$ rpki-client -vvf rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft File: 0PiwBllsfAN8tUkwWzlpAACq6KQ.mft (raw, json) Hash identifier: IUowGk2rNAM3rrZc1PQjID7Ogr4cpfVSuST5sbC+fhY= Subject key identifier: 3A:64:16:A4:85:F8:DC:7E:9B:7A:7E:FA:5D:30:27:A0:74:63:A2:39 Authority key identifier: D0:F8:B0:06:59:6C:7C:03:7C:B5:49:30:5B:39:69:00:00:AA:E8:A4 Certificate issuer: /CN=A91754C0/serialNumber=D0F8B006596C7C037CB549305B39690000AAE8A4 Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft Manifest number: 32 Signing time: Tue 21 May 2024 08:18:00 +0000 Manifest this update: Tue 21 May 2024 08:18:00 +0000 Manifest next update: Tue 28 May 2024 08:18:00 +0000 Files and hashes: 1: 0PiwBllsfAN8tUkwWzlpAACq6KQ.crl (hash: jnjvtvRLgqjnizE0VSuzRq6eQ29v5/SFCh2wEpj1pA8=) 2: D0CB00D4CCBD11EEAC4BCD4BC4F9AE02.roa (hash: 7ulyk1BEVO7SLl9/nv+cH7TUYvvRxvfObneEVzCEi5U=) 3: 6BA3FEA4CCBD11EEBADDFC4AC4F9AE02.roa (hash: IlatHUt1AsR9GufZuGQG0v+tb7N5if4iF2VnZgMXKRA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.crl rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91754C0/serialNumber=D0F8B006596C7C037CB549305B39690000AAE8A4 Validity Not Before: May 21 08:18:00 2024 GMT Not After : May 28 08:18:00 2024 GMT Subject: CN=664c58b8-e17a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2a:03:c2:ef:e1:32:8e:69:50:2c:ab:46:ac: d8:ae:80:9e:e8:d0:0f:ea:56:8e:c8:3e:aa:60:07: 03:21:cb:9a:55:3f:e5:5f:09:5d:1c:83:ce:5b:f6: 0e:9b:2d:71:e5:e9:82:cd:a5:3e:98:95:11:55:5d: 01:94:c8:83:8c:5f:67:90:d4:9d:11:8b:b8:2a:76: 5a:65:0b:56:ff:9e:b6:06:08:19:08:4d:20:83:57: ba:93:b2:b2:ea:92:e5:c9:ce:7d:ab:ce:e2:98:49: 3c:50:16:fc:d6:2c:fe:53:d6:a4:a1:97:35:d8:55: 98:67:0f:eb:b3:35:53:40:54:a1:64:16:3e:4c:93: 2e:5b:14:1a:0e:2f:53:1f:b0:92:65:73:63:33:b6: 2d:1d:1b:fe:51:3a:02:2f:11:47:e7:e6:95:45:92: 8f:4e:49:83:6f:48:45:d4:61:eb:a2:3d:d3:24:68: 0e:35:ac:61:f1:ea:17:b5:1e:eb:6a:cc:c9:ae:bd: a9:f4:47:b5:d4:9c:1c:71:47:39:30:9d:cd:91:4e: 15:0e:f5:89:59:a9:17:ea:27:46:76:64:6f:ef:2e: 2b:fe:64:95:b7:62:45:e2:59:71:f0:ae:84:ba:a8: 88:b7:f8:ec:ee:cf:1d:13:d0:ab:b6:f7:50:47:7a: 37:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:64:16:A4:85:F8:DC:7E:9B:7A:7E:FA:5D:30:27:A0:74:63:A2:39 X509v3 Authority Key Identifier: keyid:D0:F8:B0:06:59:6C:7C:03:7C:B5:49:30:5B:39:69:00:00:AA:E8:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0PiwBllsfAN8tUkwWzlpAACq6KQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91754C0/FEDF572ECCBB11EE8A0F7748C4F9AE02/0PiwBllsfAN8tUkwWzlpAACq6KQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:0e:a1:1b:03:82:c3:2e:b8:53:ee:7d:d3:56:b1:cc:fa:fb: 