$ rpki-client -vvf rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.mft File: i9g61zjcTFeYTcLssh1ekBm7yMo.mft (raw, json) Hash identifier: 3JzKlkBpbO16A2L7t+wRWtgGANvOmq0ajd5anGHVddA= Subject key identifier: 4F:21:97:D4:43:BD:28:ED:4E:AC:C5:BE:81:C4:23:B6:85:7F:26:F1 Authority key identifier: 8B:D8:3A:D7:38:DC:4C:57:98:4D:C2:EC:B2:1D:5E:90:19:BB:C8:CA Certificate issuer: /CN=A917CC94/serialNumber=8BD83AD738DC4C57984DC2ECB21D5E9019BBC8CA Certificate serial: 0A29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i9g61zjcTFeYTcLssh1ekBm7yMo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.mft Manifest number: 0A22 Signing time: Sat 04 May 2024 20:44:58 +0000 Manifest this update: Sat 04 May 2024 20:44:57 +0000 Manifest next update: Sat 11 May 2024 20:44:57 +0000 Files and hashes: 1: i9g61zjcTFeYTcLssh1ekBm7yMo.crl (hash: uyeLqX+FPeuQIqq9bNz32SujjONrfNaYIhT+RevddS0=) 2: 2EAEF16047F211EAB16A5F1FC4F9AE02.roa (hash: xyx7ZvpUqEsJ4hzF+wnC82GdA9zPLO4pSnhWJzYXkK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.crl rsync://rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i9g61zjcTFeYTcLssh1ekBm7yMo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 19:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2601 (0xa29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CC94/serialNumber=8BD83AD738DC4C57984DC2ECB21D5E9019BBC8CA Validity Not Before: May 4 20:44:57 2024 GMT Not After : May 11 20:44:57 2024 GMT Subject: CN=66369e4a-903b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:f9:03:33:b5:55:d8:8f:ff:84:5a:23:19:70: 82:0e:5f:8e:52:13:35:68:0a:4f:69:38:f6:9a:c2: 44:fb:ad:69:d8:27:63:89:7a:e1:79:59:1d:99:2e: 62:bb:04:b7:ca:29:71:11:08:52:8e:2b:50:fe:51: 84:e6:7a:82:e0:cf:99:a5:d6:0b:6b:fa:ba:9a:58: 4b:ca:df:bf:e9:88:5a:88:3f:30:fb:cb:94:3f:6c: fa:47:d8:aa:6e:55:76:c0:14:e3:36:8b:ff:3a:7e: 21:22:51:42:40:ef:4c:5d:1e:8f:65:82:ad:a5:26: b5:b8:3d:7a:0d:cc:c1:0e:0a:40:4e:71:99:56:46: 0d:45:1a:e4:9c:64:f1:27:7d:e0:21:af:6e:bf:c4: ac:6f:af:d6:02:e9:b4:ac:05:f3:c5:56:3d:2d:ca: 96:91:d7:d9:91:dc:63:c4:24:c4:45:c1:89:5a:66: 95:a5:ea:14:5a:c1:d0:84:54:da:ce:80:e0:19:21: b4:91:97:ef:5d:62:1a:67:c7:e4:ee:23:e6:00:58: 6f:4b:3b:9d:b3:92:11:7f:50:60:a8:03:a1:82:21: 95:6f:68:06:bf:16:7c:15:00:4c:08:7c:e9:75:7a: 29:24:a6:b9:86:ce:9e:ae:e6:63:3a:00:66:9b:b8: 8b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:21:97:D4:43:BD:28:ED:4E:AC:C5:BE:81:C4:23:B6:85:7F:26:F1 X509v3 Authority Key Identifier: