$ rpki-client -vvf rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft File: CmH1ryEJpoNhH7ogbyCM7-NImCE.mft (raw, json) Hash identifier: sja3NUPgPY96s48jpsxJgZvsmHShTRFioKhA1JKa2I8= Subject key identifier: 50:B4:A4:71:99:74:14:6C:70:29:1C:D7:C2:B6:DB:18:EF:22:C6:63 Authority key identifier: 0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 Certificate issuer: /CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Certificate serial: 09C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft Manifest number: 09B8 Signing time: Sat 18 May 2024 20:50:19 +0000 Manifest this update: Sat 18 May 2024 20:50:18 +0000 Manifest next update: Sat 25 May 2024 20:50:18 +0000 Files and hashes: 1: CmH1ryEJpoNhH7ogbyCM7-NImCE.crl (hash: dPORpb3Bjg9IvLGxsfgzgfQWOrGKipTr5UHgXQQgCqc=) 2: FE32E0965F8E11EA935F3E69C4F9AE02.roa (hash: U0A5yh5nwOlME8D4OdBtuWBfWXJcBZCG31TD2q/Y4RY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2498 (0x9c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Validity Not Before: May 18 20:50:18 2024 GMT Not After : May 25 20:50:18 2024 GMT Subject: CN=6649148a-6e20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e2:72:1c:fe:64:a9:1e:3c:31:55:16:0c:15: 24:ec:b1:54:5f:7f:98:af:75:0f:22:57:41:84:dd: d0:4c:17:a9:d2:6e:2d:8e:58:35:1d:ad:06:4f:26: 2a:46:10:d7:c6:be:56:e9:12:5f:e0:ff:a2:15:77: ba:20:fb:fb:e5:2c:43:c3:39:6d:e2:1c:15:08:09: 66:39:f0:62:6e:01:e1:c7:80:8a:c0:41:2e:2c:f3: fa:36:d3:d3:02:59:7e:a8:33:0c:51:0e:8b:f6:16: c5:15:c9:5e:e0:99:52:ac:21:46:1b:07:71:52:82: 19:b1:4d:fb:65:0b:fc:2c:d8:76:85:e9:fd:c6:a1: 2c:4e:ef:3f:17:89:ba:45:91:52:3e:8d:a3:5f:27: c8:24:f1:1c:c3:83:b5:00:d6:97:a5:bf:08:05:a5: e0:af:4c:1d:45:8a:f0:09:be:e3:7b:49:ad:70:fc: be:78:cf:6c:6b:59:97:89:c2:3b:88:64:ea:10:db: 2a:f4:ca:6b:57:20:8e:c6:20:cb:99:ae:e2:6e:f6: 89:94:1d:e0:56:fd:b8:17:05:58:78:0b:dc:db:3d: 6a:58:c5:81:cc:d5:bc:0d:72:43:11:ae:2a:a5:db: 55:2e:3c:04:96:04:36:e0:c4:c6:a6:73:47:ba:24: 18:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:B4:A4:71:99:74:14:6C:70:29:1C:D7:C2:B6:DB:18:EF:22:C6:63 X509v3 Authority Key Identifier: keyid:0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:81:65:36:68:f8:d2:7a:89:b4:7a:e4:a5:6e:c3:cd:54:fd: 31:3b:29:33:8d:7e:2e:39:97:8a:f5:89:c2:5b:2f:6a:b0:36: 0d:08:06:c6:c7:65:25:71:00:9d:99:70:0a:6a:03:68:d7:ee: cc:6f:44:07:96:bf:84:b5:35:4c:e5:ba:fc:9b:a7:4e:89:7d: 8a:5d:59:fa:4e:fe:d7:9a:09:b2:fe:ff:f0:49:6b:9b:91:ee: 81:74:ea:38:8e:3f:89:d8:4b:0b:78:ad:e6:4e:66:0b:57:42: e2:32:39:39:89:57:ec:fe:89:db:64:5b:03:c8:aa:81:08:7a: 42:b5:b2:de:56:de:87:2d:06:6a:c7:38:76:26:36:92:04:08: d0:d3:93:62:87:02:fc:a5:1e:f6:fe:37:3a:4e:b9:c3:50:73: 68:02:ab:9d:64:08:66:ad:31:e1:65:30:cf:0a:16:a8:83:8c: 02:7f:9c:40:c4:b3:dd:1c:5b:fd:37:47:42:8f:73:2b:1b:60: 86:e8:37:1e:4d:7a:81:93:25:e8:d9:e4:7a:43:d5:99:71:b9: 76:77:3b:b7:ff:77:32:52:17:d6:b3:65:d6:ad:8b:2b:5d:1a: ac:87:1b:a1:85:f9:25:e9:1a:df:f9:a5:70:6a:28:e2:23:3d: 0a:c3:ee:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU5QUMxMTAvBgNVBAUTKDBBNjFGNUFGMjEwOUE2ODM2MTFGQkEyMDZGMjA4Q0VG RTM0ODk4MjEwHhcNMjQwNTE4MjA1MDE4WhcNMjQwNTI1MjA1MDE4WjAYMRYwFAYD VQQDEw02NjQ5MTQ4YS02ZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1uJyHP5kqR48MVUWDBUk7LFUX3+Yr3UPIldBhN3QTBep0m4tjlg1Ha0GTyYq RhDXxr5W6RJf4P+iFXe6IPv75SxDwzlt4hwVCAlmOfBibgHhx4CKwEEuLPP6NtPT All+qDMMUQ6L9hbFFcle4JlSrCFGGwdxUoIZsU37ZQv8LNh2hen9xqEsTu8/F4m6 RZFSPo2jXyfIJPEcw4O1ANaXpb8IBaXgr0wdRYrwCb7je0mtcPy+eM9sa1mXicI7 iGTqENsq9MprVyCOxiDLma7ibvaJlB3gVv24FwVYeAvc2z1qWMWBzNW8DXJDEa4q pdtVLjwElgQ24MTGpnNHuiQYUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFC0pHGZ dBRscCkc18K22xjvIsZjMB8GA1UdIwQYMBaAFAph9a8hCaaDYR+6IG8gjO/jSJgh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTlBQy9DMDYxMzUxNjVG OEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBvTmhIN29nYnlDTTctTklt Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtSDFyeUVKcG9OaEg3b2dieUNNNy1OSW1DRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTlBQy9DMDYxMzUxNjVGOEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBv TmhIN29nYnlDTTctTkltQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7gWU2aPjSeom0euSlbsPNVP0xOykzjX4uOZeK9YnCWy9qsDYNCAbG x2UlcQCdmXAKagNo1+7Mb0QHlr+EtTVM5br8m6dOiX2KXVn6Tv7Xmgmy/v/wSWub ke6BdOo4jj+J2EsLeK3mTmYLV0LiMjk5iVfs/onbZFsDyKqBCHpCtbLeVt6HLQZq xzh2JjaSBAjQ05NihwL8pR72/jc6TrnDUHNoAqudZAhmrTHhZTDPChaog4wCf5xA xLPdHFv9N0dCj3MrG2CG6DceTXqBkyXo2eR6Q9WZcbl2dzu3/3cyUhfWs2XWrYsr XRqshxuhhfkl6Rrf+aVwaijiIz0Kw+5l -----END CERTIFICATE-----Generated at Sat May 18 21:31:28 2024 by rpki-client on console-ams.rpki-client.org