$ rpki-client -vvf rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft File: RiOppNLqhemPtaEaDSywgDiHjw8.mft (raw, json) Hash identifier: 5GtmZODcafzu+ejKHqZOYbouQA9zy+X6yhx2GqsQaKI= Subject key identifier: F4:E2:BD:B1:72:4C:07:00:83:36:B1:21:5B:1D:A8:2E:CE:44:6B:D4 Authority key identifier: 46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F Certificate issuer: /CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Certificate serial: 0B0A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft Manifest number: 0B05 Signing time: Sat 04 May 2024 20:05:30 +0000 Manifest this update: Sat 04 May 2024 20:05:29 +0000 Manifest next update: Sat 11 May 2024 20:05:29 +0000 Files and hashes: 1: RiOppNLqhemPtaEaDSywgDiHjw8.crl (hash: Gu3bK6ht3N7fecENFv3uppXJu0oV4uynD1JrW4lJfRs=) 2: 75E6DD481BDA11EAB3F45D44C4F9AE02.roa (hash: Xtv6Y9TIp58J/Deaopnkugbsn8m8i/vuYl6S4nR1F6A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 14:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2826 (0xb0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128DE9/serialNumber=4623A9A4D2EA85E98FB5A11A0D2CB08038878F0F Validity Not Before: May 4 20:05:29 2024 GMT Not After : May 11 20:05:29 2024 GMT Subject: CN=66369509-71ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6c:be:d4:3d:2a:78:92:2b:ea:80:4a:e3:ec: e7:2f:28:18:72:d7:94:c1:ee:6b:1d:20:87:ba:13: 85:e6:d1:29:fe:aa:cf:b9:7c:99:b3:57:c1:05:9a: 8c:bf:fa:ef:f0:98:3d:07:0d:b4:ec:9e:4d:2a:4e: 41:70:ea:23:1d:d1:60:93:c9:76:67:08:ce:7b:14: 0d:97:3b:73:eb:de:9c:cb:a2:9b:5d:b2:c1:15:fd: 80:c0:b8:b2:47:6e:be:05:3e:8c:5e:27:38:9e:0c: 15:73:f1:3e:e7:c0:a6:20:cf:e8:9d:f3:e4:6f:3a: bd:d2:dc:46:ed:91:0a:c7:3c:35:35:09:28:76:f5: 77:a5:35:cf:07:ba:74:c6:9f:0c:e8:b5:79:aa:72: e7:c1:b8:44:9b:e3:98:9d:1a:f4:19:8e:ba:dd:b7: ff:e6:24:ce:d1:a8:d4:00:d1:c7:7d:d3:87:53:19: 9a:44:1c:53:39:9c:2a:4d:5c:08:14:c3:bc:bd:de: 47:25:ce:5c:ee:bd:eb:e7:01:8a:d2:e0:db:35:72: dd:b1:1c:42:4b:43:7c:3e:c4:20:5f:ab:8a:6f:cd: de:71:81:c0:60:e5:bf:5e:5e:4c:a4:f3:81:5e:0f: 4b:8b:2f:c4:a7:22:82:af:d2:78:b8:5d:55:f3:07: 13:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:E2:BD:B1:72:4C:07:00:83:36:B1:21:5B:1D:A8:2E:CE:44:6B:D4 X509v3 Authority Key Identifier: keyid:46:23:A9:A4:D2:EA:85:E9:8F:B5:A1:1A:0D:2C:B0:80:38:87:8F:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RiOppNLqhemPtaEaDSywgDiHjw8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128DE9/D0049F861BD511EA80CBCF36C4F9AE02/RiOppNLqhemPtaEaDSywgDiHjw8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:17:0d:ef:a4:c9:5e:f7:6d:a1:0d:8f:28:08:8f:d2:0a:c6: 