$ rpki-client -vvf rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft File: kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft (raw, json) Hash identifier: MTmV1IdpgmjFlFunrYxtbAPv1XaCOTPjpXhckv/WgHI= Subject key identifier: 32:B1:B8:93:A6:2D:55:60:87:82:71:10:5D:13:FB:10:21:92:D9:4B Authority key identifier: 92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E Certificate issuer: /CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E Certificate serial: 0F20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft Manifest number: 0F17 Signing time: Sat 04 May 2024 18:23:50 +0000 Manifest this update: Sat 04 May 2024 18:23:49 +0000 Manifest next update: Sat 11 May 2024 18:23:49 +0000 Files and hashes: 1: kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl (hash: 6t/90pFT6kOIoc3K+QIPeJurkNIoOgIhIPSFib8SVSY=) 2: F2C7080CE17A11EC93AB7473C4F9AE02.roa (hash: KvvXirGmpNbakU8jRB5OxRFl89B42Djc6V4QUESAtrg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:23:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3872 (0xf20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E Validity Not Before: May 4 18:23:49 2024 GMT Not After : May 11 18:23:49 2024 GMT Subject: CN=66367d35-a6fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:0e:52:7a:f9:09:15:6e:72:f0:f8:05:09:b8: 5b:05:be:8c:eb:87:a9:95:58:3e:4c:23:1f:29:70: ec:27:bd:3d:96:14:2e:bb:b5:2a:e3:48:4f:26:f6: a9:eb:8b:33:26:f9:ca:ee:30:f1:1e:40:1b:a5:f8: 04:05:17:18:9b:b8:ec:59:7f:c0:9c:7d:4e:e3:3e: d9:77:00:bf:2f:99:b7:e4:c4:46:c8:fa:8e:70:34: 4a:85:38:2f:7b:ea:bf:77:88:7a:e8:f2:7c:13:50: 16:83:e0:a8:1a:91:32:50:3e:12:20:f8:b6:38:43: c1:aa:64:c4:94:8a:8a:98:e2:e7:c2:ce:c0:47:93: 8d:8f:92:58:46:46:e2:0d:b6:c7:68:5f:df:23:22: 1f:1b:ce:1a:7a:8e:66:47:f5:1d:ac:27:6a:dd:12: 1d:8c:39:a4:19:f7:71:43:ed:c9:12:93:34:db:54: 54:4a:8c:14:4a:24:17:f1:a1:c2:9b:13:c3:d7:d9: 8a:b6:69:5a:8a:c1:4e:4a:6e:b0:fd:e8:15:5e:16: f8:8d:95:4f:79:76:07:a2:1f:c5:cc:0a:ff:5a:d0: 92:bc:d6:2f:e8:7a:d1:c2:64:51:2c:72:16:27:43: 23:d9:61:ff:a9:e0:fa:a7:e6:da:63:6a:ed:ab:ec: bd:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B1:B8:93:A6:2D:55:60:87:82:71:10:5D:13:FB:10:21:92:D9:4B X509v3 Authority Key Identifier: keyid:92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:e7:b9:90:c7:04:0f:e5:e4:68:e3:96:94:33:24:87:17:e8: 31:0a:15:91:df:42:b3:35:b6:c6:c4:5d:6e:ab:6f:06:40:b3: 97:42:ff:38:41:6b:a8:ce:bc:a5:f6:4d:32:3d:f6:ee:6d:59: fa:33:08:5c:a4:ef:ff:37:6c:24:92:07:d9:3c:6a:b7:56:7c: f7:28:f3:6f:d1:43:30:42:53:94:00:18:77:78:5d:a9:71:e0: e0:ac:33:c7:72:f3:c7:22:ee:a8:40:08:f8:f5:06:71:13:a3: e3:ee:f8:5f:c5:a7:3a:97:02:0c:f8:d8:57:71:18:5e:d4:ad: 0a:12:35:81:a1:e6:26:98:34:30:00:d6:34:c7:b0:a6:e7:9e: aa:69:da:aa:c6:fa:07:92:7f:0d:9d:b9:1f:9e:58:4e:54:89: d6:33:12:24:28:54:e7:59:da:0a:05:eb:f4:d5:25:a1:ef:27: 6d:af:fe:bd:cf:a8:c7:f7:0a:75:3e:2d:b7:08:cc:34:42:ea: ba:04:fc:1e:9d:da:24:9a:72:f1:a7:9a:6f:71:53:81:49:30: 7e:91:aa:3a:c6:95:d5:2b:15:66:96:ce:6a:ee:ee:c9:c3:32: 3b:73:c4:ad:b6:7e:fc:78:68:49:82:1b:8e:51:9e:25:d9:75: 0e:82:72:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ1RjExMTAvBgNVBAUTKDkyRTg0OEU3MUY3MDA4RENDNzc3QjhFMjNGNzNEQTky NzhDOUE1MEUwHhcNMjQwNTA0MTgyMzQ5WhcNMjQwNTExMTgyMzQ5WjAYMRYwFAYD VQQDEw02NjM2N2QzNS1hNmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApw5SevkJFW5y8PgFCbhbBb6M64eplVg+TCMfKXDsJ709lhQuu7Uq40hPJvap 64szJvnK7jDxHkAbpfgEBRcYm7jsWX/AnH1O4z7ZdwC/L5m35MRGyPqOcDRKhTgv e+q/d4h66PJ8E1AWg+CoGpEyUD4SIPi2OEPBqmTElIqKmOLnws7AR5ONj5JYRkbi DbbHaF/fIyIfG84aeo5mR/UdrCdq3RIdjDmkGfdxQ+3JEpM021RUSowUSiQX8aHC mxPD19mKtmlaisFOSm6w/egVXhb4jZVPeXYHoh/FzAr/WtCSvNYv6HrRwmRRLHIW J0Mj2WH/qeD6p+baY2rtq+y9oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKxuJOm LVVgh4JxEF0T+xAhktlLMB8GA1UdIwQYMBaAFJLoSOcfcAjcx3e44j9z2pJ4yaUO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDVGMS9BOTVFNkMwMjUw NjIxMUU5QkZDQjRDODdDNEY5QUUwMi9rdWhJNXg5d0NOekhkN2ppUDNQYWtuakpw UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t1aEk1eDl3Q056SGQ3amlQM1Bha25qSnBRNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDVGMS9BOTVFNkMwMjUwNjIxMUU5QkZDQjRDODdDNEY5QUUwMi9rdWhJNXg5d0NO ekhkN2ppUDNQYWtuakpwUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCh57mQxwQP5eRo45aUMySHF+gxChWR30KzNbbGxF1uq28GQLOXQv84 QWuozryl9k0yPfbubVn6MwhcpO//N2wkkgfZPGq3Vnz3KPNv0UMwQlOUABh3eF2p ceDgrDPHcvPHIu6oQAj49QZxE6Pj7vhfxac6lwIM+NhXcRhe1K0KEjWBoeYmmDQw ANY0x7Cm556qadqqxvoHkn8NnbkfnlhOVInWMxIkKFTnWdoKBev01SWh7ydtr/69 z6jH9wp1Pi23CMw0Quq6BPwendokmnLxp5pvcVOBSTB+kao6xpXVKxVmls5q7u7J wzI7c8Sttn78eGhJghuOUZ4l2XUOgnJo -----END CERTIFICATE-----Generated at Sat May 4 19:58:36 2024 by rpki-client on console-ams.rpki-client.org