$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft File: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft (raw, json) Hash identifier: Ixm87KBGUQXkPd7ki9gPsRKE/Fk+5Bg/tgww9d1+7FU= Subject key identifier: 9B:46:7F:22:C2:14:57:C8:03:69:BE:4F:42:0C:91:90:63:2D:48:5B Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Certificate serial: 0B3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft Manifest number: 0B25 Signing time: Mon 06 May 2024 19:57:33 +0000 Manifest this update: Mon 06 May 2024 19:57:32 +0000 Manifest next update: Mon 13 May 2024 19:57:32 +0000 Files and hashes: 1: 3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl (hash: exiXucuDOe9jDhKQNB3CdEnjxns6NKE/M3JPt0oIirw=) 2: 3A5A84F8CB7111EBA9EEF440C4F9AE02.roa (hash: reHdzW246NVqAWZCq6Q5QnJEXEf29dnZorkiuo7WYZA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 19:57:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2878 (0xb3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F Validity Not Before: May 6 19:57:32 2024 GMT Not After : May 13 19:57:32 2024 GMT Subject: CN=6639362c-eec7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b2:96:80:76:4f:25:87:41:ca:9c:a4:d7:95: 47:f8:3a:3a:58:23:8b:f8:37:a3:e9:b0:ae:e6:4d: 60:3d:ed:97:1b:b7:49:b3:27:48:0f:94:de:0e:31: 3d:55:96:40:f8:46:a8:71:7c:1f:9d:23:82:52:0d: f8:d8:33:a5:b1:93:f3:ad:1a:fc:eb:0d:dd:e1:69: e5:12:56:f9:bc:60:bc:bb:37:17:04:55:cf:26:84: 96:d8:6e:68:db:ad:86:38:d1:04:bd:0e:38:91:e0: f5:15:5a:0d:99:2c:d9:99:d2:99:09:cf:52:9b:05: 5f:9c:27:cb:f8:a3:d5:41:6b:c2:d9:e6:45:a2:c2: 72:ee:13:5e:10:7b:dd:1b:94:b6:a9:c1:dd:d8:cb: 85:b8:7c:bd:26:bf:a0:27:0d:ef:f9:92:d0:44:e8: 56:05:7c:f3:33:fb:aa:23:9c:38:a3:b0:3f:d9:69: a4:6c:df:2c:23:a1:ba:12:ed:bd:71:b9:20:4f:43: ee:bb:36:d5:c3:c4:63:6c:c2:88:30:0a:69:58:83: 59:9a:2d:af:69:64:83:db:07:53:c8:77:69:d0:81: dd:ef:21:74:af:4a:5a:b3:c1:18:57:8b:00:32:40: a7:5f:22:7b:d0:37:e0:bb:86:84:57:15:c9:1e:36: 0f:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:46:7F:22:C2:14:57:C8:03:69:BE:4F:42:0C:91:90:63:2D:48:5B X509v3 Authority Key Identifier: keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:62:9e:d2:dd:8d:bd:e4:26:59:a9:f3:e7:57:e2:ee:ba:36: b5:71:46:eb:db:c2:22:4a:de:29:59:a7:83:2e:2d:1f:f6:64: d4:b3:d8:8a:03:c5:a4:26:e9:18:24:1c:93:ae:d9:5b:79:cb: 02:fb:9a:b4:63:3c:12:16:3e:2e:63:31:fd:41:8d:21:0e:e8: 1a:a9:fa:de:87:30:82:77:ff:8a:fe:26:4b:24:5e:a1:1d:32: 86:2d:7a:e9:28:fa:cd:cc:84:d8:7e:18:8a:ce:c4:3d:76:c7: 43:e7:75:23:22:4c:40:4d:b4:cb:58:6e:27:a3:33:48:b8:7d: cf:31:36:58:02:8f:48:cb:94:3f:bc:07:98:75:b9:d6:53:30: 38:28:ad:db:74:a6:30:52:b3:64:84:e3:37:35:db:ee:0d:03: ac:50:cd:b5:83:5c:9d:d6:59:54:e2:84:38:b9:f4:10:e2:13: d5:19:c8:36:fe:ea:68:fe:53:f2:a4:cf:95:c4:fd:18:b5:10: f2:46:39:b0:2c:6d:b2:de:fc:54:2a:7c:72:64:c4:e0:3d:a5: 84:2b:12:bd:84:44:14:d3:2d:27:ea:c1:67:bb:59:1b:74:e0: 6a:b0:ff:51:a6:0a:9a:77:bc:d9:03:f7:91:bf:a7:c4:45:bb: 0e:12:26:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC MjU1N0Y0M0YwHhcNMjQwNTA2MTk1NzMyWhcNMjQwNTEzMTk1NzMyWjAYMRYwFAYD VQQDEw02NjM5MzYyYy1lZWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7KWgHZPJYdBypyk15VH+Do6WCOL+Dej6bCu5k1gPe2XG7dJsydID5TeDjE9 VZZA+EaocXwfnSOCUg342DOlsZPzrRr86w3d4WnlElb5vGC8uzcXBFXPJoSW2G5o 262GONEEvQ44keD1FVoNmSzZmdKZCc9SmwVfnCfL+KPVQWvC2eZFosJy7hNeEHvd G5S2qcHd2MuFuHy9Jr+gJw3v+ZLQROhWBXzzM/uqI5w4o7A/2WmkbN8sI6G6Eu29 cbkgT0PuuzbVw8RjbMKIMAppWINZmi2vaWSD2wdTyHdp0IHd7yF0r0pas8EYV4sA MkCnXyJ70Dfgu4aEVxXJHjYPcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtGfyLC FFfIA2m+T0IMkZBjLUhbMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4 NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5 RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU2OC9EMzEzMDY3NjE4NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExF RTN5OUhJN1VUWnl5Vlg5RDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFYp7S3Y295CZZqfPnV+Luuja1cUbr28IiSt4pWaeDLi0f9mTUs9iK A8WkJukYJByTrtlbecsC+5q0YzwSFj4uYzH9QY0hDugaqfrehzCCd/+K/iZLJF6h HTKGLXrpKPrNzITYfhiKzsQ9dsdD53UjIkxATbTLWG4nozNIuH3PMTZYAo9Iy5Q/ vAeYdbnWUzA4KK3bdKYwUrNkhOM3NdvuDQOsUM21g1yd1llU4oQ4ufQQ4hPVGcg2 /upo/lPypM+VxP0YtRDyRjmwLG2y3vxUKnxyZMTgPaWEKxK9hEQU0y0n6sFnu1kb dOBqsP9Rpgqad7zZA/eRv6fERbsOEibr -----END CERTIFICATE-----Generated at Mon May 6 22:40:55 2024 by rpki-client on console-ams.rpki-client.org