89:f6:5c:d8:03:9d:00:c2:41:d4:b5:8b:a9:99:f7:42:1b:35: 79:4e:4f:cc:bc:98:0f:8d:42:e8:c3:d8:89:43:6b:f7:b6:9f: c2:3e:1b:ff:11:76:75:b8:5d:31:02:a1:76:d9:85:97:3f:54: 37:29:aa:fc:fb:10:cb:c9:48:22:7b:6b:20:a8:6d:73:6e:8b: e4:3d:e0:be:55:d8:c3:fe:9c:73:64:cf:bc:06:5b:a1:04:08: 01:07:d4:fc:3d:7c:25:a5:0a:16:50:8f:cb:14:3c:38:6b:52: ed:1f:51:5b:64:93:09:d9:99:55:b7:44:de:e8:ff:c1:b1:53: e3:78:f6:1b:0c:4b:21:0b:dc:79:9c:97:96:86:fa:c8:d6:fd: a6:50:47:cb:c3:d8:46:0b:7e:4f:96:5e:6d:c3:b8:37:5a:0f: 65:0a:bd:de:42:93:df:44:6d:38:c6:ae:f0:db:79:f9:e7:48: b1:bb:5b:1d:14:8e:d5:f6:0a:a4:51:0b:62:04:11:d1:3c:7b: 8b:f7:2c:3f:c5:a0:85:f7:97:ad:dc:e4:7f:bd:9c:67:fa:e7: cc:28:9a:dd:f5:90:4d:ed:1c:fd:50:54:6c:bb:1d:34:53:83: 4b:e1:53:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhERTkxMTAvBgNVBAUTKDQ2MjNBOUE0RDJFQTg1RTk4RkI1QTExQTBEMkNCMDgw Mzg4NzhGMEYwHhcNMjQwNTA0MjAwNTI5WhcNMjQwNTExMjAwNTI5WjAYMRYwFAYD VQQDEw02NjM2OTUwOS03MWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy2y+1D0qeJIr6oBK4+znLygYcteUwe5rHSCHuhOF5tEp/qrPuXyZs1fBBZqM v/rv8Jg9Bw207J5NKk5BcOojHdFgk8l2ZwjOexQNlztz696cy6KbXbLBFf2AwLiy R26+BT6MXic4ngwVc/E+58CmIM/onfPkbzq90txG7ZEKxzw1NQkodvV3pTXPB7p0 xp8M6LV5qnLnwbhEm+OYnRr0GY663bf/5iTO0ajUANHHfdOHUxmaRBxTOZwqTVwI FMO8vd5HJc5c7r3r5wGK0uDbNXLdsRxCS0N8PsQgX6uKb83ecYHAYOW/Xl5MpPOB Xg9Liy/EpyKCr9J4uF1V8wcTTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPTivbFy TAcAgzaxIVsdqC7ORGvUMB8GA1UdIwQYMBaAFEYjqaTS6oXpj7WhGg0ssIA4h48P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOERFOS9EMDA0OUY4NjFC RDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhlbVB0YUVhRFN5d2dEaUhq dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JpT3BwTkxxaGVtUHRhRWFEU3l3Z0RpSGp3OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OERFOS9EMDA0OUY4NjFCRDUxMUVBODBDQkNGMzZDNEY5QUUwMi9SaU9wcE5McWhl bVB0YUVhRFN5d2dEaUhqdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjFw3vpMle922hDY8oCI/SCsaJ9lzYA50AwkHUtYupmfdCGzV5Tk/M vJgPjULow9iJQ2v3tp/CPhv/EXZ1uF0xAqF22YWXP1Q3Kar8+xDLyUgie2sgqG1z bovkPeC+VdjD/pxzZM+8BluhBAgBB9T8PXwlpQoWUI/LFDw4a1LtH1FbZJMJ2ZlV t0Te6P/BsVPjePYbDEshC9x5nJeWhvrI1v2mUEfLw9hGC35Pll5tw7g3Wg9lCr3e QpPfRG04xq7w23n550ixu1sdFI7V9gqkUQtiBBHRPHuL9yw/xaCF95et3OR/vZxn +ufMKJrd9ZBN7Rz9UFRsux00U4NL4VNh -----END CERTIFICATE-----Generated at Sat May 4 21:19:27 2024 by rpki-client on console-ams.rpki-client.org