$ rpki-client -vvf rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft File: 2fpCBt8OmUfNUB39UlsuRmlv1EI.mft (raw, json) Hash identifier: pLIbN3LcmWljRqk1523xFuxjzqduEwNkz5zL3OtMz9U= Subject key identifier: C1:A1:83:33:99:3F:2C:D0:57:02:C4:80:2E:72:EC:E4:0C:C3:78:7A Authority key identifier: D9:FA:42:06:DF:0E:99:47:CD:50:1D:FD:52:5B:2E:46:69:6F:D4:42 Certificate issuer: /CN=A911D40B/serialNumber=D9FA4206DF0E9947CD501DFD525B2E46696FD442 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft Manifest number: 59 Signing time: Fri 17 May 2024 07:52:25 +0000 Manifest this update: Fri 17 May 2024 07:52:25 +0000 Manifest next update: Fri 24 May 2024 07:52:25 +0000 Files and hashes: 1: 2fpCBt8OmUfNUB39UlsuRmlv1EI.crl (hash: W1HN3XqnXuAuYVpSCWbd77QgSUK4coYRrPD2l9vrWU0=) 2: 91BCF5D08E0811EE91C7BD62C4F9AE02.roa (hash: NUwS5dYsHWOgsvHLsaWVzkOfeZ5Qgl9e7GqBuWLbj7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.crl rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 07:52:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D40B/serialNumber=D9FA4206DF0E9947CD501DFD525B2E46696FD442 Validity Not Before: May 17 07:52:25 2024 GMT Not After : May 24 07:52:25 2024 GMT Subject: CN=66470cb9-9e53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:06:60:4e:c5:56:fb:ae:74:f0:55:eb:52:eb: 45:59:42:dc:35:d7:72:ed:85:87:e4:76:ca:7d:ad: 03:d5:bc:2d:3f:c4:a1:d7:89:7c:70:2e:d7:47:8a: 1d:e5:bb:fb:bb:4a:a3:08:75:1a:e8:bd:52:90:6a: 60:a7:b9:92:3a:81:b9:30:0f:48:d6:63:22:bf:e7: fd:6b:b7:f9:30:e9:1d:cf:ce:99:a2:ae:32:f8:92: 4a:9e:84:be:6d:c7:f2:c7:a1:0d:15:91:e4:f5:9a: 35:ec:9b:e3:ed:0e:a0:a9:0a:8a:f9:64:cd:1c:f0: 40:7e:5c:d1:db:64:de:40:64:8a:b1:a1:54:a9:4c: be:86:50:bb:cd:8c:55:b3:c4:9b:38:2c:c2:2e:8e: 5b:ed:e9:26:15:ac:04:cd:c7:dd:b9:5d:79:3a:41: f2:75:ef:02:4b:16:9b:4f:80:50:0c:25:32:eb:a9: 19:12:be:fd:56:ad:cc:3a:62:f6:09:24:0b:cd:9f: f0:4d:65:ae:95:d8:9b:4d:0f:40:c7:b5:93:6b:70: 7a:7a:1a:98:5d:2f:f2:dc:e4:0f:fa:33:e8:f3:52: a3:c5:c5:18:00:38:e5:58:f3:cb:d3:9a:02:f6:2f: fe:c7:a9:1a:2b:a3:cd:6e:95:25:75:4c:2f:3d:7e: 03:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:A1:83:33:99:3F:2C:D0:57:02:C4:80:2E:72:EC:E4:0C:C3:78:7A X509v3 Authority Key Identifier: keyid:D9:FA:42:06:DF:0E:99:47:CD:50:1D:FD:52:5B:2E:46:69:6F:D4:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2fpCBt8OmUfNUB39UlsuRmlv1EI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D40B/4626BB1A8E0811EE9C9DE461C4F9AE02/2fpCBt8OmUfNUB39UlsuRmlv1EI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:9a:ad:b0:76:e3:ee:c9:bc:fc:cd:b4:fa:f3:fa:b2:e6:36: