$ rpki-client -vvf rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft File: 2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft (raw, json) Hash identifier: 7zwq9s1Qy5+0j/+uQAemSHKgAQQMPwKEPvnFtqYbpi8= Subject key identifier: C3:9B:F4:42:AD:B4:04:9D:F9:6E:28:DB:9A:3E:D8:66:B6:1C:86:A9 Authority key identifier: DA:60:4C:FD:B2:73:0A:8D:E7:25:FC:74:AB:0F:C6:3E:05:58:E5:DC Certificate issuer: /CN=A9127A9B/serialNumber=DA604CFDB2730A8DE725FC74AB0FC63E0558E5DC Certificate serial: 33BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft Manifest number: 33BA Signing time: Thu 02 May 2024 14:56:56 +0000 Manifest this update: Thu 02 May 2024 14:56:55 +0000 Manifest next update: Thu 09 May 2024 14:56:55 +0000 Files and hashes: 1: 2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl (hash: 9eYjDvKPfwt4THpOaiSdh/y0v8qdcgP063V62g5Smzs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 14:56:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13242 (0x33ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127A9B/serialNumber=DA604CFDB2730A8DE725FC74AB0FC63E0558E5DC Validity Not Before: May 2 14:56:55 2024 GMT Not After : May 9 14:56:55 2024 GMT Subject: CN=6633a9b8-bb7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:48:f2:c5:bd:b0:44:d4:ff:a6:18:cb:48:a7: 36:2b:1a:83:48:9e:24:d5:e4:05:26:b0:a6:dc:9f: e8:8b:1e:5b:7e:ac:6a:68:e3:d3:62:9e:e7:55:0c: f8:aa:38:4f:1e:26:87:74:dd:62:c3:61:88:55:74: 32:eb:b9:10:6a:6f:de:a1:4f:be:e2:96:db:06:c8: 25:58:b3:7b:d0:88:50:e5:c4:16:1b:ed:1f:bc:2b: 51:d6:38:e8:17:2e:e9:a7:8c:b5:cc:06:0a:fd:5e: fe:b8:9e:b4:3c:22:16:a3:8b:a7:a1:f1:ea:25:27: ec:1d:2f:12:a8:26:17:f3:8a:d5:5d:2c:87:c8:5e: 9b:f3:a1:ff:1f:31:29:a2:f9:99:e6:3b:18:85:1b: d0:63:15:3c:06:b0:97:d8:3d:b5:b4:3b:89:eb:fb: c4:27:ee:c1:71:7d:2d:84:cb:c7:9b:c0:70:b1:6b: 14:18:a1:92:43:4a:50:b5:8b:0b:f2:5c:a1:0d:6a: f1:d2:7d:2f:96:85:d3:24:cb:6a:12:a0:8c:af:f6: 0e:ab:8a:c6:be:c7:b2:12:df:f6:9d:bd:9c:4a:07: 95:88:5a:48:9b:73:38:bf:95:61:d3:2a:e1:fb:10: e7:02:7f:d4:15:60:1d:e5:94:43:5f:1d:dd:2d:99: 1d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:9B:F4:42:AD:B4:04:9D:F9:6E:28:DB:9A:3E:D8:66:B6:1C:86:A9 X509v3 Authority Key Identifier: keyid:DA:60:4C:FD:B2:73:0A:8D:E7:25:FC:74:AB:0F:C6:3E:05:58:E5:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127A9B/FC058E561D9511E2B1A0467E08B02CD2/2mBM_bJzCo3nJfx0qw_GPgVY5dw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:24:14:ad:67:4e:8a:32:93:11:2e:d6:49:18:92:67:4c:75: 