$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft (raw, json) Hash identifier: SExUl06J5KqsDO8de3cLvRmGbxjrYQZjYy0kWK7sZPE= Subject key identifier: 32:57:5A:57:A6:D9:0D:55:8B:EC:F4:36:E7:E5:30:4E:7D:14:E8:32 Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft Manifest number: DC Signing time: Fri 03 May 2024 06:05:35 +0000 Manifest this update: Fri 03 May 2024 06:05:34 +0000 Manifest next update: Fri 10 May 2024 06:05:34 +0000 Files and hashes: 1: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl (hash: poNexQNxje6oDCp4eCk8ezrMTsE33vJ/oYNrsEtYifM=) 2: EA5A9A32BDAA11ED92995562C4F9AE02.roa (hash: Vj6OmRDf4YcPyEGBdudGhjii1+8xM3JzwF/SfTYS4LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 06:05:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: May 3 06:05:34 2024 GMT Not After : May 10 06:05:34 2024 GMT Subject: CN=66347eaf-d0e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ba:77:0c:25:08:20:fe:44:fa:2e:97:3c:13: ad:ce:4f:e8:0e:71:40:19:0d:da:70:71:bd:01:99: 51:9e:e8:ec:b3:01:75:b9:ac:62:be:dc:25:9a:75: 5a:6f:d2:5d:51:c0:c7:0d:84:bf:85:d8:49:2c:1f: fb:5c:5a:05:b7:51:f4:61:86:ae:51:5e:1f:ba:0f: a2:da:22:3e:b7:c1:0a:43:f3:a9:71:f1:f5:55:a0: 9b:91:9c:e5:a4:b2:da:15:5c:c4:b0:39:2d:3b:2d: 9c:ac:33:c4:03:2d:76:cd:e1:e1:a4:d8:df:61:85: ee:c5:b2:e0:ba:d5:dc:e2:26:8e:6b:e8:99:26:58: c4:7b:48:be:3f:da:2b:32:36:9f:50:9a:57:b5:76: e2:af:f5:4c:18:d3:f2:3c:c6:71:e3:0c:aa:8d:33: 0e:85:af:15:9b:05:de:62:f1:0a:3b:5f:51:9c:94: 35:64:94:2e:e6:d0:16:2e:bd:04:11:dc:9f:ca:c7: 87:c9:e3:c2:57:15:b2:c6:79:b8:e3:9a:57:75:6a: da:9f:64:9f:c6:cb:74:53:46:90:42:cb:90:95:07: d8:a0:c0:1a:82:ce:c4:ea:b7:db:7e:e1:a9:6b:79: be:bf:ef:e4:eb:e4:5f:b5:16:40:0e:b3:a0:3c:38: 6e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:57:5A:57:A6:D9:0D:55:8B:EC:F4:36:E7:E5:30:4E:7D:14:E8:32 X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:98:fd:45:b7:a7:6c:a0:a0:9e:cc:9c:20:f7:0a:f9:85:fe: 9c:86:e2:d7:65:03:83:12:23:ae:a3:c1:29:a3:6d:7b:a2:d8: f4:4b:c6:66:b5:06:ae:1e:7a:06:77:84:f8:54:26:d9:f8:59: 8f:2f:2a:a6:71:c4:38:df:25:d6:1c:bf:f1:f7:42:99:1d:b2: 82:c7:29:84:0f:c3:76:68:40:6d:44:ce:b1:f4:93:35:b8:2a: 56:25:57:2d:1c:f2:be:39:b9:6a:e6:cf:2f:ed:6c:c8:c8:6b: 2e:81:e8:9d:83:d3:fb:26:bb:00:48:4f:d2:67:18:e4:16:01: 5f:60:42:f9:22:6d:1a:39:b2:f0:3a:10:a2:37:2e:ae:46:f9: 91:a1:73:a5:33:75:e4:e0:54:b0:1a:bf:43:c9:23:ba:20:b4: bb:42:58:14:c0:d5:7f:f8:fe:64:5c:32:5c:d7:f8:26:67:6b: 16:7f:80:c2:0b:1f:b4:75:20:64:6d:7d:b0:2c:87:c0:ab:f7: e7:e1:4e:cf:64:73:5a:fc:7d:da:2d:53:2a:01:65:ef:c1:7f: a9:2f:d1:74:90:42:1b:32:cc:ac:a2:95:48:b7:1c:81:d9:36: aa:54:af:6e:f1:ad:51:a5:89:bc:1a:e3:e6:31:5a:d7:45:4a: 87:4e:b7:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VFMzBDNEU4N0Ey NEQyRkY1N0IwHhcNMjQwNTAzMDYwNTM0WhcNMjQwNTEwMDYwNTM0WjAYMRYwFAYD VQQDEw02NjM0N2VhZi1kMGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAobp3DCUIIP5E+i6XPBOtzk/oDnFAGQ3acHG9AZlRnujsswF1uaxivtwlmnVa b9JdUcDHDYS/hdhJLB/7XFoFt1H0YYauUV4fug+i2iI+t8EKQ/OpcfH1VaCbkZzl pLLaFVzEsDktOy2crDPEAy12zeHhpNjfYYXuxbLgutXc4iaOa+iZJljEe0i+P9or MjafUJpXtXbir/VMGNPyPMZx4wyqjTMOha8VmwXeYvEKO19RnJQ1ZJQu5tAWLr0E EdyfyseHyePCVxWyxnm445pXdWran2Sfxst0U0aQQsuQlQfYoMAags7E6rfbfuGp a3m+v+/k6+RftRZADrOgPDhu0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDJXWlem 2Q1Vi+z0NuflME59FOgyMB8GA1UdIwQYMBaAFCgX1KhkSuxBmtzO4wxOh6JNL/V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODY1MC83NzU4RDJDMkJE QTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdFR2EzTTdqREU2SG9rMHY5 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdF R2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZmP1Ft6dsoKCezJwg9wr5hf6chuLXZQODEiOuo8Epo217otj0S8Zm tQauHnoGd4T4VCbZ+FmPLyqmccQ43yXWHL/x90KZHbKCxymED8N2aEBtRM6x9JM1 uCpWJVctHPK+Oblq5s8v7WzIyGsugeidg9P7JrsASE/SZxjkFgFfYEL5Im0aObLw OhCiNy6uRvmRoXOlM3Xk4FSwGr9DySO6ILS7QlgUwNV/+P5kXDJc1/gmZ2sWf4DC Cx+0dSBkbX2wLIfAq/fn4U7PZHNa/H3aLVMqAWXvwX+pL9F0kEIbMsysopVItxyB 2TaqVK9u8a1RpYm8GuPmMVrXRUqHTrdD -----END CERTIFICATE-----Generated at Fri May 3 09:08:49 2024 by rpki-client on console-fra.rpki-client.org