b6:d3:e1:59:a1:49:d1:b8:9c:85:72:c5:6c:b3:38:48:2a:0a: 7f:29:86:37:c0:04:90:a6:02:f8:1f:b4:41:ee:04:64:09:77: ac:12:c2:8a:76:19:8a:99:bb:9d:ce:2f:b5:84:f1:fb:f0:fc: 17:51:2d:2b:f6:5a:3f:18:4e:95:91:b0:f4:48:30:12:71:6f: 4e:d9:fe:d7:9f:7d:82:96:f0:ba:d5:68:02:20:19:d7:ab:79: 1b:f8:6d:0d:06:c5:4a:4e:14:26:10:aa:42:c4:09:c6:c1:70: aa:b7:0e:27:35:c7:45:9a:ab:cb:8c:d6:35:be:1d:d7:ed:22: e3:58:f9:2f:a8:12:3e:14:33:84:e9:e3:20:60:0e:d6:4e:49: ef:f8:56:7f:20:1e:f7:88:02:4e:3a:7f:3f:fe:03:b7:36:ac: ce:76:d8:33:f5:e7:d6:ab:ff:f8:f3:b1:1d:60:ed:6a:18:0a: 8b:7b:27:e2:77:d7:0d:db:45:23:73:67:82:a2:e4:5d:00:b3: a6:b5:63:29:91:47:26:1b:4f:98:81:04:b2:ef:38:ed:d6:9d: 25:9b:35:81:d9:ca:0f:95:ff:8e:09:32:39:fb:1f:a4:74:30: 4e:98:d1:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RDQwQjExMC8GA1UEBRMoRDlGQTQyMDZERjBFOTk0N0NENTAxREZENTI1QjJFNDY2 OTZGRDQ0MjAeFw0yNDA1MTcwNzUyMjVaFw0yNDA1MjQwNzUyMjVaMBgxFjAUBgNV BAMTDTY2NDcwY2I5LTllNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDkBmBOxVb7rnTwVetS60VZQtw113LthYfkdsp9rQPVvC0/xKHXiXxwLtdHih3l u/u7SqMIdRrovVKQamCnuZI6gbkwD0jWYyK/5/1rt/kw6R3PzpmirjL4kkqehL5t x/LHoQ0VkeT1mjXsm+PtDqCpCor5ZM0c8EB+XNHbZN5AZIqxoVSpTL6GULvNjFWz xJs4LMIujlvt6SYVrATNx925XXk6QfJ17wJLFptPgFAMJTLrqRkSvv1Wrcw6YvYJ JAvNn/BNZa6V2JtND0DHtZNrcHp6GphdL/Lc5A/6M+jzUqPFxRgAOOVY88vTmgL2 L/7HqRoro81ulSV1TC89fgNdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUwaGDM5k/ LNBXAsSALnLs5AzDeHowHwYDVR0jBBgwFoAU2fpCBt8OmUfNUB39UlsuRmlv1EIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFENDBCLzQ2MjZCQjFBOEUw ODExRUU5QzlERTQ2MUM0RjlBRTAyLzJmcENCdDhPbVVmTlVCMzlVbHN1Um1sdjFF SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMmZwQ0J0OE9tVWZOVUIzOVVsc3VSbWx2MUVJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE NDBCLzQ2MjZCQjFBOEUwODExRUU5QzlERTQ2MUM0RjlBRTAyLzJmcENCdDhPbVVm TlVCMzlVbHN1Um1sdjFFSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGmarbB24+7JvPzNtPrz+rLmNrbT4VmhSdG4nIVyxWyzOEgqCn8phjfA BJCmAvgftEHuBGQJd6wSwop2GYqZu53OL7WE8fvw/BdRLSv2Wj8YTpWRsPRIMBJx b07Z/teffYKW8LrVaAIgGdereRv4bQ0GxUpOFCYQqkLECcbBcKq3Dic1x0Waq8uM 1jW+HdftIuNY+S+oEj4UM4Tp4yBgDtZOSe/4Vn8gHveIAk46fz/+A7c2rM522DP1 59ar//jzsR1g7WoYCot7J+J31w3bRSNzZ4Ki5F0As6a1YymRRyYbT5iBBLLvOO3W nSWbNYHZyg+V/44JMjn7H6R0ME6Y0Zc= -----END CERTIFICATE-----Generated at Fri May 17 08:52:45 2024 by rpki-client on console-ams.rpki-client.org