3d:18:a1:a2:6d:c0:88:2c:56:27:8a:67:e6:b8:71:5c:c1:f4: f6:e4:55:7a:20:31:93:a6:67:ad:19:a8:17:28:11:31:58:5b: 3f:6d:5f:53:75:70:36:9b:cc:e0:36:eb:9d:9b:9a:22:91:27: 12:25:ed:49:4e:ce:d9:d5:e4:88:51:32:79:6a:26:da:65:fb: 38:ee:5e:22:39:07:4d:c3:89:7e:00:eb:88:d4:59:2e:27:03: c8:a1:83:9a:1c:86:a7:da:c1:2a:24:c3:b2:61:e8:2d:4f:fa: da:51:8b:5b:7e:7b:73:22:2e:34:c7:01:3e:93:a8:e7:f5:af: 50:56:af:6a:95:4d:08:da:fc:f5:fe:eb:4a:60:94:c3:a4:d7: f6:a4:aa:b0:d4:41:69:e8:95:d0:e0:74:9a:95:fb:41:2e:74: b1:39:9e:82:dd:b5:1a:80:2a:2e:35:e8:cd:ee:82:4f:9c:e3: 57:27:2a:10:66:b0:eb:db:73:fd:ab:f0:c9:25:d0:c4:b6:57: 8d:17:88:7d:10:2c:d4:ed:c3:b4:60:7b:98:f3:c9:88:57:c1: 2d:7c:b1:2e:70:51:9f:45:ec:38:a1:56:bc:8b:41:77:d7:ed: 4b:46:35:0f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NTRDMDExMC8GA1UEBRMoRDBGOEIwMDY1OTZDN0MwMzdDQjU0OTMwNUIzOTY5MDAw MEFBRThBNDAeFw0yNDA1MjEwODE4MDBaFw0yNDA1MjgwODE4MDBaMBgxFjAUBgNV BAMTDTY2NGM1OGI4LWUxN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6KgPC7+EyjmlQLKtGrNiugJ7o0A/qVo7IPqpgBwMhy5pVP+VfCV0cg85b9g6b LXHl6YLNpT6YlRFVXQGUyIOMX2eQ1J0Ri7gqdlplC1b/nrYGCBkITSCDV7qTsrLq kuXJzn2rzuKYSTxQFvzWLP5T1qShlzXYVZhnD+uzNVNAVKFkFj5Mky5bFBoOL1Mf sJJlc2Mzti0dG/5ROgIvEUfn5pVFko9OSYNvSEXUYeuiPdMkaA41rGHx6he1Hutq zMmuvan0R7XUnBxxRzkwnc2RThUO9YlZqRfqJ0Z2ZG/vLiv+ZJW3YkXiWXHwroS6 qIi3+Ozuzx0T0Ku291BHejd/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOmQWpIX4 3H6ben76XTAnoHRjojkwHwYDVR0jBBgwFoAU0PiwBllsfAN8tUkwWzlpAACq6KQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NEMwL0ZFREY1NzJFQ0NC QjExRUU4QTBGNzc0OEM0RjlBRTAyLzBQaXdCbGxzZkFOOHRVa3dXemxwQUFDcTZL US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMFBpd0JsbHNmQU44dFVrd1d6bHBBQUNxNktRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1 NEMwL0ZFREY1NzJFQ0NCQjExRUU4QTBGNzc0OEM0RjlBRTAyLzBQaXdCbGxzZkFO OHRVa3dXemxwQUFDcTZLUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKoOoRsDgsMuuFPufdNWscz6+z0YoaJtwIgsVieKZ+a4cVzB9PbkVXog MZOmZ60ZqBcoETFYWz9tX1N1cDabzOA2652bmiKRJxIl7UlOztnV5IhRMnlqJtpl +zjuXiI5B03DiX4A64jUWS4nA8ihg5ochqfawSokw7Jh6C1P+tpRi1t+e3MiLjTH AT6TqOf1r1BWr2qVTQja/PX+60pglMOk1/akqrDUQWnoldDgdJqV+0EudLE5noLd tRqAKi416M3ugk+c41cnKhBmsOvbc/2r8Mkl0MS2V40XiH0QLNTtw7Rge5jzyYhX wS18sS5wUZ9F7DihVryLQXfX7UtGNQ8= -----END CERTIFICATE-----Generated at Tue May 21 10:37:09 2024 by rpki-client on console-fra.rpki-client.org