$ rpki-client -vvf rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft File: xem-kywNTgcfsYgsriUoEEdzKVA.mft (raw, json) Hash identifier: vJxUtHdmGDeeZHnnbVgJNK3aLAY1R4xd9/VCtWB0xCc= Subject key identifier: 73:92:49:2C:2B:DE:28:9B:EB:B7:CF:2D:28:7E:3A:EB:06:E7:DB:2A Authority key identifier: C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 Certificate issuer: /CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Certificate serial: 011E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft Manifest number: 011B Signing time: Wed 01 May 2024 05:31:30 +0000 Manifest this update: Wed 01 May 2024 05:31:30 +0000 Manifest next update: Wed 08 May 2024 05:31:30 +0000 Files and hashes: 1: xem-kywNTgcfsYgsriUoEEdzKVA.crl (hash: CUZ0ej1+M+lgzi1rbo6Iw9wPyoRlyz3usiAzgvPuHSE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 05:31:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 286 (0x11e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121AB0/serialNumber=C5E9BE932C0D4E071FB1882CAE25281047732950 Validity Not Before: May 1 05:31:30 2024 GMT Not After : May 8 05:31:30 2024 GMT Subject: CN=6631d3b2-2737 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:cd:42:69:ac:40:b0:75:9b:fd:5d:c2:b6:ec: 1a:5d:f1:75:a9:e5:49:fc:bb:41:1d:76:00:d4:13: f2:72:9d:e6:1e:0f:80:b5:a0:40:39:ea:5a:c2:f8: 8f:f5:ea:5a:98:2e:c6:a7:88:72:03:2d:44:b1:f8: b9:1c:94:08:70:81:b7:21:08:d0:a5:7a:b6:f6:3b: 55:29:43:fd:fa:da:1e:1f:b8:95:7b:3f:f2:bf:27: 85:bb:50:17:5d:1f:22:31:52:d7:a7:b6:a3:14:dc: 41:11:9a:56:dc:9a:36:44:05:71:d4:8a:00:29:4a: 58:44:52:6b:ab:2f:94:92:e8:29:e4:50:56:04:30: 01:1e:12:45:0b:4c:f4:15:14:9b:be:d9:3c:fe:d1: d8:ca:46:39:f7:cc:d1:cf:7d:56:97:64:4c:07:c8: 11:a5:20:d6:62:be:fd:db:14:21:3a:75:01:7c:3a: 44:3f:90:cf:80:a4:5a:6b:fc:c8:04:b1:99:6c:f9: eb:b5:6f:79:7d:bb:46:f4:17:4b:50:0d:df:b4:0f: 1e:85:01:3a:37:67:88:3f:34:90:0a:a9:fb:00:2f: 21:f0:bd:81:f4:18:ba:c9:af:6d:0a:ba:34:e1:65: da:1a:e2:3e:99:18:cf:28:94:96:bf:ee:17:49:df: ce:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:92:49:2C:2B:DE:28:9B:EB:B7:CF:2D:28:7E:3A:EB:06:E7:DB:2A X509v3 Authority Key Identifier: keyid:C5:E9:BE:93:2C:0D:4E:07:1F:B1:88:2C:AE:25:28:10:47:73:29:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xem-kywNTgcfsYgsriUoEEdzKVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121AB0/1FF888325CBE11EDB1F0C04CC4F9AE02/xem-kywNTgcfsYgsriUoEEdzKVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:7a:de:22:31:99:be:a1:6c:df:f0:0d:29:9c:bd:e5:60:03: 