$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: naJhb64IXiUWHMbzc2ZEGcCb28LFxxaNuh0SOzso1lg= Subject key identifier: 83:F3:8B:A1:C2:CA:A0:72:8E:4E:0C:C6:F6:58:DC:EE:BF:9C:2A:01 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 1258 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 1252 Signing time: Sat 04 May 2024 17:47:56 +0000 Manifest this update: Sat 04 May 2024 17:47:56 +0000 Manifest next update: Sat 11 May 2024 17:47:55 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: W1Y0/fj2XvSp5Lja2yvPGnQ8DO4h9FikiyQf/OrdpXU=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: PtKzjrxSdCQfJV341KRRu0KerrCI+0giYJKKrEUJTvQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4696 (0x1258) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: May 4 17:47:56 2024 GMT Not After : May 11 17:47:55 2024 GMT Subject: CN=663674cc-15c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:63:0d:ef:d3:33:c5:c1:c1:38:83:7d:23:db: 0a:82:ef:e3:fd:f9:01:7e:87:f5:03:10:8b:82:39: 6c:26:00:90:45:70:2b:ba:ca:7d:65:87:7e:2b:e6: 8e:91:27:d6:f8:1f:2b:b7:0b:5f:8d:d6:08:f7:02: 74:e6:1e:7d:21:3d:59:3b:26:60:95:5f:9c:99:80: 69:19:7d:fd:2d:b0:42:fc:6f:51:91:2b:31:81:58: a8:06:58:77:b8:cf:7a:5c:e1:25:11:b7:f3:86:b5: 46:d2:82:01:50:9b:21:cf:e9:07:c7:5e:93:74:d4: ed:79:2c:0c:88:18:e9:8c:31:59:50:d1:09:ce:7e: 37:d5:82:0a:5e:f1:54:98:f3:7a:40:3c:48:86:f0: 96:89:83:8d:97:dd:ac:96:5b:34:14:05:c3:2f:c0: 8c:8b:d9:b2:1f:37:53:3b:c1:43:73:91:91:28:e8: 65:2b:22:11:bc:dd:a0:01:18:7d:45:f0:19:df:e6: c0:82:3a:bb:4a:5c:e9:c7:32:3d:3b:c9:1b:46:db: fe:03:15:33:7f:cf:b5:55:e2:0a:a0:a8:11:b1:f6: 2e:0f:95:e5:5b:ca:48:25:6d:6b:27:8c:e0:c4:56: 98:b9:ed:72:d7:09:19:24:20:13:e3:e7:aa:43:ae: 48:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:F3:8B:A1:C2:CA:A0:72:8E:4E:0C:C6:F6:58:DC:EE:BF:9C:2A:01 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:96:7c:23:7c:07:a7:21:07:5a:9c:de:a1:35:11:36:da:0c: 16:14:11:1b:3f:17:f9:0c:a2:37:da:4d:34:2c:13:4e:d5:82: 75:c3:14:50:40:ad:28:b0:a5:59:a4:39:bc:32:87:4f:82:bc: 61:59:c2:fa:a6:77:40:e7:9e:6b:a5:f7:f0:a9:65:31:28:6c: bd:ae:12:22:cb:70:f2:6f:7e:f4:29:42:9c:da:c1:18:b7:06: dc:c1:18:0f:a1:66:b7:37:4f:6b:7c:5a:39:21:e3:9d:57:6c: 7f:5a:1e:da:ea:2b:d1:4a:93:2a:80:82:fc:42:6a:0d:4c:9c: 5b:61:1e:2b:a9:a1:ce:f5:cc:b7:b8:8c:ab:f3:bc:3b:76:70: 52:3f:23:1e:f4:c2:d3:41:16:b5:ae:d5:3b:75:2f:0a:c8:a8: 55:28:34:53:e7:a8:58:41:81:37:77:1c:7f:90:bb:be:15:80: a8:f3:7a:75:04:73:90:48:be:a6:b2:94:4a:9e:ab:58:25:c5: cf:2c:33:61:2d:07:a4:e0:40:47:b8:89:33:91:80:3d:e0:6c: c4:dd:35:ca:9e:ad:8f:f0:fe:23:d4:26:4b:23:5b:c1:cf:fd: 65:34:45:35:45:65:6a:95:30:28:09:53:02:57:57:aa:34:b6: 77:0e:00:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICElgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjQwNTA0MTc0NzU2WhcNMjQwNTExMTc0NzU1WjAYMRYwFAYD VQQDEw02NjM2NzRjYy0xNWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr2MN79MzxcHBOIN9I9sKgu/j/fkBfof1AxCLgjlsJgCQRXArusp9ZYd+K+aO kSfW+B8rtwtfjdYI9wJ05h59IT1ZOyZglV+cmYBpGX39LbBC/G9RkSsxgVioBlh3 uM96XOElEbfzhrVG0oIBUJshz+kHx16TdNTteSwMiBjpjDFZUNEJzn431YIKXvFU mPN6QDxIhvCWiYONl92slls0FAXDL8CMi9myHzdTO8FDc5GRKOhlKyIRvN2gARh9 RfAZ3+bAgjq7SlzpxzI9O8kbRtv+AxUzf8+1VeIKoKgRsfYuD5XlW8pIJW1rJ4zg xFaYue1y1wkZJCAT4+eqQ65IfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIPzi6HC yqByjk4MxvZY3O6/nCoBMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKlnwjfAenIQdanN6hNRE22gwWFBEbPxf5DKI32k00LBNO1YJ1wxRQ QK0osKVZpDm8ModPgrxhWcL6pndA555rpffwqWUxKGy9rhIiy3Dyb370KUKc2sEY twbcwRgPoWa3N09rfFo5IeOdV2x/Wh7a6ivRSpMqgIL8QmoNTJxbYR4rqaHO9cy3 uIyr87w7dnBSPyMe9MLTQRa1rtU7dS8KyKhVKDRT56hYQYE3dxx/kLu+FYCo83p1 BHOQSL6mspRKnqtYJcXPLDNhLQek4EBHuIkzkYA94GzE3TXKnq2P8P4j1CZLI1vB z/1lNEU1RWVqlTAoCVMCV1eqNLZ3DgDV -----END CERTIFICATE-----Generated at Sat May 4 19:58:37 2024 by rpki-client on console-ams.rpki-client.org