$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft File: o9XPQ95bPYucND7UScFpDr40Fw4.mft (raw, json) Hash identifier: pVXBFtNikB5cabrrIID1QcvxXFE1Z0I/xHOFrfcI/Ng= Subject key identifier: 51:63:E6:AB:A1:AB:E3:44:AD:E7:D3:6A:DA:39:9D:5C:F5:BB:30:79 Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E Certificate serial: 0529 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft Manifest number: 0507 Signing time: Sun 05 May 2024 01:29:19 +0000 Manifest this update: Sun 05 May 2024 01:29:18 +0000 Manifest next update: Sun 12 May 2024 01:29:18 +0000 Files and hashes: 1: o9XPQ95bPYucND7UScFpDr40Fw4.crl (hash: 7hhpgF2ETteZsbg3mRer+UoPbbblv4CPaJT3nYvD82E=) 2: 96E3EB58B2B711EEAE882255C4F9AE02.roa (hash: 6wob0mUxft+bGhg2oBjgPWmMCtXvERbVWEvaGtJ2oGw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 21:20:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1321 (0x529) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E Validity Not Before: May 5 01:29:18 2024 GMT Not After : May 12 01:29:18 2024 GMT Subject: CN=6636e0ef-21d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:48:4c:e4:5e:e2:8e:1a:a3:a7:53:bd:4f:c6: 45:47:93:b7:9d:18:b5:fb:f7:b5:fd:2f:c3:a5:78: 02:03:d6:bb:51:82:44:36:cf:06:75:8e:52:17:bd: 1e:1b:98:9c:41:06:7b:66:c7:c0:5d:55:01:da:f7: 02:7f:89:71:3d:70:72:32:9f:01:df:a0:07:ee:9f: e5:6c:c8:62:a5:58:37:39:42:42:9c:fa:17:39:13: 71:97:16:5a:d1:d0:2a:5d:b9:0f:fc:2f:5b:cf:92: ec:40:f9:35:95:74:5c:27:e3:91:bc:b8:bc:ed:6d: f0:ba:df:44:dd:60:8e:d5:c9:a3:4d:7e:63:75:6c: 3c:7b:f0:74:aa:b5:45:ad:e7:53:84:ad:d7:1a:79: 20:a8:eb:fe:44:61:05:cc:18:ff:47:9d:cb:3c:bd: 4a:0d:59:40:f3:61:e0:2d:9e:29:77:fc:25:e3:77: 46:46:95:84:6e:23:e3:76:3a:67:3f:60:2c:5e:25: ce:c8:e2:32:1a:da:49:81:a0:99:10:c7:ba:b1:a2: 9a:5c:47:ef:b4:80:d2:20:ce:f0:d2:fd:c5:18:6f: 72:41:85:24:94:2f:55:9f:61:1b:e7:fa:d0:0f:88: 77:64:f4:50:55:77:97:c9:ff:41:8a:00:11:47:68: 2c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:63:E6:AB:A1:AB:E3:44:AD:E7:D3:6A:DA:39:9D:5C:F5:BB:30:79 X509v3 Authority Key Identifier: keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:42:7b:41:85:69:8a:d5:bf:31:1e:a0:80:4d:f7:f2:9d:86: 3d:7b:68:74:72:9f:a2:95:93:20:3a:c2:f6:f3:98:ce:6e:c9: 12:0e:d2:24:89:2e:b8:6b:6d:8d:c3:37:d8:79:c2:34:d6:40: a8:32:f7:0b:37:2c:d0:34:7b:9a:de:d3:b6:6b:f5:1e:d2:d8: 37:fd:8c:ad:95:70:1b:1d:a0:0d:84:3d:a9:ae:cc:b5:d4:03: 16:eb:0a:5c:88:d4:7d:f7:e5:03:df:7e:de:ce:f6:71:70:1b: 46:16:9f:ab:d4:d7:d1:36:6e:a0:df:5f:1b:3a:1d:e2:22:36: 19:ec:de:24:ba:28:14:07:7a:24:5d:75:8f:42:df:e8:b0:b9: a1:c5:13:e6:27:55:42:e3:64:8e:98:23:b6:ab:c8:61:22:72: 7e:11:95:ff:90:e2:5b:7f:08:3a:b1:2e:73:08:61:79:87:ca: a7:a2:ea:03:93:c6:c9:5c:13:69:ef:54:e8:d7:81:a3:a7:75: 6c:a9:4c:ac:44:11:e7:14:1f:04:8a:2b:b5:fa:1e:09:96:82: 87:ba:26:9b:3c:0b:f2:60:98:bc:70:6d:d9:1f:68:fd:86:d7: 35:6c:77:01:e6:6e:69:40:f0:0a:40:32:81:2d:68:87:c1:e5: c7:1e:6e:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF QkUzNDE3MEUwHhcNMjQwNTA1MDEyOTE4WhcNMjQwNTEyMDEyOTE4WjAYMRYwFAYD VQQDEw02NjM2ZTBlZi0yMWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEhM5F7ijhqjp1O9T8ZFR5O3nRi1+/e1/S/DpXgCA9a7UYJENs8GdY5SF70e G5icQQZ7ZsfAXVUB2vcCf4lxPXByMp8B36AH7p/lbMhipVg3OUJCnPoXORNxlxZa 0dAqXbkP/C9bz5LsQPk1lXRcJ+ORvLi87W3wut9E3WCO1cmjTX5jdWw8e/B0qrVF redThK3XGnkgqOv+RGEFzBj/R53LPL1KDVlA82HgLZ4pd/wl43dGRpWEbiPjdjpn P2AsXiXOyOIyGtpJgaCZEMe6saKaXEfvtIDSIM7w0v3FGG9yQYUklC9Vn2Eb5/rQ D4h3ZPRQVXeXyf9BigARR2gsOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFFj5quh q+NErefTato5nVz1uzB5MB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 Q0NEMS9BRDdGNDVBNENEQzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZ dWNORDdVU2NGcERyNDBGdzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoQntBhWmK1b8xHqCATffynYY9e2h0cp+ilZMgOsL285jObskSDtIk iS64a22NwzfYecI01kCoMvcLNyzQNHua3tO2a/Ue0tg3/YytlXAbHaANhD2prsy1 1AMW6wpciNR99+UD337ezvZxcBtGFp+r1NfRNm6g318bOh3iIjYZ7N4kuigUB3ok XXWPQt/osLmhxRPmJ1VC42SOmCO2q8hhInJ+EZX/kOJbfwg6sS5zCGF5h8qnouoD k8bJXBNp71To14Gjp3VsqUysRBHnFB8Eiiu1+h4JloKHuiabPAvyYJi8cG3ZH2j9 htc1bHcB5m5pQPAKQDKBLWiHweXHHm5h -----END CERTIFICATE-----Generated at Sun May 5 02:33:35 2024 by rpki-client on console-fra.rpki-client.org