$ rpki-client -vvf rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.mft File: HNSe-8N-9KjGyIdlYr0RM0S8ftE.mft (raw, json) Hash identifier: x1pIVkNd/jJXlD72yARGzGyYrjhP7XEy9qCEYAeJvqM= Subject key identifier: 9C:B7:92:45:AB:19:07:87:C3:B4:E8:62:DB:3E:B4:75:3C:64:66:46 Authority key identifier: 1C:D4:9E:FB:C3:7E:F4:A8:C6:C8:87:65:62:BD:11:33:44:BC:7E:D1 Certificate issuer: /CN=A913277C/serialNumber=1CD49EFBC37EF4A8C6C8876562BD113344BC7ED1 Certificate serial: D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNSe-8N-9KjGyIdlYr0RM0S8ftE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.mft Manifest number: D3 Signing time: Sun 05 May 2024 06:12:37 +0000 Manifest this update: Sun 05 May 2024 06:12:37 +0000 Manifest next update: Sun 12 May 2024 06:12:37 +0000 Files and hashes: 1: HNSe-8N-9KjGyIdlYr0RM0S8ftE.crl (hash: EmhfGirFhD7x1S9zkmmYb1UiRhG1IY3NoF9ZbYd5llU=) 2: 1EF2D862C9F511ED8771C865C4F9AE02.roa (hash: P+uq7WBg06+zHlN3uA88TkBnHi2bGu6YyGHpZu3034g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.crl rsync://rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNSe-8N-9KjGyIdlYr0RM0S8ftE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 06:12:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913277C/serialNumber=1CD49EFBC37EF4A8C6C8876562BD113344BC7ED1 Validity Not Before: May 5 06:12:37 2024 GMT Not After : May 12 06:12:37 2024 GMT Subject: CN=66372355-4c99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d2:18:25:cd:67:ea:07:17:d2:44:2d:1d:84: a4:91:00:ec:fb:6c:0f:58:47:4c:20:1d:ce:15:20: bb:0b:4d:46:41:0b:6d:70:d5:56:99:0a:f2:bd:44: f2:e6:1b:5c:6d:ee:d9:b8:16:79:89:34:07:5d:01: 7c:3b:9b:18:de:6e:f4:03:a5:a3:72:69:69:17:a8: c4:a7:88:c7:06:b0:66:bc:b7:75:98:77:4a:f2:2f: 99:fc:dd:6e:2a:65:d8:81:d1:51:85:18:b0:43:b1: 4f:b7:97:09:00:31:b0:97:7d:15:ae:46:ff:04:40: b1:5c:1c:68:89:9d:47:2b:4c:7e:44:1d:66:11:62: e3:e1:84:66:6b:30:1d:59:4d:fd:d0:da:05:51:81: a7:e1:e6:98:f5:8a:64:dd:f0:45:ce:d6:cd:b3:9a: 80:03:77:9c:6e:a1:81:ad:55:bf:41:4e:c8:c0:d9: 10:50:2c:b3:3a:8e:6b:7f:d9:e0:ed:40:4d:c2:f6: 0d:24:b4:e5:db:59:f1:65:f2:20:45:34:32:c6:e2: 99:31:17:f7:91:55:8b:07:75:d1:90:85:54:07:31: c3:c0:e3:6d:1d:56:37:25:c1:73:88:05:ff:e5:ce: a3:b4:a6:13:fc:68:f8:1d:88:12:64:e3:bf:74:d6: b2:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:B7:92:45:AB:19:07:87:C3:B4:E8:62:DB:3E:B4:75:3C:64:66:46 X509v3 Authority Key Identifier: keyid:1C:D4:9E:FB:C3:7E:F4:A8:C6:C8:87:65:62:BD:11:33:44:BC:7E:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNSe-8N-9KjGyIdlYr0RM0S8ftE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913277C/B97C7396C9F211EDA1D99E65C4F9AE02/HNSe-8N-9KjGyIdlYr0RM0S8ftE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:65:34:d0:e5:7d:75:61:86:73:f0:c1:79:c9:a4:25:fd:27: 23:42:e0:0a:74:e1:32:a6:00:31:27:0a:c1:8c:a0:e2:bf:5b: 54:0a:33:9f:0f:b9:59:ff:36:8b:63:f2:9d:f9:c8:33:5f:5d: 3e:1c:9e:d7:4b:cc:dc:5e:89:12:94:15:6b:db:86:49:48:af: 11:a5:58:4a:f9:3b:78:82:9c:ab:90:88:35:97:d1:a7:f4:b5: 62:e3:3a:43:6a:d5:ee:4f:48:5b:87:d8:77:db:c5:f2:af:dd: b7:8c:ae:b5:a4:8d:dc:60:41:91:86:de:4b:b3:87:6c:a0:43: ae:d2:e4:f1:db:4d:55:e6:6e:36:ab:15:3b:54:76:3b:07:aa: 02:77:f9:f7:05:77:f3:e5:41:1c:fc:f8:89:bf:da:7c:e6:ff: aa:52:e6:2c:27:f5:dd:5a:da:ce:82:44:61:e9:4d:f0:de:ac: c0:71:d6:00:48:dd:6d:41:50:ec:78:48:7d:53:bf:20:00:b3: 6b:df:23:d3:23:c6:2a:b7:a0:7e:2f:ac:ac:af:fc:d4:10:66: 29:29:bb:7b:30:d5:e7:de:fa:60:c9:c5:41:65:94:08:b0:5c: 20:16:8b:f6:69:4e:78:24:ab:71:70:69:b4:81:1a:7d:0b:10: f7:f2:d6:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzI3N0MxMTAvBgNVBAUTKDFDRDQ5RUZCQzM3RUY0QThDNkM4ODc2NTYyQkQxMTMz NDRCQzdFRDEwHhcNMjQwNTA1MDYxMjM3WhcNMjQwNTEyMDYxMjM3WjAYMRYwFAYD VQQDEw02NjM3MjM1NS00Yzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1tIYJc1n6gcX0kQtHYSkkQDs+2wPWEdMIB3OFSC7C01GQQttcNVWmQryvUTy 5htcbe7ZuBZ5iTQHXQF8O5sY3m70A6WjcmlpF6jEp4jHBrBmvLd1mHdK8i+Z/N1u KmXYgdFRhRiwQ7FPt5cJADGwl30Vrkb/BECxXBxoiZ1HK0x+RB1mEWLj4YRmazAd WU390NoFUYGn4eaY9Ypk3fBFztbNs5qAA3ecbqGBrVW/QU7IwNkQUCyzOo5rf9ng 7UBNwvYNJLTl21nxZfIgRTQyxuKZMRf3kVWLB3XRkIVUBzHDwONtHVY3JcFziAX/ 5c6jtKYT/Gj4HYgSZOO/dNayHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJy3kkWr GQeHw7ToYts+tHU8ZGZGMB8GA1UdIwQYMBaAFBzUnvvDfvSoxsiHZWK9ETNEvH7R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjc3Qy9COTdDNzM5NkM5 RjIxMUVEQTFEOTlFNjVDNEY5QUUwMi9ITlNlLThOLTlLakd5SWRsWXIwUk0wUzhm dEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hOU2UtOE4tOUtqR3lJZGxZcjBSTTBTOGZ0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz Mjc3Qy9COTdDNzM5NkM5RjIxMUVEQTFEOTlFNjVDNEY5QUUwMi9ITlNlLThOLTlL akd5SWRsWXIwUk0wUzhmdEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6ZTTQ5X11YYZz8MF5yaQl/ScjQuAKdOEypgAxJwrBjKDiv1tUCjOf D7lZ/zaLY/Kd+cgzX10+HJ7XS8zcXokSlBVr24ZJSK8RpVhK+Tt4gpyrkIg1l9Gn 9LVi4zpDatXuT0hbh9h328Xyr923jK61pI3cYEGRht5Ls4dsoEOu0uTx201V5m42 qxU7VHY7B6oCd/n3BXfz5UEc/PiJv9p85v+qUuYsJ/XdWtrOgkRh6U3w3qzAcdYA SN1tQVDseEh9U78gALNr3yPTI8Yqt6B+L6ysr/zUEGYpKbt7MNXn3vpgycVBZZQI sFwgFov2aU54JKtxcGm0gRp9CxD38tYZ -----END CERTIFICATE-----Generated at Sun May 5 08:21:04 2024 by rpki-client on console-ams.rpki-client.org