$ rpki-client -vvf rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft File: D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft (raw, json) Hash identifier: brsb/pfBiRVEtCdLqTv5HzzLYMs2T2+kBhB4klH1Q6s= Subject key identifier: 3C:49:57:1D:A0:E0:E4:E4:74:F3:B8:62:23:4A:EE:CF:AF:B0:B4:D4 Authority key identifier: 0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 Certificate issuer: /CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Certificate serial: AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft Manifest number: AD Signing time: Wed 15 May 2024 06:42:48 +0000 Manifest this update: Wed 15 May 2024 06:42:47 +0000 Manifest next update: Wed 22 May 2024 06:42:47 +0000 Files and hashes: 1: D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl (hash: xjC/ShCURgZciHUGEiVuQrl0y0vO6ZOFdHWUq9GmwtY=) 2: 075B4CC80AC511EEB25A152AC4F9AE02.roa (hash: N7buuVY+ecDIzSoYukHeCFEfFQ0zl4C0Rq6x+/cw45Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 06:42:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Validity Not Before: May 15 06:42:47 2024 GMT Not After : May 22 06:42:47 2024 GMT Subject: CN=66445968-a42b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f4:bb:87:69:95:1b:9b:2d:b2:9d:62:91:c1: ee:68:0d:b5:48:97:36:8f:c9:e9:8c:6e:d2:65:7f: 6c:35:a4:3b:53:64:34:17:a4:67:84:d0:38:3a:2a: 46:e3:ff:a2:ce:d0:9b:86:85:03:39:f3:2b:39:c4: 76:d6:07:d1:c2:79:5d:c9:67:f9:08:7c:6b:d8:78: 99:a2:f7:9f:fe:e8:23:3d:73:f9:a2:61:1e:b5:8c: 47:7f:50:0c:76:26:74:ac:87:6e:bb:65:03:ba:ee: 85:fc:3b:44:01:1c:ef:9e:05:0e:aa:4c:f2:70:23: 10:44:15:b0:75:aa:6e:15:76:a4:b9:30:18:04:3a: ff:72:45:17:f4:3c:89:55:5b:05:e8:33:da:d3:14: 1e:9f:fe:e5:58:43:4e:83:32:3a:fe:cc:08:98:f2: 52:13:0b:18:a0:fc:79:30:1b:88:1f:a0:d3:17:41: 96:3a:d8:94:92:23:f2:9f:37:64:08:1c:10:8e:32: c3:80:5e:62:d6:6d:48:c9:70:6e:ec:a2:ad:63:c7: 1c:26:5b:42:25:a5:fc:2c:f4:a5:27:66:e1:5b:e9: 57:96:d7:08:82:57:b9:a5:85:ac:c5:ef:c9:b3:8b: 7b:fe:ec:a3:a2:db:26:69:41:53:7d:91:00:ff:b2: 4f:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:49:57:1D:A0:E0:E4:E4:74:F3:B8:62:23:4A:EE:CF:AF:B0:B4:D4 X509v3 Authority Key Identifier: keyid:0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:89:ce:bc:a5:58:c1:79:34:e3:00:2d:be:c2:22:b3:9f:08: b6:8c:54:87:9b:f3:0e:58:cd:59:ed:cd:21:53:51:81:89:e2: 18:b9:1a:fd:77:58:f4:cb:64:3e:54:8c:86:19:67:b7:d3:4c: e9:43:a5:95:71:9f:db:2c:71:3c:fb:2c:09:9d:d9:6b:3c:1c: 43:c8:cf:81:cf:d9:c3:5f:b3:1f:8f:11:bc:98:1a:d4:5d:ee: 57:88:36:81:1c:2a:1f:47:4f:29:41:fb:85:8d:13:21:e4:30: f4:24:78:57:a3:9d:d7:a5:32:0d:4f:66:9e:4d:80:78:0b:2d: ad:35:9f:9c:43:04:b5:62:59:67:31:78:ee:66:bc:d1:2c:43: f1:0b:9c:66:06:c0:85:af:9d:87:b1:34:88:1e:16:f5:a9:70: 39:77:52:49:bc:ae:54:78:99:f2:b2:4f:89:7c:56:5f:6e:c8: 0a:aa:0d:fd:f6:63:01:16:7e:2c:33:79:ef:29:b6:29:58:12: 06:6f:45:77:4c:d1:e4:a8:ce:8f:6e:fe:cb:d1:56:36:fb:72: cb:88:fd:7f:16:91:e8:d4:47:da:8c:82:40:62:02:cb:53:ff: 6b:e4:6f:84:70:c8:e2:07:5b:b7:9f:3e:b7:3b:f9:d4:93:4a: f5:9a:c0:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCQjAxMTAvBgNVBAUTKDBGNjE0MkFFNDE2OERGMEIxODA1RkE1ODFEMjAzOTQ3 NjdBQTIyNTgwHhcNMjQwNTE1MDY0MjQ3WhcNMjQwNTIyMDY0MjQ3WjAYMRYwFAYD VQQDEw02NjQ0NTk2OC1hNDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1/S7h2mVG5stsp1ikcHuaA21SJc2j8npjG7SZX9sNaQ7U2Q0F6RnhNA4OipG 4/+iztCbhoUDOfMrOcR21gfRwnldyWf5CHxr2HiZovef/ugjPXP5omEetYxHf1AM diZ0rIduu2UDuu6F/DtEARzvngUOqkzycCMQRBWwdapuFXakuTAYBDr/ckUX9DyJ VVsF6DPa0xQen/7lWENOgzI6/swImPJSEwsYoPx5MBuIH6DTF0GWOtiUkiPynzdk CBwQjjLDgF5i1m1IyXBu7KKtY8ccJltCJaX8LPSlJ2bhW+lXltcIgle5pYWsxe/J s4t7/uyjotsmaUFTfZEA/7JP/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDxJVx2g 4OTkdPO4YiNK7s+vsLTUMB8GA1UdIwQYMBaAFA9hQq5BaN8LGAX6WB0gOUdnqiJY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEJCMC9ERDQ3MzhFMDBB QkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3c1lCZnBZSFNBNVIyZXFJ bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QyRkNya0ZvM3dzWUJmcFlIU0E1UjJlcUlsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEJCMC9ERDQ3MzhFMDBBQkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3 c1lCZnBZSFNBNVIyZXFJbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKic68pVjBeTTjAC2+wiKznwi2jFSHm/MOWM1Z7c0hU1GBieIYuRr9 d1j0y2Q+VIyGGWe300zpQ6WVcZ/bLHE8+ywJndlrPBxDyM+Bz9nDX7MfjxG8mBrU Xe5XiDaBHCofR08pQfuFjRMh5DD0JHhXo53XpTINT2aeTYB4Cy2tNZ+cQwS1Ylln MXjuZrzRLEPxC5xmBsCFr52HsTSIHhb1qXA5d1JJvK5UeJnysk+JfFZfbsgKqg39 9mMBFn4sM3nvKbYpWBIGb0V3TNHkqM6Pbv7L0VY2+3LLiP1/FpHo1EfajIJAYgLL U/9r5G+EcMjiB1u3nz63O/nUk0r1msB8 -----END CERTIFICATE-----Generated at Wed May 15 09:27:30 2024 by rpki-client on console-fra.rpki-client.org