwOTBGQUI1ODYxMUVDQUU4MUVEMjJDNEY5QUUwMi9oRUlxaGZwT1RO VFc3cGxHTWFQUThPYm9MVG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6wqXsesTxEcpz7jfT4rY6cB065dqpwanahBVtiSddKr0TnyRGI5I6 cEWCj0dajwHOS4TYUnxb7C726R6hQxm1w3q3k3bHCsv/eSOE62ALrvMoEeyDkK/M 2/7TXgZq82ru+H6ruQlfX86JiSKmZ4n0cbFa1KBzDg/marVY+Sluuz/LOoDe6w4M 5PWqz0qcaEFgzItHIv/IGbTDTB2UaP04wrkZqSO38P+So04gSyR6xFTT+tR5StLZ nmgT0VTuWkKhM4bdCkUQCITLZj8u8hhmGrV7HcWa5bKN7NTBu1r5CYYWg/3q0lpi Srq43LrZKigo/g7n6NX6XclrzSwe8n/F -----END CERTIFICATE-----Generated at Wed May 1 04:49:19 2024 by rpki-client on console-ams.rpki-client.org