$ rpki-client -vvf rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.mft File: yZ1gB81HfYmzWcM8k8qptbsQYBo.mft (raw, json) Hash identifier: HdCifCfFkUW7xP/We0vc60TEogfH9vcbf54MtiTE+ts= Subject key identifier: A9:C4:0C:E1:B8:44:E3:AD:48:2F:50:D0:82:26:11:76:3F:CD:06:66 Authority key identifier: C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A Certificate issuer: /CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A Certificate serial: 0B51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.mft Manifest number: 0B4B Signing time: Tue 30 Apr 2024 19:59:39 +0000 Manifest this update: Tue 30 Apr 2024 19:59:38 +0000 Manifest next update: Tue 07 May 2024 19:59:38 +0000 Files and hashes: 1: yZ1gB81HfYmzWcM8k8qptbsQYBo.crl (hash: 6693X3QNFqMsVqKtaUKTJ5GZYWT+9bKAOfwoPasdbq4=) 2: 38416E960DE211EA999D9786C4F9AE02.roa (hash: MAWRaaMprm8tPei+3CtJOqEW3h2weTu0tf++qBi1g+k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.crl rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 19:59:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2897 (0xb51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173F03/serialNumber=C99D6007CD477D89B359C33C93CAA9B5BB10601A Validity Not Before: Apr 30 19:59:38 2024 GMT Not After : May 7 19:59:38 2024 GMT Subject: CN=66314dab-9689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e0:aa:e5:0d:e7:89:32:95:7f:02:71:65:bc: 64:95:0b:11:f5:81:11:71:7b:7e:57:40:b0:9f:a4: 7b:f1:2e:ce:6c:08:e0:97:51:99:fb:97:52:5d:38: 8c:f2:ee:2b:32:b9:e5:e1:a9:57:fe:04:ba:f5:62: 70:6e:da:a1:92:5a:19:68:2a:53:e4:38:e2:01:f8: 31:ab:d9:bf:ff:e6:09:40:3f:38:47:77:e6:63:9d: 74:ba:92:3d:17:ec:df:e3:1c:17:06:32:23:03:8b: f9:3a:00:72:54:1b:93:11:bc:bd:7e:b3:c8:37:24: ae:24:34:78:6d:aa:8d:c7:71:a6:f4:55:62:07:58: 66:e6:3b:d6:0d:82:57:3b:d3:7a:19:fb:50:e2:f9: f6:c2:65:7d:31:11:d6:84:f6:a0:89:97:aa:22:d3: ef:f1:59:f1:05:d0:81:dc:7e:e3:40:66:ad:97:94: 7a:00:33:7a:9e:1e:4f:65:33:ad:4d:10:01:76:1f: ef:df:6f:39:a8:1e:f2:54:2e:e6:50:6b:81:03:59: 79:dc:00:04:f3:50:ce:66:32:2f:a8:98:11:25:1c: a6:4d:a2:ba:84:ee:73:33:b7:f0:20:01:6b:9a:a6: be:e5:08:c8:ca:f2:61:25:34:18:f6:54:5f:65:df: 32:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:C4:0C:E1:B8:44:E3:AD:48:2F:50:D0:82:26:11:76:3F:CD:06:66 X509v3 Authority Key Identifier: keyid:C9:9D:60:07:CD:47:7D:89:B3:59:C3:3C:93:CA:A9:B5:BB:10:60:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ1gB81HfYmzWcM8k8qptbsQYBo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173F03/64F6C28E0DE111EA99669885C4F9AE02/yZ1gB81HfYmzWcM8k8qptbsQYBo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:c0:1f:89:d5:d6:86:b0:b2:58:22:64:07:ac:f1:36:43:19: