$ rpki-client -vvf rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.mft File: -ty5VaOsFGWZfQjySL-GxDNE-3g.mft (raw, json) Hash identifier: iyyD4uhaxZZoSYzsD8OO7xepIBX0E0BVAmSiHC4uNKA= Subject key identifier: 91:61:14:11:54:3D:37:F2:CB:1B:BB:31:4A:A7:7F:24:2D:D2:EF:F6 Authority key identifier: FA:DC:B9:55:A3:AC:14:65:99:7D:08:F2:48:BF:86:C4:33:44:FB:78 Certificate issuer: /CN=A9148F32/serialNumber=FADCB955A3AC1465997D08F248BF86C43344FB78 Certificate serial: 04F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ty5VaOsFGWZfQjySL-GxDNE-3g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.mft Manifest number: 04F3 Signing time: Sun 05 May 2024 01:24:04 +0000 Manifest this update: Sun 05 May 2024 01:24:04 +0000 Manifest next update: Sun 12 May 2024 01:24:04 +0000 Files and hashes: 1: -ty5VaOsFGWZfQjySL-GxDNE-3g.crl (hash: 2oYXwdh4cMN3o6y5LMViLPxgZN2IH05ibiBMcLYE+Kw=) 2: 4D470362C55811EB981FA987C4F9AE02.roa (hash: RVfGnSNi7Gc2NDwMnGvANcouUDMPNtTfLB5zmPwCbz8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.crl rsync://rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ty5VaOsFGWZfQjySL-GxDNE-3g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 21:20:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1272 (0x4f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148F32/serialNumber=FADCB955A3AC1465997D08F248BF86C43344FB78 Validity Not Before: May 5 01:24:04 2024 GMT Not After : May 12 01:24:04 2024 GMT Subject: CN=6636dfb4-ad86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:bb:29:d3:38:fe:28:03:ea:33:23:39:f0:b0: 68:c5:72:65:c8:10:c8:df:81:72:06:e8:ac:71:af: 12:b3:6a:b8:a5:f3:cd:d5:ee:30:1f:9f:1c:90:15: a7:65:f8:c2:2b:1b:7f:d3:8d:84:a3:f4:cb:15:80: 14:96:52:2c:d0:ec:6f:0f:73:f6:25:1e:a7:6a:eb: 7b:7a:d9:34:f6:34:77:dc:0d:fe:70:8c:06:a8:e1: 59:28:d3:37:43:90:55:06:a8:6d:fb:ae:57:27:76: b0:fe:b1:c0:18:d8:ba:35:cc:00:e1:b8:f1:53:00: 8b:02:1e:e3:af:5b:74:4d:9d:e3:1d:e1:1e:98:5f: dd:59:17:e8:3d:23:66:65:72:45:38:05:cc:d9:91: 79:05:8d:2f:b2:d3:71:1b:21:49:2f:84:aa:7e:34: f8:6f:ec:93:00:91:01:1a:62:82:ae:8e:39:c0:80: 79:be:e3:19:ac:e4:25:d9:68:72:bf:ad:5c:76:ed: 72:25:d2:a7:ab:17:73:09:1d:6e:65:fc:0d:f6:a8: ba:59:33:b5:ff:e0:4e:a7:ff:a4:a0:6b:3e:6d:34: 41:ca:4e:15:8d:d0:e6:d1:d4:5e:c6:e6:37:52:cf: 87:15:0b:f0:cb:3c:4c:9f:7a:33:3a:28:cd:ce:d5: 9d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:61:14:11:54:3D:37:F2:CB:1B:BB:31:4A:A7:7F:24:2D:D2:EF:F6 X509v3 Authority Key Identifier: