$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: 9lWFMlQ2Ar3YpOyQcHKN/7ySB0P0JcPCj3++GvRdMak= Subject key identifier: 3C:05:DC:28:7D:B0:19:74:8E:4E:09:D2:76:98:E9:B5:E9:98:39:8C Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0C60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0C58 Signing time: Sat 18 May 2024 18:55:13 +0000 Manifest this update: Sat 18 May 2024 18:55:12 +0000 Manifest next update: Sat 25 May 2024 18:55:12 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: 0LaJ8ABFZuYP5tm9Cq5Oe3QGqYX1H8EkCmE9X3MHjEo=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: VFfqyxdTSmRGDAsrReEN4XSTEsTAqCMGdU7ARvjjS+0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3168 (0xc60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: May 18 18:55:12 2024 GMT Not After : May 25 18:55:12 2024 GMT Subject: CN=6648f991-cd17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:2a:d5:ce:9e:ef:a1:2f:85:e7:22:0f:a0:e8: 6b:f9:d7:d2:6e:ec:2c:25:55:89:b7:6f:52:f6:cf: 88:94:7d:0e:57:55:aa:0a:54:06:bf:bb:47:e4:5a: 74:92:8d:25:d6:73:30:41:de:ea:9c:34:40:51:23: 1c:4f:31:53:76:ee:da:c7:ed:60:10:29:58:99:f6: 24:3d:ee:95:7d:b0:e6:e6:63:cc:f0:5e:fb:df:75: 67:08:99:17:0f:33:aa:da:01:70:37:74:a5:ee:96: 0c:33:0c:b6:cb:f5:67:d9:0f:24:6e:25:36:14:90: b2:b9:0c:2c:42:0b:46:12:bc:5c:f5:db:c6:f7:86: 7a:8a:17:04:63:b2:74:a3:48:b5:7a:22:a1:3f:1e: 8f:98:b6:86:13:9b:71:fb:08:7c:95:fc:dc:25:65: 25:0b:cf:d9:32:24:c8:83:11:b4:24:ba:d9:52:d6: af:5c:ad:b4:81:61:2b:b0:9c:bc:10:56:f7:9a:24: cf:e6:e7:06:b0:45:6d:9c:94:11:51:bb:05:5d:3c: c1:cc:17:60:0a:75:87:98:3d:80:2f:05:ca:c8:df: e3:3b:77:f8:46:ff:61:ff:13:7a:58:58:76:f7:d0: 5f:6a:34:4d:27:8a:49:a1:39:c5:1c:b8:d4:74:4c: d0:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:05:DC:28:7D:B0:19:74:8E:4E:09:D2:76:98:E9:B5:E9:98:39:8C X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:ca:f0:9e:16:6d:86:17:8b:83:22:f1:79:45:12:82:20:62: 7b:6e:cb:16:b9:d7:03:52:e1:4d:66:5c:ce:d4:ef:6c:1e:7a: b2:d7:02:cf:02:27:42:06:a4:46:11:c0:ee:6e:61:90:39:ca: d6:c2:2c:f5:71:65:f9:b5:01:62:0d:8f:e4:b2:78:b3:a0:dc: 88:5f:73:77:94:14:fb:36:8d:8d:a3:ac:18:f7:73:31:60:6b: c6:a1:c7:f6:98:4d:4c:a2:37:66:3a:3d:18:b8:51:92:93:b8: 14:9b:ed:0d:3a:a4:ee:54:31:7a:1d:03:a9:f4:bb:1c:16:8d: d4:32:bc:71:e2:7c:18:28:25:36:cf:3b:5a:97:ae:36:6f:47: 6e:5c:16:02:e4:74:fa:7f:9a:05:21:97:ca:b6:87:0c:86:7e: 1c:71:d4:d5:09:d0:5d:64:62:61:3f:5b:75:fb:43:b3:29:4c: f4:ff:1a:87:a4:11:a2:a2:0f:1c:43:6f:56:b7:87:83:4c:9e: 98:ea:e9:d4:5f:d8:fd:b4:6b:ff:ab:2a:09:af:94:d0:cb:ae: 94:67:1a:6f:b2:ca:07:f7:ef:29:a9:9e:9d:35:26:b2:96:23: 4a:c9:23:48:87:6a:bd:a1:13:ec:e6:a5:25:fa:02:53:63:91: 16:38:6d:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjQwNTE4MTg1NTEyWhcNMjQwNTI1MTg1NTEyWjAYMRYwFAYD VQQDEw02NjQ4Zjk5MS1jZDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1SrVzp7voS+F5yIPoOhr+dfSbuwsJVWJt29S9s+IlH0OV1WqClQGv7tH5Fp0 ko0l1nMwQd7qnDRAUSMcTzFTdu7ax+1gEClYmfYkPe6VfbDm5mPM8F7733VnCJkX DzOq2gFwN3Sl7pYMMwy2y/Vn2Q8kbiU2FJCyuQwsQgtGErxc9dvG94Z6ihcEY7J0 o0i1eiKhPx6PmLaGE5tx+wh8lfzcJWUlC8/ZMiTIgxG0JLrZUtavXK20gWErsJy8 EFb3miTP5ucGsEVtnJQRUbsFXTzBzBdgCnWHmD2ALwXKyN/jO3f4Rv9h/xN6WFh2 99BfajRNJ4pJoTnFHLjUdEzQJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDwF3Ch9 sBl0jk4J0naY6bXpmDmMMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJyvCeFm2GF4uDIvF5RRKCIGJ7bssWudcDUuFNZlzO1O9sHnqy1wLP AidCBqRGEcDubmGQOcrWwiz1cWX5tQFiDY/ksnizoNyIX3N3lBT7No2No6wY93Mx YGvGocf2mE1MojdmOj0YuFGSk7gUm+0NOqTuVDF6HQOp9LscFo3UMrxx4nwYKCU2 zztal642b0duXBYC5HT6f5oFIZfKtocMhn4ccdTVCdBdZGJhP1t1+0OzKUz0/xqH pBGiog8cQ29Wt4eDTJ6Y6unUX9j9tGv/qyoJr5TQy66UZxpvssoH9+8pqZ6dNSay liNKySNIh2q9oRPs5qUl+gJTY5EWOG2t -----END CERTIFICATE-----Generated at Sat May 18 20:15:59 2024 by rpki-client on console-ams.rpki-client.org