$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: WJq3zcL87VITEzNQmSp7EbOENn3UJ/NkEYG/4E/uQiQ= Subject key identifier: 35:D3:1A:20:CC:4B:A5:8D:A2:D0:DF:FB:2A:4C:ED:4D:AB:3E:36:2E Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 010A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 0108 Signing time: Sat 27 Apr 2024 05:19:14 +0000 Manifest this update: Sat 27 Apr 2024 05:19:14 +0000 Manifest next update: Sat 04 May 2024 05:19:14 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: aheeYOqCN3MmTqwaHKyVijTyY1ORnjX5dbYcgaOAEfs=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: YUVp3qWVkxU1C4l/jL7nJncbv6O1MZagBu3nKdafcnE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 03:36:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 266 (0x10a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Apr 27 05:19:14 2024 GMT Not After : May 4 05:19:14 2024 GMT Subject: CN=662c8ad2-f9ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:2e:9a:61:16:6d:cb:cf:75:f1:66:53:2b:1f: ff:01:f1:3e:df:10:4c:78:a5:54:25:82:67:41:f6: d1:f8:cb:81:43:09:4a:c7:8a:5a:f9:9c:03:f1:ae: 8f:cb:36:99:c9:38:38:76:82:f0:a0:c7:93:96:f1: eb:5e:ed:27:bd:3c:9f:35:42:1c:9a:2f:4b:b2:7c: c6:d0:33:35:15:3c:cf:6e:98:8d:ac:40:d2:21:cd: dc:39:3b:10:d7:ec:d4:d4:80:3f:53:84:0e:f2:bb: 83:9f:f9:d5:f6:7a:74:61:dd:f8:0a:dd:56:9d:fd: 13:7b:9b:dc:0d:5c:d7:b1:27:f9:81:80:17:f5:aa: d2:fa:e3:e6:fb:ac:c0:82:dc:a4:4a:32:de:39:12: b0:b4:14:99:c7:a2:9a:68:59:b8:39:41:85:d2:d2: d4:a7:75:30:b8:f8:cd:ba:b9:8d:65:c0:ba:fa:b8: 9a:8e:f5:8b:bd:74:8d:c5:be:41:f4:53:0a:40:40: bd:27:ad:74:ef:0a:35:36:6a:3d:62:0e:97:45:98: 89:dd:d7:ae:06:00:85:2f:c3:f5:48:6b:2e:ee:e1: 12:2c:6f:99:03:08:d1:98:b8:c2:c5:4b:cc:21:cc: e5:36:52:d1:52:83:84:5f:d3:6e:ed:e3:e8:b9:1f: aa:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D3:1A:20:CC:4B:A5:8D:A2:D0:DF:FB:2A:4C:ED:4D:AB:3E:36:2E X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:12:d6:e9:fb:7b:8b:a4:8c:d5:2f:e7:b4:2e:9e:92:58:74: dd:1c:9f:9e:2a:c2:9d:ac:05:01:ac:15:4d:58:bf:62:a1:8d: da:41:7f:3d:8b:07:23:92:a3:ac:9d:eb:96:25:aa:40:3c:5e: 73:d9:32:21:af:a6:7b:47:93:d0:f3:dd:c0:3c:13:38:de:ac: 03:04:ec:04:bf:73:a6:75:f5:c3:de:31:f6:b5:53:9f:b2:b0: 30:46:d3:f6:59:14:7f:a1:75:40:fe:ad:50:fa:11:9f:29:62: 6a:d5:5c:b3:72:a5:3d:9e:c3:f4:62:d2:d8:b8:a3:d6:8e:ba: 2b:c0:45:92:22:31:fa:f5:93:81:4f:f3:0b:79:c0:10:79:8d: 67:63:2f:39:32:a7:b5:27:72:b3:e0:d3:c5:6b:9f:14:fb:fb: c9:5c:78:90:3d:80:eb:54:79:99:e2:e7:3d:85:86:41:b4:3c: aa:64:4a:55:b0:0b:01:d1:64:db:f1:db:af:7a:a1:24:9c:e2: 86:b6:9e:46:3b:cf:0d:9f:2d:62:96:e4:43:a7:66:1b:aa:be: 16:6c:51:ab:a4:85:65:d3:df:7f:d2:ed:3a:6e:da:fa:f4:0e: cd:07:c3:f0:23:81:47:a8:1e:fb:69:8a:55:03:79:1e:be:b3: 4a:07:de:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjQwNDI3MDUxOTE0WhcNMjQwNTA0MDUxOTE0WjAYMRYwFAYD VQQDEw02NjJjOGFkMi1mOWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9y6aYRZty8918WZTKx//AfE+3xBMeKVUJYJnQfbR+MuBQwlKx4pa+ZwD8a6P yzaZyTg4doLwoMeTlvHrXu0nvTyfNUIcmi9LsnzG0DM1FTzPbpiNrEDSIc3cOTsQ 1+zU1IA/U4QO8ruDn/nV9np0Yd34Ct1Wnf0Te5vcDVzXsSf5gYAX9arS+uPm+6zA gtykSjLeORKwtBSZx6KaaFm4OUGF0tLUp3UwuPjNurmNZcC6+riajvWLvXSNxb5B 9FMKQEC9J6107wo1Nmo9Yg6XRZiJ3deuBgCFL8P1SGsu7uESLG+ZAwjRmLjCxUvM IczlNlLRUoOEX9Nu7ePouR+qIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDXTGiDM S6WNotDf+ypM7U2rPjYuMB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsEtbp+3uLpIzVL+e0Lp6SWHTdHJ+eKsKdrAUBrBVNWL9ioY3aQX89 iwcjkqOsneuWJapAPF5z2TIhr6Z7R5PQ893APBM43qwDBOwEv3OmdfXD3jH2tVOf srAwRtP2WRR/oXVA/q1Q+hGfKWJq1VyzcqU9nsP0YtLYuKPWjrorwEWSIjH69ZOB T/MLecAQeY1nYy85Mqe1J3Kz4NPFa58U+/vJXHiQPYDrVHmZ4uc9hYZBtDyqZEpV sAsB0WTb8duveqEknOKGtp5GO88Nny1iluRDp2Ybqr4WbFGrpIVl099/0u06btr6 9A7NB8PwI4FHqB77aYpVA3kevrNKB96X -----END CERTIFICATE-----Generated at Sat Apr 27 10:18:37 2024 by rpki-client on console-ams.rpki-client.org