cd:b8:3e:68:1b:ad:bd:0f:83:81:8d:d2:c6:57:d2:a6:09:eb: 9c:b0:41:78:2d:cd:9b:dd:de:b7:67:27:ba:05:29:ff:e4:90: 2c:66:29:5a:e2:f3:21:fd:f8:06:52:a1:28:6a:a3:dc:9a:9a: 44:ad:61:b3:28:1e:77:82:a3:5a:e2:1f:a3:30:5b:78:40:dc: 42:bc:6e:16:26:8e:5b:40:fc:38:c5:f7:1d:e1:69:53:b7:af: 61:14:2d:7d:a3:79:03:c4:90:8d:f0:a4:21:75:a3:30:59:d0: 25:8c:38:83:53:82:01:2a:c2:1f:5b:d3:f0:63:2b:3a:ac:97: 9b:90:67:5a:2a:31:d5:e3:b9:03:21:64:75:fc:c0:b3:92:17: 9a:b9:b6:65:1d:ec:61:73:e1:e4:3d:26:8a:3f:90:4c:6f:58: 96:f1:80:e0:57:f1:fe:30:62:b0:24:f0:a0:81:ab:e0:1a:53: 9f:f6:86:7e:e3:ca:c1:e6:7b:4f:37:cd:f5:19:26:90:ef:1a: f9:43:21:c4:65:43:d7:2d:33:d7:0b:06:8e:54:71:b3:8a:25: ad:3e:cb:4a:f8:dd:1e:45:57:b0:f9:e0:10:08:bf:53:6d:4f: be:af:de:fa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC1EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzNGMDMxMTAvBgNVBAUTKEM5OUQ2MDA3Q0Q0NzdEODlCMzU5QzMzQzkzQ0FBOUI1 QkIxMDYwMUEwHhcNMjQwNDMwMTk1OTM4WhcNMjQwNTA3MTk1OTM4WjAYMRYwFAYD VQQDEw02NjMxNGRhYi05Njg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOCq5Q3niTKVfwJxZbxklQsR9YERcXt+V0Cwn6R78S7ObAjgl1GZ+5dSXTiM 8u4rMrnl4alX/gS69WJwbtqhkloZaCpT5DjiAfgxq9m//+YJQD84R3fmY510upI9 F+zf4xwXBjIjA4v5OgByVBuTEby9frPINySuJDR4baqNx3Gm9FViB1hm5jvWDYJX O9N6GftQ4vn2wmV9MRHWhPagiZeqItPv8VnxBdCB3H7jQGatl5R6ADN6nh5PZTOt TRABdh/v3285qB7yVC7mUGuBA1l53AAE81DOZjIvqJgRJRymTaK6hO5zM7fwIAFr mqa+5QjIyvJhJTQY9lRfZd8yIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKnEDOG4 ROOtSC9Q0IImEXY/zQZmMB8GA1UdIwQYMBaAFMmdYAfNR32Js1nDPJPKqbW7EGAa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0YwMy82NEY2QzI4RTBE RTExMUVBOTk2Njk4ODVDNEY5QUUwMi95WjFnQjgxSGZZbXpXY004azhxcHRic1FZ Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3laMWdCODFIZllteldjTThrOHFwdGJzUVlCby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 M0YwMy82NEY2QzI4RTBERTExMUVBOTk2Njk4ODVDNEY5QUUwMi95WjFnQjgxSGZZ bXpXY004azhxcHRic1FZQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQwB+J1daGsLJYImQHrPE2QxnNuD5oG629D4OBjdLGV9KmCeucsEF4 Lc2b3d63Zye6BSn/5JAsZila4vMh/fgGUqEoaqPcmppErWGzKB53gqNa4h+jMFt4 QNxCvG4WJo5bQPw4xfcd4WlTt69hFC19o3kDxJCN8KQhdaMwWdAljDiDU4IBKsIf W9PwYys6rJebkGdaKjHV47kDIWR1/MCzkheaubZlHexhc+HkPSaKP5BMb1iW8YDg V/H+MGKwJPCggavgGlOf9oZ+48rB5ntPN831GSaQ7xr5QyHEZUPXLTPXCwaOVHGz iiWtPstK+N0eRVew+eAQCL9TbU++r976 -----END CERTIFICATE-----Generated at Tue Apr 30 21:37:59 2024 by rpki-client on console-fra.rpki-client.org