5a:82:3d:b0:1f:9a:28:ab:a7:dd:92:60:03:08:a0:a0:31:0e: a1:f5:f9:c7:cc:54:64:4e:1e:9e:76:b5:4e:02:d4:a3:d1:8d: e8:10:af:b3:f6:34:a8:7d:9a:8f:3f:b5:d9:5a:b0:2a:08:fc: 60:ad:68:32:4c:87:1c:44:84:20:fa:7f:45:b7:d8:c8:51:14: bb:67:cd:62:f5:75:9d:8e:a9:59:30:04:1e:b5:eb:08:55:2a: 5e:56:c6:f3:b8:a6:a0:de:5c:7a:11:29:b1:44:41:6a:ff:ac: d7:2d:cc:18:2e:e5:74:dc:3b:2c:bd:b6:57:b3:c0:d4:29:30: 12:51:f2:4f:6c:02:97:e6:13:21:06:db:98:55:17:2d:27:30: 69:3a:25:24:cc:42:06:f3:d9:ff:ac:cf:cb:b3:1f:ca:5c:e5: ab:bd:bb:1c:f7:6d:90:8a:34:13:c7:86:50:60:9c:2f:c7:d1: 74:ef:a7:d3:f1:71:c9:3b:75:3e:9e:d1:76:f4:a9:3c:5a:96: 03:5c:ef:39:97:5a:3f:0e:a3:b4:2a:2b:60:0f:a4:66:a8:51: fa:1f:59:2a:ec:a9:67:f0:ae:25:a9:0a:8d:48:76:71:68:05: ff:56:ba:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjdBOUIxMTAvBgNVBAUTKERBNjA0Q0ZEQjI3MzBBOERFNzI1RkM3NEFCMEZDNjNF MDU1OEU1REMwHhcNMjQwNTAyMTQ1NjU1WhcNMjQwNTA5MTQ1NjU1WjAYMRYwFAYD VQQDEw02NjMzYTliOC1iYjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsEjyxb2wRNT/phjLSKc2KxqDSJ4k1eQFJrCm3J/oix5bfqxqaOPTYp7nVQz4 qjhPHiaHdN1iw2GIVXQy67kQam/eoU++4pbbBsglWLN70IhQ5cQWG+0fvCtR1jjo Fy7pp4y1zAYK/V7+uJ60PCIWo4unofHqJSfsHS8SqCYX84rVXSyHyF6b86H/HzEp ovmZ5jsYhRvQYxU8BrCX2D21tDuJ6/vEJ+7BcX0thMvHm8BwsWsUGKGSQ0pQtYsL 8lyhDWrx0n0vloXTJMtqEqCMr/YOq4rGvseyEt/2nb2cSgeViFpIm3M4v5Vh0yrh +xDnAn/UFWAd5ZRDXx3dLZkdswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOb9EKt tASd+W4o25o+2Ga2HIapMB8GA1UdIwQYMBaAFNpgTP2ycwqN5yX8dKsPxj4FWOXc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyN0E5Qi9GQzA1OEU1NjFE OTUxMUUyQjFBMDQ2N0UwOEIwMkNEMi8ybUJNX2JKekNvM25KZngwcXdfR1BnVlk1 ZHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJtQk1fYkp6Q28zbkpmeDBxd19HUGdWWTVkdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy N0E5Qi9GQzA1OEU1NjFEOTUxMUUyQjFBMDQ2N0UwOEIwMkNEMi8ybUJNX2JKekNv M25KZngwcXdfR1BnVlk1ZHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRJBStZ06KMpMRLtZJGJJnTHVagj2wH5ooq6fdkmADCKCgMQ6h9fnH zFRkTh6edrVOAtSj0Y3oEK+z9jSofZqPP7XZWrAqCPxgrWgyTIccRIQg+n9Ft9jI URS7Z81i9XWdjqlZMAQetesIVSpeVsbzuKag3lx6ESmxREFq/6zXLcwYLuV03Dss vbZXs8DUKTASUfJPbAKX5hMhBtuYVRctJzBpOiUkzEIG89n/rM/Lsx/KXOWrvbsc 922QijQTx4ZQYJwvx9F076fT8XHJO3U+ntF29Kk8WpYDXO85l1o/DqO0KitgD6Rm qFH6H1kq7Kln8K4lqQqNSHZxaAX/Vrrd -----END CERTIFICATE-----Generated at Thu May 2 17:18:26 2024 by rpki-client on console-ams.rpki-client.org