$ rpki-client -vvf rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft File: AflcxfCmuelnxvjzbH9k1CRLrHI.mft (raw, json) Hash identifier: qXqPQ4l3S6idCZYABG9icRdndH3EidAaa/KdXYGxyI8= Subject key identifier: 2D:99:2B:37:EF:C8:F7:28:2B:CA:AB:9C:FA:E0:E3:6A:93:1F:E5:97 Authority key identifier: 01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 Certificate issuer: /CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Certificate serial: 0141 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft Manifest number: 013F Signing time: Sun 05 May 2024 05:04:43 +0000 Manifest this update: Sun 05 May 2024 05:04:43 +0000 Manifest next update: Sun 12 May 2024 05:04:43 +0000 Files and hashes: 1: AflcxfCmuelnxvjzbH9k1CRLrHI.crl (hash: 4fmE95pHiBaPp9Yq6t58/HROwItqSooS2G7vUNmlJ20=) 2: 0C1EB10A3A5011ED8B4A2570C4F9AE02.roa (hash: lskQ/yu8M1tBJMgyGzF7vQdWZvqpvVyiFeiC9RPv8m4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 02:50:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 321 (0x141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9169451/serialNumber=01F95CC5F0A6B9E967C6F8F36C7F64D4244BAC72 Validity Not Before: May 5 05:04:43 2024 GMT Not After : May 12 05:04:43 2024 GMT Subject: CN=6637136b-9c41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:74:94:bf:2c:40:88:71:44:bc:32:10:1b:2b: 0a:17:09:b3:33:d9:4e:a1:eb:f9:f3:0d:38:8c:df: f4:7e:c5:24:7e:b1:c3:84:ad:e4:a2:a7:6b:30:19: f0:9d:1a:24:7a:ac:1d:51:04:03:c9:90:9e:de:d8: d8:82:eb:8a:f4:ec:56:d2:e9:be:f6:c9:ec:76:cb: ae:dc:65:31:db:3f:e6:7a:77:d1:4d:f3:6e:18:50: 44:99:74:29:a3:58:f5:8c:d2:16:cf:48:63:a2:14: 09:c3:13:bd:61:78:0b:f3:e1:b7:3e:7c:58:d8:f2: 89:7c:5f:fa:1c:4f:2c:77:0e:6b:bc:af:d8:9d:7f: 3d:14:20:c4:1e:d4:de:e0:16:35:dc:3e:a5:7d:13: ff:f2:52:68:96:01:7e:d6:9c:6b:e7:53:84:b6:2d: 43:0b:bf:f0:82:32:51:c0:76:58:46:31:e0:2b:d4: b5:df:5f:30:d8:87:c1:95:12:ee:1e:85:7a:22:cf: bf:85:9b:ab:7d:75:ee:9a:08:6f:7c:10:5c:ef:8c: 21:c9:49:8d:4d:fb:c6:c9:03:3d:f2:f9:11:98:88: 7e:c6:66:8e:28:ed:c7:96:3d:a5:d5:73:81:0e:ca: e6:35:42:5f:14:2f:29:a3:a9:9a:4b:f4:1d:2c:64: c4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:99:2B:37:EF:C8:F7:28:2B:CA:AB:9C:FA:E0:E3:6A:93:1F:E5:97 X509v3 Authority Key Identifier: keyid:01:F9:5C:C5:F0:A6:B9:E9:67:C6:F8:F3:6C:7F:64:D4:24:4B:AC:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AflcxfCmuelnxvjzbH9k1CRLrHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169451/71DB67D43A4D11ED900DE26EC4F9AE02/AflcxfCmuelnxvjzbH9k1CRLrHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:5e:81:33:24:9e:41:01:7e:10:e4:8c:46:7c:d6:14:42:0f: b1:54:35:ba:19:72:17:a4:2c:61:50:80:de:cb:80:cf:55:88: 08:c3:73:56:ec:d8:ed:a5:14:45:2d:cc:ef:5c:a2:d1:be:62: ae:8a:35:d7:2a:a6:e1:04:fe:d3:df:c7:f3:3b:03:05:80:99: 60:aa:b9:47:83:44:92:bf:9a:98:9a:4b:9f:e4:67:1c:78:fa: ea:47:ff:6f:db:33:fd:58:bc:02:96:e1:b4:91:93:d7:ed:e9: 6a:86:40:14:48:b3:b7:85:4c:8c:90:85:12:f0:05:93:68:c9: 1f:86:7f:2b:6b:f3:e1:b1:af:92:d9:1c:e8:21:7e:a6:3f:c1: d4:b5:b0:78:d3:af:16:dd:45:30:45:9a:62:6c:11:78:2a:22: c9:0d:32:94:ad:ed:80:70:71:8d:29:4e:9e:ad:5b:74:69:f7: 6a:bb:fa:f6:44:8f:a8:a9:76:d5:2b:d8:04:9f:89:f1:99:d0: 1f:36:62:0c:f9:5f:aa:aa:9a:01:56:35:08:1e:30:9a:8d:7b: a6:8a:71:54:23:80:41:39:f5:a0:97:78:77:df:b3:48:9c:bb: c1:3e:a4:13:e1:40:0d:66:98:d9:bf:c3:fd:dd:9f:a1:a3:5d: 5c:c1:4e:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njk0NTExMTAvBgNVBAUTKDAxRjk1Q0M1RjBBNkI5RTk2N0M2RjhGMzZDN0Y2NEQ0 MjQ0QkFDNzIwHhcNMjQwNTA1MDUwNDQzWhcNMjQwNTEyMDUwNDQzWjAYMRYwFAYD VQQDEw02NjM3MTM2Yi05YzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArXSUvyxAiHFEvDIQGysKFwmzM9lOoev58w04jN/0fsUkfrHDhK3koqdrMBnw nRokeqwdUQQDyZCe3tjYguuK9OxW0um+9snsdsuu3GUx2z/menfRTfNuGFBEmXQp o1j1jNIWz0hjohQJwxO9YXgL8+G3PnxY2PKJfF/6HE8sdw5rvK/YnX89FCDEHtTe 4BY13D6lfRP/8lJolgF+1pxr51OEti1DC7/wgjJRwHZYRjHgK9S1318w2IfBlRLu HoV6Is+/hZurfXXumghvfBBc74whyUmNTfvGyQM98vkRmIh+xmaOKO3Hlj2l1XOB DsrmNUJfFC8po6maS/QdLGTEYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC2ZKzfv yPcoK8qrnPrg42qTH+WXMB8GA1UdIwQYMBaAFAH5XMXwprnpZ8b482x/ZNQkS6xy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTQ1MS83MURCNjdENDNB NEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVlbG54dmp6Ykg5azFDUkxy SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FmbGN4ZkNtdWVsbnh2anpiSDlrMUNSTHJISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OTQ1MS83MURCNjdENDNBNEQxMUVEOTAwREUyNkVDNEY5QUUwMi9BZmxjeGZDbXVl bG54dmp6Ykg5azFDUkxySEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+XoEzJJ5BAX4Q5IxGfNYUQg+xVDW6GXIXpCxhUIDey4DPVYgIw3NW 7NjtpRRFLczvXKLRvmKuijXXKqbhBP7T38fzOwMFgJlgqrlHg0SSv5qYmkuf5Gcc ePrqR/9v2zP9WLwCluG0kZPX7elqhkAUSLO3hUyMkIUS8AWTaMkfhn8ra/Phsa+S 2RzoIX6mP8HUtbB4068W3UUwRZpibBF4KiLJDTKUre2AcHGNKU6erVt0afdqu/r2 RI+oqXbVK9gEn4nxmdAfNmIM+V+qqpoBVjUIHjCajXuminFUI4BBOfWgl3h337NI nLvBPqQT4UANZpjZv8P93Z+ho11cwU5H -----END CERTIFICATE-----Generated at Sun May 5 06:01:18 2024 by rpki-client on console-fra.rpki-client.org