$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft File: KFO9oWOMWZqEwwlTEOab_SYKqXg.mft (raw, json) Hash identifier: ssiuZqUCqjrHkNiBlfmroaNoB7w5w3uHcsemV5ytRtU= Subject key identifier: 9D:F9:5B:C2:AD:9E:FD:9E:B8:05:77:89:5F:4A:6C:7A:FE:A4:13:20 Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78 Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978 Certificate serial: 02B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft Manifest number: 028E Signing time: Sat 27 Apr 2024 03:41:53 +0000 Manifest this update: Sat 27 Apr 2024 03:41:52 +0000 Manifest next update: Sat 04 May 2024 03:41:52 +0000 Files and hashes: 1: KFO9oWOMWZqEwwlTEOab_SYKqXg.crl (hash: TDHZLSEdrVzaa+gzEvgvLqpZVD8jHxlet+l/BuVbMFI=) 2: 57A7394C4B0E11EE8682CD4CC4F9AE02.roa (hash: yjF1vBAnB2/Vtt4bQW4iTYhZqGssoCLw4RVDIGf898Q=) 3: A430F3B2A2F611EE8477DC13C4F9AE02.roa (hash: qfRdmITtzZ6gVFBzmEwWx1JAfswaai9APZYAHwLUaik=) 4: F1930FBAEFE011ED81AE706DC4F9AE02.roa (hash: 51wV8ILWAn25yFNKdCFqhCqeklwdHo2+p2NIS5g/3DY=) 5: 45BC5258C6F711ED9BD6E476C4F9AE02.roa (hash: U3oumhU6T0BmIq3jlCm/1cAUinPeMctGSUrsC85XUNQ=) 6: 96C3CFEAD46711EEA842517BC4F9AE02.roa (hash: +8ppDDvxSy2q2aM7S1BLIbwvYFSh6Bx1aeXj22W8sik=) 7: BE60F6465F9A11EE86E5F045C4F9AE02.roa (hash: QjBhJ0A3GKGqyqxXpkdWTB/3hCNFFin6blZ2Muczx60=) 8: 79B228E4A39D11EDB714273AC4F9AE02.roa (hash: 8TDLo3NvR+9MHFC9Dj6qEioCZRP4A/RxGP0kkyHpBCY=) 9: 13D58140172711ED8E3E8136C4F9AE02.roa (hash: K/RU3pzt4SXdi2E0/qmtqJ1LA/N82fkzYttgR0VF4eU=) 10: A510073CA2F611EE8477DC13C4F9AE02.roa (hash: taFaljMaP9atIrw1KMTs48RoSW+yEQf4TZmr10eKlMk=) 11: 7A589CF6A39D11EDB714273AC4F9AE02.roa (hash: 6lsGBtrnvcBm0t+pZh1ND+NZ7mAtIYzvny8VS286Y0o=) 12: 14000EECD46811EEBDB9C07CC4F9AE02.roa (hash: xDhYi/kOufXzx6pcvT21PQsqRI8a2xznKezKFeHg0l4=) 13: 10B42B8CEE7811EDBED06287C4F9AE02.roa (hash: yLjqGBSnUcZl7mURkvcGqe3G/KCxzrz7hr1bhq1f8E4=) 14: 458AC21A684111EEA6632877C4F9AE02.roa (hash: /SCMEdWRmwZNeXNFedFclx+3MZsGpXtaksQL0wZ77rk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 03:36:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 697 (0x2b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978 Validity Not Before: Apr 27 03:41:52 2024 GMT Not After : May 4 03:41:52 2024 GMT Subject: CN=662c7401-53c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:88:f5:44:49:83:cf:58:dc:2a:7a:de:9e:2b: 26:89:69:95:8a:7a:cf:b6:91:35:d9:31:9e:e4:ef: 0c:e6:eb:e2:6a:2f:77:a0:11:2c:4f:11:4d:a3:84: 9a:d7:f9:28:ca:ce:d3:92:23:4d:cf:6a:d4:5f:e6: 08:5d:60:48:e1:a0:dc:4c:f7:f4:cc:0d:1f:6b:ec: ee:d5:83:36:8c:72:52:8b:42:72:3b:eb:5b:bf:a3: d6:fa:be:32:9c:83:c7:e3:53:97:43:00:c0:e5:35: 2b:e0:94:15:3f:8e:a5:fd:4d:86:3c:03:76:e9:cf: 