$ rpki-client -vvf rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft File: tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft (raw, json) Hash identifier: k2t68j6tpawsIGoChgCfUWqjVpjQz63m27EbFeQH+ag= Subject key identifier: 85:4D:2C:44:A2:33:EF:DA:94:4A:13:53:FC:47:F5:D2:1E:DE:15:00 Authority key identifier: B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C Certificate issuer: /CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft Manifest number: 38 Signing time: Tue 21 May 2024 08:16:11 +0000 Manifest this update: Tue 21 May 2024 08:16:10 +0000 Manifest next update: Tue 28 May 2024 08:16:10 +0000 Files and hashes: 1: tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl (hash: 1OGetUnUwxIA3FUvHRAe5xa5ccp6DmEK6yLaltuZPCg=) 2: B2B006BAE3E911EEB845B268C4F9AE02.roa (hash: svtnxhlF5NWmNNObseS7pAI3bZ45udx6YcRU3jyp4kA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Validity Not Before: May 21 08:16:10 2024 GMT Not After : May 28 08:16:10 2024 GMT Subject: CN=664c584a-bd0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:23:66:0e:97:ec:5f:77:b5:dd:a2:24:3b:98: ce:04:eb:2f:71:d3:e2:f5:80:02:4f:1f:2f:25:62: 1b:99:d8:a1:ec:97:b1:11:15:62:68:a1:99:f8:fe: 9a:40:ad:1e:3a:72:5f:bb:fb:10:46:b5:e0:67:d0: d0:9d:01:aa:53:e3:79:33:18:12:7c:55:f2:d2:4c: f8:24:67:e6:31:93:fa:e6:88:10:66:26:94:bc:5c: 08:82:70:72:f8:c7:05:79:0b:1a:92:6b:56:9c:3c: 2f:ce:21:8e:3b:6f:b5:23:63:3f:e1:dd:d1:cf:61: 28:f5:f3:3b:b4:11:b8:10:2e:65:d5:42:71:66:ab: 95:96:83:50:d6:77:0f:d4:69:ea:56:d9:72:4c:47: b3:f1:c7:3d:03:32:e5:dc:51:d5:4d:62:a4:63:39: 80:e8:6f:eb:09:5f:14:1f:59:79:60:ef:fe:e7:78: 86:47:fe:65:ca:12:22:ff:d3:5a:c4:a7:91:f8:01: d3:5f:0c:c5:e6:3c:52:e1:03:79:57:d8:ce:ae:27: 89:78:6b:33:dd:c7:3a:3c:89:99:28:a5:99:19:03: b8:d6:25:8a:3c:1a:a3:b1:db:ba:f0:df:ff:ae:27: a5:1b:10:5b:e4:f1:26:7b:6a:54:87:e7:2e:ed:67: e6:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:4D:2C:44:A2:33:EF:DA:94:4A:13:53:FC:47:F5:D2:1E:DE:15:00 X509v3 Authority Key Identifier: keyid:B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:e2:49:aa:32:2c:b1:70:f3:bc:83:03:b8:c7:9b:b6:f9:d0: 18:00:02:cd:48:6f:f4:72:2b:bd:93:80:d6:15:01:2f:22:ec: 35:2e:bf:0f:dd:3b:4b:95:f8:6e:a2:14:41:f0:4c:3e:5c:a0: f7:05:a4:a4:5b:b4:86:1d:9a:d9:48:a2:95:02:e8:69:62:94: b7:24:ca:f5:b1:71:aa:22:b3:86:8c:2a:d6:ca:65:ee:08:11: 6d:36:f9:91:04:5d:d8:53:d8:98:6f:81:f9:fd:02:f7:74:cd: ad:96:0f:be:38:34:66:ea:8e:08:50:1f:17:74:ea:2c:0e:9f: 33:01:ea:1d:5c:e9:1c:41:b5:3e:4b:1f:c6:d7:8d:f0:8b:b7: 5d:e6:c0:7a:4e:98:e7:61:89:be:d8:81:eb:ee:23:13:54:4a: f5:dd:e6:e7:51:87:dc:59:4e:14:3d:9d:d0:d9:95:84:e7:4d: 2e:70:7f:57:01:8b:20:02:34:1a:e8:f5:48:24:17:e5:a6:0e: b3:eb:ab:d3:5e:70:69:7b:49:71:cc:a0:0b:72:62:a4:12:b9: 7e:80:f9:74:90:a2:91:c4:b1:57:48:ab:81:ca:68:6a:39:26: 72:40:7c:81:f2:69:96:a6:af:bd:70:17:f9:ef:d4:15:e5:e4: 4d:8d:38:ab -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MTcxMTExMC8GA1UEBRMoQjU3QjIwN0YwRTFDMUJBODczQTA3OTM1ODJDN0E4MTM0 MDk4Njc0QzAeFw0yNDA1MjEwODE2MTBaFw0yNDA1MjgwODE2MTBaMBgxFjAUBgNV BAMTDTY2NGM1ODRhLWJkMGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDoI2YOl+xfd7XdoiQ7mM4E6y9x0+L1gAJPHy8lYhuZ2KHsl7ERFWJooZn4/ppA rR46cl+7+xBGteBn0NCdAapT43kzGBJ8VfLSTPgkZ+Yxk/rmiBBmJpS8XAiCcHL4 xwV5CxqSa1acPC/OIY47b7UjYz/h3dHPYSj18zu0EbgQLmXVQnFmq5WWg1DWdw/U aepW2XJMR7Pxxz0DMuXcUdVNYqRjOYDob+sJXxQfWXlg7/7neIZH/mXKEiL/01rE p5H4AdNfDMXmPFLhA3lX2M6uJ4l4azPdxzo8iZkopZkZA7jWJYo8GqOx27rw3/+u J6UbEFvk8SZ7alSH5y7tZ+YTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhU0sRKIz 79qUShNT/Ef10h7eFQAwHwYDVR0jBBgwFoAUtXsgfw4cG6hzoHk1gseoE0CYZ0ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxNzExLzlGREQyREEwQzk5 MTExRUU4OTFCQTQxOUM0RjlBRTAyL3RYc2dmdzRjRzZoem9IazFnc2VvRTBDWVow dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdFhzZ2Z3NGNHNmh6b0hrMWdzZW9FMENZWjB3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMx NzExLzlGREQyREEwQzk5MTExRUU4OTFCQTQxOUM0RjlBRTAyL3RYc2dmdzRjRzZo em9IazFnc2VvRTBDWVowdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIHiSaoyLLFw87yDA7jHm7b50BgAAs1Ib/RyK72TgNYVAS8i7DUuvw/d O0uV+G6iFEHwTD5coPcFpKRbtIYdmtlIopUC6GlilLckyvWxcaois4aMKtbKZe4I EW02+ZEEXdhT2Jhvgfn9Avd0za2WD744NGbqjghQHxd06iwOnzMB6h1c6RxBtT5L H8bXjfCLt13mwHpOmOdhib7YgevuIxNUSvXd5udRh9xZThQ9ndDZlYTnTS5wf1cB iyACNBro9UgkF+WmDrPrq9NecGl7SXHMoAtyYqQSuX6A+XSQopHEsVdIq4HKaGo5 JnJAfIHyaZamr71wF/nv1BXl5E2NOKs= -----END CERTIFICATE-----Generated at Tue May 21 10:37:07 2024 by rpki-client on console-fra.rpki-client.org