$ rpki-client -vvf rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft File: lFmgev60b3mSRf7CNW08usm-2Ig.mft (raw, json) Hash identifier: 9JYRwgESrkoSPVkDbYPqZgTdo8t5ZZ8WUMXE6GtRXUM= Subject key identifier: A6:CE:C3:88:90:C3:82:F1:BF:C0:0E:E8:6F:C3:FE:AF:7D:45:50:C1 Authority key identifier: 94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88 Certificate issuer: /CN=A912EE4D/serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888 Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft Manifest number: 5B Signing time: Wed 15 May 2024 07:51:37 +0000 Manifest this update: Wed 15 May 2024 07:51:36 +0000 Manifest next update: Wed 22 May 2024 07:51:36 +0000 Files and hashes: 1: lFmgev60b3mSRf7CNW08usm-2Ig.crl (hash: 0eKoIosvUQSVdjMUrZyDOEO1uU2XABcWSGItsZFQAiE=) 2: 81A901FA8A0411EEA251F746C4F9AE02.roa (hash: LQjpde7ZOitEWCJ8Fyab2NYRAI50nPTcOZ5B3mS/eu8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 07:51:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912EE4D/serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888 Validity Not Before: May 15 07:51:36 2024 GMT Not After : May 22 07:51:36 2024 GMT Subject: CN=66446988-f38d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:9b:7f:17:e9:30:d1:95:e1:fb:7f:ee:e0:cc: 54:87:20:a0:d3:43:03:f7:63:de:e0:1a:f1:38:07: 78:b8:d9:b5:15:33:fc:30:fe:6d:ae:9b:fb:6d:95: 49:e7:2f:81:0a:dc:9e:17:fe:6e:a1:97:40:f1:f0: 1a:70:a5:75:04:55:61:13:93:22:b4:e2:6e:6a:3d: 7d:ff:f0:b7:75:a5:1c:14:26:a2:13:76:e1:41:0e: 6e:2d:77:50:8f:a0:ed:52:59:eb:69:1f:ef:61:4a: 04:f0:2a:54:17:a7:ae:e7:15:6c:df:d2:37:15:78: 56:62:cd:22:83:a4:00:f3:25:a5:fd:15:d3:53:d1: 7e:03:2a:21:fb:21:e6:18:71:2b:72:5f:f6:13:f5: d5:99:15:4c:ed:f5:a6:a1:14:e6:28:9f:ba:6e:7a: 8c:d5:6f:f0:a8:b6:86:8c:e5:7e:8f:e4:b5:c2:0a: a4:e4:67:96:67:f6:c5:3c:58:e3:9f:b7:63:3f:7e: d8:99:5a:ff:20:a9:2a:5e:a7:12:1d:81:62:51:a0: 02:b2:ca:61:23:68:87:5a:fb:37:ed:96:40:f7:4f: 15:f3:59:36:a4:10:33:b7:6d:e0:21:c0:09:dd:9a: 8e:cf:43:90:5e:92:d7:64:e5:43:b6:57:77:cc:be: 98:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:CE:C3:88:90:C3:82:F1:BF:C0:0E:E8:6F:C3:FE:AF:7D:45:50:C1 X509v3 Authority Key Identifier: keyid:94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:70:ae:eb:1b:96:4c:5e:1e:b8:81:d3:74:b8:f6:8a:08:81: a6:89:1f:98:8f:86:94:28:7d:1a:de:27:f3:8e:41:32:3c:ee: ad:5f:c7:35:f2:ce:3f:33:c6:c8:be:1e:04:fa:7f:22:17:ad: 39:21:2d:d6:88:ab:e3:5b:3e:eb:74:06:26:d3:a4:40:b4:f0: 4d:9e:d1:cc:3c:73:d4:94:5e:90:1b:79:5b:6b:50:11:41:14: 46:f6:7e:4e:e8:5b:fc:0f:9b:f4:b1:af:e8:42:85:88:c7:f4: 57:38:8c:1a:e4:06:a5:4c:b6:ff:c4:77:fc:07:64:ad:89:e9: 5b:af:f9:6d:5e:ff:dc:64:61:4a:0e:d3:98:72:f4:f6:03:87: 8e:d7:a6:c2:26:b5:fd:08:a9:67:52:a6:dc:1f:85:60:80:6e: a3:03:7b:56:19:a9:88:f7:cf:eb:cb:04:2c:c4:24:42:ab:7b: 6c:a0:f1:9c:c8:93:d7:ba:64:f2:08:00:62:68:76:30:70:9d: e4:65:fe:0b:72:27:84:f2:70:2f:0c:cc:c2:c7:d2:6b:02:e9: a2:15:e1:d1:a0:cc:32:5d:f5:37:fb:2d:90:33:8e:6b:cb:ac: 91:7d:50:52:83:13:54:7c:61:53:1a:bb:d6:76:3e:26:a0:55: 6d:96:9b:5f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RUU0RDExMC8GA1UEBRMoOTQ1OUEwN0FGRUI0NkY3OTkyNDVGRUMyMzU2RDNDQkFD OUJFRDg4ODAeFw0yNDA1MTUwNzUxMzZaFw0yNDA1MjIwNzUxMzZaMBgxFjAUBgNV BAMTDTY2NDQ2OTg4LWYzOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnm38X6TDRleH7f+7gzFSHIKDTQwP3Y97gGvE4B3i42bUVM/ww/m2um/ttlUnn L4EK3J4X/m6hl0Dx8BpwpXUEVWETkyK04m5qPX3/8Ld1pRwUJqITduFBDm4td1CP oO1SWetpH+9hSgTwKlQXp67nFWzf0jcVeFZizSKDpADzJaX9FdNT0X4DKiH7IeYY cStyX/YT9dWZFUzt9aahFOYon7pueozVb/CotoaM5X6P5LXCCqTkZ5Zn9sU8WOOf t2M/ftiZWv8gqSpepxIdgWJRoAKyymEjaIda+zftlkD3TxXzWTakEDO3beAhwAnd mo7PQ5Bektdk5UO2V3fMvpjFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUps7DiJDD gvG/wA7ob8P+r31FUMEwHwYDVR0jBBgwFoAUlFmgev60b3mSRf7CNW08usm+2Igw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFRTRELzUyM0ZEQTgwOEEw MjExRUVCMjg5MDMyQ0M0RjlBRTAyL2xGbWdldjYwYjNtU1JmN0NOVzA4dXNtLTJJ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbEZtZ2V2NjBiM21TUmY3Q05XMDh1c20tMklnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF RTRELzUyM0ZEQTgwOEEwMjExRUVCMjg5MDMyQ0M0RjlBRTAyL2xGbWdldjYwYjNt U1JmN0NOVzA4dXNtLTJJZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGhwrusblkxeHriB03S49ooIgaaJH5iPhpQofRreJ/OOQTI87q1fxzXy zj8zxsi+HgT6fyIXrTkhLdaIq+NbPut0BibTpEC08E2e0cw8c9SUXpAbeVtrUBFB FEb2fk7oW/wPm/Sxr+hChYjH9Fc4jBrkBqVMtv/Ed/wHZK2J6Vuv+W1e/9xkYUoO 05hy9PYDh47XpsImtf0IqWdSptwfhWCAbqMDe1YZqYj3z+vLBCzEJEKre2yg8ZzI k9e6ZPIIAGJodjBwneRl/gtyJ4TycC8MzMLH0msC6aIV4dGgzDJd9Tf7LZAzjmvL rJF9UFKDE1R8YVMau9Z2PiagVW2Wm18= -----END CERTIFICATE-----Generated at Wed May 15 09:27:29 2024 by rpki-client on console-fra.rpki-client.org