83:d5:25:f7:2a:18:65:97:f0:38:bf:05:33:a0:e4: e1:79:9e:d4:00:54:34:d9:d4:3a:23:f3:2d:eb:bc: 38:b7:0c:47:e0:8d:c0:9e:44:d3:eb:3e:90:f6:68: 97:8e:2d:35:79:2e:53:40:d3:c7:b2:77:92:55:7b: c9:ed:7c:f9:70:03:1e:22:28:7c:8c:56:a3:15:47: 2b:aa:52:e2:f7:41:3d:e1:35:16:62:6e:27:03:8d: 5f:a0:a7:6d:b3:60:b3:54:a9:6c:b0:94:a6:f6:13: 0e:5d:d2:f4:6d:bd:3a:18:53:27:a0:a1:0e:25:7f: 1a:d3:0c:80:e8:b8:f0:ef:f0:69:95:59:e4:54:51: 1c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:F9:5B:C2:AD:9E:FD:9E:B8:05:77:89:5F:4A:6C:7A:FE:A4:13:20 X509v3 Authority Key Identifier: keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:d7:04:cc:4f:17:48:15:20:38:9c:48:ef:f4:c7:68:86:47: f7:49:2e:ec:da:b4:65:57:fe:0c:92:12:ac:a5:e4:94:34:46: c8:46:d4:13:44:cb:19:60:54:da:93:fc:c9:c8:e1:b7:ae:1d: 0e:38:78:27:42:ed:10:81:e7:12:ab:68:77:e1:f4:eb:9a:1f: e1:f4:24:aa:6e:c4:7b:1f:20:7c:5e:c2:41:ed:e3:e2:fa:2c: ac:a9:70:a2:6f:70:73:f5:0a:e3:62:65:02:ae:df:b9:c3:32: bc:99:96:b8:6b:0e:81:9f:e9:7b:f2:9b:8a:e6:28:46:8f:b0: 20:c1:93:dd:35:ca:db:96:a2:ea:58:07:58:20:48:7c:f7:5e: 81:88:bc:61:e9:80:2c:59:dd:ae:04:31:37:cb:e9:a8:23:77: 25:42:b2:36:ca:6d:31:86:2c:e4:44:b3:de:fd:bf:97:5e:6d: 84:ae:91:27:b0:39:de:a0:29:fa:fd:9d:87:2e:cf:4b:06:98: a1:f0:23:d9:4d:0d:6d:9f:fc:93:d7:3e:90:af:b5:ba:fd:79: a3:cf:0d:50:8a:4e:db:58:63:1f:b8:f2:2a:90:e7:0c:5c:da: c1:fd:69:f0:17:f5:3d:74:04:90:2a:43:ad:d1:23:5c:2c:91: 3a:2e:51:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE MjYwQUE5NzgwHhcNMjQwNDI3MDM0MTUyWhcNMjQwNTA0MDM0MTUyWjAYMRYwFAYD VQQDEw02NjJjNzQwMS01M2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz4j1REmDz1jcKnrenismiWmVinrPtpE12TGe5O8M5uviai93oBEsTxFNo4Sa 1/koys7TkiNNz2rUX+YIXWBI4aDcTPf0zA0fa+zu1YM2jHJSi0JyO+tbv6PW+r4y nIPH41OXQwDA5TUr4JQVP46l/U2GPAN26c+D1SX3Khhll/A4vwUzoOTheZ7UAFQ0 2dQ6I/Mt67w4twxH4I3AnkTT6z6Q9miXji01eS5TQNPHsneSVXvJ7Xz5cAMeIih8 jFajFUcrqlLi90E94TUWYm4nA41foKdts2CzVKlssJSm9hMOXdL0bb06GFMnoKEO JX8a0wyA6Ljw7/BplVnkVFEcmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ35W8Kt nv2euAV3iV9KbHr+pBMgMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTU3Qi84REE3MjY0MEMxRkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVda cUV3d2xURU9hYl9TWUtxWGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZ1wTMTxdIFSA4nEjv9Mdohkf3SS7s2rRlV/4MkhKspeSUNEbIRtQT RMsZYFTak/zJyOG3rh0OOHgnQu0QgecSq2h34fTrmh/h9CSqbsR7HyB8XsJB7ePi +iysqXCib3Bz9QrjYmUCrt+5wzK8mZa4aw6Bn+l78puK5ihGj7AgwZPdNcrblqLq WAdYIEh8916BiLxh6YAsWd2uBDE3y+moI3clQrI2ym0xhizkRLPe/b+XXm2ErpEn sDneoCn6/Z2HLs9LBpih8CPZTQ1tn/yT1z6Qr7W6/Xmjzw1Qik7bWGMfuPIqkOcM XNrB/WnwF/U9dASQKkOt0SNcLJE6LlFp -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:04 2024 by rpki-client on console-ams.rpki-client.org