keyid:FA:DC:B9:55:A3:AC:14:65:99:7D:08:F2:48:BF:86:C4:33:44:FB:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-ty5VaOsFGWZfQjySL-GxDNE-3g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148F32/E06475CEC55511EB9AE59E86C4F9AE02/-ty5VaOsFGWZfQjySL-GxDNE-3g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:e0:d4:66:63:f8:8c:04:50:78:fa:d2:58:e1:a7:11:de:57: af:f1:8a:36:c5:78:1e:ed:fb:02:c7:77:d5:c8:de:26:da:0c: 9d:bb:32:1f:eb:e2:1a:7e:6e:7e:0f:37:c5:0b:d2:0b:b0:43: d3:cf:bb:9a:fb:f1:9e:36:8f:ad:73:9c:09:c4:9a:7e:d4:ca: e6:f7:1e:98:a8:21:3c:50:09:6d:87:9d:85:a6:8f:fc:e0:c2: 2d:37:02:98:c9:5c:8b:14:14:53:4c:57:d4:9e:fd:28:bb:2d: 80:2c:92:f0:cb:bd:09:d0:2b:57:27:81:12:90:66:9a:38:e4: 1c:e4:eb:64:8b:5c:dd:48:94:da:e2:a9:1e:f5:94:c1:46:c3: 35:92:cd:64:19:0e:de:de:a1:18:d9:54:96:8a:74:51:07:f4: 1e:35:70:2f:f0:16:01:78:70:51:9e:e2:d9:a1:c5:09:b9:a3: 0f:97:56:fd:ad:d4:cd:bf:a3:91:3e:41:5d:a0:53:b2:93:bf: a0:fb:9c:9d:eb:28:60:15:e4:77:e2:1b:90:56:56:9a:69:e4: 91:db:54:45:99:c8:e2:ad:a7:bf:bd:22:f4:92:62:99:7a:ff: 0c:ff:54:cb:4c:89:3e:ed:e4:38:b4:60:f3:f0:83:9e:d9:b8: b5:01:e7:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhGMzIxMTAvBgNVBAUTKEZBRENCOTU1QTNBQzE0NjU5OTdEMDhGMjQ4QkY4NkM0 MzM0NEZCNzgwHhcNMjQwNTA1MDEyNDA0WhcNMjQwNTEyMDEyNDA0WjAYMRYwFAYD VQQDEw02NjM2ZGZiNC1hZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2rsp0zj+KAPqMyM58LBoxXJlyBDI34FyBuisca8Ss2q4pfPN1e4wH58ckBWn ZfjCKxt/042Eo/TLFYAUllIs0OxvD3P2JR6naut7etk09jR33A3+cIwGqOFZKNM3 Q5BVBqht+65XJ3aw/rHAGNi6NcwA4bjxUwCLAh7jr1t0TZ3jHeEemF/dWRfoPSNm ZXJFOAXM2ZF5BY0vstNxGyFJL4SqfjT4b+yTAJEBGmKCro45wIB5vuMZrOQl2Why v61cdu1yJdKnqxdzCR1uZfwN9qi6WTO1/+BOp/+koGs+bTRByk4VjdDm0dRexuY3 Us+HFQvwyzxMn3ozOijNztWdMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJFhFBFU PTfyyxu7MUqnfyQt0u/2MB8GA1UdIwQYMBaAFPrcuVWjrBRlmX0I8ki/hsQzRPt4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEYzMi9FMDY0NzVDRUM1 NTUxMUVCOUFFNTlFODZDNEY5QUUwMi8tdHk1VmFPc0ZHV1pmUWp5U0wtR3hETkUt M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy10eTVWYU9zRkdXWmZRanlTTC1HeERORS0zZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEYzMi9FMDY0NzVDRUM1NTUxMUVCOUFFNTlFODZDNEY5QUUwMi8tdHk1VmFPc0ZH V1pmUWp5U0wtR3hETkUtM2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBd4NRmY/iMBFB4+tJY4acR3lev8Yo2xXge7fsCx3fVyN4m2gyduzIf 6+Iafm5+DzfFC9ILsEPTz7ua+/GeNo+tc5wJxJp+1Mrm9x6YqCE8UAlth52Fpo/8 4MItNwKYyVyLFBRTTFfUnv0ouy2ALJLwy70J0CtXJ4ESkGaaOOQc5Otki1zdSJTa 4qke9ZTBRsM1ks1kGQ7e3qEY2VSWinRRB/QeNXAv8BYBeHBRnuLZocUJuaMPl1b9 rdTNv6ORPkFdoFOyk7+g+5yd6yhgFeR34huQVlaaaeSR21RFmcjirae/vSL0kmKZ ev8M/1TLTIk+7eQ4tGDz8IOe2bi1Aedt -----END CERTIFICATE-----Generated at Sun May 5 02:13:01 2024 by rpki-client on console-ams.rpki-client.org