04:ea:6f:93:3c:bd:96:ce:cd:c9:00:ab:92:6c:2d:01:36:d5: 00:9e:42:55:e2:c4:a5:3d:77:f7:13:1e:90:b3:94:f6:9f:49: bb:fb:60:a2:5f:3a:e3:81:3b:1c:13:06:c0:2b:0a:8b:0c:8d: b2:6c:7a:2d:5f:47:9d:d0:66:8a:ec:d3:eb:3a:fa:61:0f:72: 99:64:bf:ed:de:ce:47:f3:42:51:c7:0a:19:97:0a:00:75:6f: 55:70:b9:19:35:b7:7e:64:0e:be:79:ed:50:02:18:f5:64:01: 06:a2:f8:e9:d2:95:de:55:1b:35:29:fd:ba:59:19:8d:d7:66: 25:8c:d1:d8:27:46:d2:a9:2c:77:47:15:a9:b6:86:f3:9a:b8: cb:1b:37:5e:26:5f:3b:2e:60:e4:57:75:53:d4:ed:28:5f:85: 95:af:1b:e0:7a:22:4d:01:73:eb:61:ef:e2:63:5c:5f:51:50: 7b:cd:31:b6:e5:58:7c:7a:9c:c9:fb:3f:c5:bc:87:38:d1:97: b0:33:b7:b4:dc:f0:1d:75:26:47:02:1d:b5:6b:07:8f:19:71: 94:5e:24:55:a7:7f:b7:c6:f0:9e:dd:e7:89:c8:cd:c5:31:be: d7:30:c3:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFBQjAxMTAvBgNVBAUTKEM1RTlCRTkzMkMwRDRFMDcxRkIxODgyQ0FFMjUyODEw NDc3MzI5NTAwHhcNMjQwNTAxMDUzMTMwWhcNMjQwNTA4MDUzMTMwWjAYMRYwFAYD VQQDEw02NjMxZDNiMi0yNzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqs1CaaxAsHWb/V3CtuwaXfF1qeVJ/LtBHXYA1BPycp3mHg+AtaBAOepawviP 9epamC7Gp4hyAy1Esfi5HJQIcIG3IQjQpXq29jtVKUP9+toeH7iVez/yvyeFu1AX XR8iMVLXp7ajFNxBEZpW3Jo2RAVx1IoAKUpYRFJrqy+Ukugp5FBWBDABHhJFC0z0 FRSbvtk8/tHYykY598zRz31Wl2RMB8gRpSDWYr792xQhOnUBfDpEP5DPgKRaa/zI BLGZbPnrtW95fbtG9BdLUA3ftA8ehQE6N2eIPzSQCqn7AC8h8L2B9Bi6ya9tCro0 4WXaGuI+mRjPKJSWv+4XSd/O8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHOSSSwr 3iib67fPLSh+OusG59sqMB8GA1UdIwQYMBaAFMXpvpMsDU4HH7GILK4lKBBHcylQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUFCMC8xRkY4ODgzMjVD QkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRnY2ZzWWdzcmlVb0VFZHpL VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hlbS1reXdOVGdjZnNZZ3NyaVVvRUVkektWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUFCMC8xRkY4ODgzMjVDQkUxMUVEQjFGMEMwNENDNEY5QUUwMi94ZW0ta3l3TlRn Y2ZzWWdzcmlVb0VFZHpLVkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaet4iMZm+oWzf8A0pnL3lYAME6m+TPL2Wzs3JAKuSbC0BNtUAnkJV 4sSlPXf3Ex6Qs5T2n0m7+2CiXzrjgTscEwbAKwqLDI2ybHotX0ed0GaK7NPrOvph D3KZZL/t3s5H80JRxwoZlwoAdW9VcLkZNbd+ZA6+ee1QAhj1ZAEGovjp0pXeVRs1 Kf26WRmN12YljNHYJ0bSqSx3RxWptobzmrjLGzdeJl87LmDkV3VT1O0oX4WVrxvg eiJNAXPrYe/iY1xfUVB7zTG25Vh8epzJ+z/FvIc40ZewM7e03PAddSZHAh21aweP GXGUXiRVp3+3xvCe3eeJyM3FMb7XMMN0 -----END CERTIFICATE-----Generated at Wed May 1 07:06:27 2024 by rpki-client on console-fra.rpki-client.org