keyid:8B:D8:3A:D7:38:DC:4C:57:98:4D:C2:EC:B2:1D:5E:90:19:BB:C8:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i9g61zjcTFeYTcLssh1ekBm7yMo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CC94/66DEBE6447F011EA83E3E71BC4F9AE02/i9g61zjcTFeYTcLssh1ekBm7yMo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:20:2c:8d:f1:70:09:fd:86:03:eb:47:ee:2a:af:67:08:59: b1:cc:c7:e6:af:64:56:79:a9:50:6d:9f:e7:ef:74:02:66:28: 79:ad:a5:aa:34:ee:83:c8:cd:25:c3:f9:f8:bf:35:c7:ef:7c: 4c:af:93:a3:a2:ec:ef:5b:46:6d:b6:4b:e0:fb:fa:2f:2f:0e: f0:85:d3:61:9d:24:92:c1:f7:2b:c3:96:ef:90:22:de:66:53: f5:42:ac:47:ab:5c:7f:3e:94:ef:e4:a1:a9:c6:a3:e8:b6:ef: c1:b5:86:3a:b1:c6:18:20:f2:20:cc:44:4d:57:e6:e8:47:c7: f8:3f:01:d8:d5:d1:fd:d3:df:28:59:0a:96:a8:b7:1b:1f:51: 2c:b5:a5:ba:15:3e:52:70:2b:e8:7d:8d:dd:ad:b1:d4:97:20: e7:4a:fe:1d:13:79:6c:f7:76:20:ac:ae:07:f5:a9:fd:95:73: af:de:43:06:3a:73:47:50:7b:e5:2b:e2:a5:31:41:17:40:b7: 24:86:49:88:97:9a:ff:1c:15:fc:40:c6:1f:f3:58:1a:79:92: a1:29:f5:e7:dc:b0:6f:e1:6d:6a:21:26:12:11:76:f6:5d:32: 6e:ed:cc:49:9d:7a:a5:06:8d:76:6d:77:c2:dd:fa:6d:e7:1b: 04:0e:8f:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NDOTQxMTAvBgNVBAUTKDhCRDgzQUQ3MzhEQzRDNTc5ODREQzJFQ0IyMUQ1RTkw MTlCQkM4Q0EwHhcNMjQwNTA0MjA0NDU3WhcNMjQwNTExMjA0NDU3WjAYMRYwFAYD VQQDEw02NjM2OWU0YS05MDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkfkDM7VV2I//hFojGXCCDl+OUhM1aApPaTj2msJE+61p2CdjiXrheVkdmS5i uwS3yilxEQhSjitQ/lGE5nqC4M+ZpdYLa/q6mlhLyt+/6YhaiD8w+8uUP2z6R9iq blV2wBTjNov/On4hIlFCQO9MXR6PZYKtpSa1uD16DczBDgpATnGZVkYNRRrknGTx J33gIa9uv8Ssb6/WAum0rAXzxVY9LcqWkdfZkdxjxCTERcGJWmaVpeoUWsHQhFTa zoDgGSG0kZfvXWIaZ8fk7iPmAFhvSzuds5IRf1BgqAOhgiGVb2gGvxZ8FQBMCHzp dXopJKa5hs6eruZjOgBmm7iL/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE8hl9RD vSjtTqzFvoHEI7aFfybxMB8GA1UdIwQYMBaAFIvYOtc43ExXmE3C7LIdXpAZu8jK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0M5NC82NkRFQkU2NDQ3 RjAxMUVBODNFM0U3MUJDNEY5QUUwMi9pOWc2MXpqY1RGZVlUY0xzc2gxZWtCbTd5 TW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2k5ZzYxempjVEZlWVRjTHNzaDFla0JtN3lNby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0M5NC82NkRFQkU2NDQ3RjAxMUVBODNFM0U3MUJDNEY5QUUwMi9pOWc2MXpqY1RG ZVlUY0xzc2gxZWtCbTd5TW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRICyN8XAJ/YYD60fuKq9nCFmxzMfmr2RWealQbZ/n73QCZih5raWq NO6DyM0lw/n4vzXH73xMr5OjouzvW0Zttkvg+/ovLw7whdNhnSSSwfcrw5bvkCLe ZlP1QqxHq1x/PpTv5KGpxqPotu/BtYY6scYYIPIgzERNV+boR8f4PwHY1dH9098o WQqWqLcbH1EstaW6FT5ScCvofY3drbHUlyDnSv4dE3ls93YgrK4H9an9lXOv3kMG OnNHUHvlK+KlMUEXQLckhkmIl5r/HBX8QMYf81gaeZKhKfXn3LBv4W1qISYSEXb2 XTJu7cxJnXqlBo12bXfC3fpt5xsEDo+R -----END CERTIFICATE-----Generated at Sat May 4 21:32:59 2024 by rpki-client on console-fra.rpki-client.org