$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: Qz1FoBKOppALRyiTL9n6loKiPkMoiYqHaXRB2jshZrs= Subject key identifier: 8D:7E:DF:64:E3:71:6D:7F:EE:94:22:80:1E:8C:F5:12:1A:CD:66:BB Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 09DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 09BA Signing time: Sat 18 May 2024 20:52:31 +0000 Manifest this update: Sat 18 May 2024 20:52:30 +0000 Manifest next update: Sat 25 May 2024 20:52:30 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: rRdc0tTyZkqzoS0N0/tcpEjFGF/BznGuR5A/SVEQisc=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: osiy8r5wOcZwc+hzXjUSDPKHDtxSKkSDsBR1kqJAjV4=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: UGiehiieQMG0h11m4WT8Sepc4lZpfmvaR3Wz1SUuF+k=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: Nuk6/U0PEEUTh4/Znumg3fhwPF24LqsvJENpm5HBvzI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: +xOv12aaFD+ElTkbMbM+GL6Nan/ResHUQv6dF6h2KxA=) 6: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: EdbP6Ic3TKOXeBjm7GNDv83YO0G30y52gbvBzwhEMSM=) 7: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: nUOUleUTzrwDfXxPCbpeZJCMn5m+Z2Uvkn1+H8UcN1Y=) 8: D0D573BA7D4611EDA39A867EC4F9AE02.roa (hash: Ri908Mam4olAUfRbBVo4OcQZuaNzAo60OI3PDGDqutA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2522 (0x9da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: May 18 20:52:30 2024 GMT Not After : May 25 20:52:30 2024 GMT Subject: CN=6649150e-a183 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d1:08:b9:11:10:bb:ae:e6:1e:fd:d5:b9:32: 94:39:50:b9:7e:06:29:0c:4b:03:c6:0a:44:62:fc: 00:ea:12:56:1e:eb:30:53:c3:4f:b1:13:fd:3f:4e: 8e:de:c6:ac:fb:44:2e:5c:49:92:e1:34:34:2e:8a: e8:de:79:b1:ab:20:ec:ff:6e:22:cc:01:d0:4b:8b: 51:28:e4:0d:76:98:09:d3:7f:60:33:0c:ff:7e:64: 7b:df:21:f0:db:dc:84:9a:cd:25:65:58:c1:1a:54: d5:72:b9:79:0b:fd:3e:1b:5a:2a:e7:59:5f:90:e0: 7e:94:51:9b:5f:00:cb:10:4a:db:cf:47:08:9c:d1: b2:9e:b8:61:4c:8f:87:68:88:b1:79:44:40:13:57: ae:00:ed:0a:21:73:e5:40:0e:8f:79:47:29:6e:4a: e9:a6:22:b0:05:aa:91:59:3a:c1:75:41:5b:25:5e: 3b:7b:36:16:cf:03:a7:4d:50:ca:23:64:51:49:96: 0c:7c:7d:3a:d8:76:c4:9a:23:e6:82:d3:4b:e8:a9: 7d:ba:3d:ca:34:17:31:90:cb:9a:f4:60:e1:08:fa: 0d:9c:dc:c2:6f:5a:fb:fb:99:40:6a:72:ab:45:44: 21:5b:da:b6:47:db:7e:d6:f4:22:84:d0:39:3b:12: 6c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:7E:DF:64:E3:71:6D:7F:EE:94:22:80:1E:8C:F5:12:1A:CD:66:BB X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:eb:dd:3c:75:c2:25:a4:48:58:e6:e2:14:54:fe:9c:0b:5d: 77:0d:74:79:28:7e:eb:f4:99:1f:d3:aa:2e:fa:75:67:34:bd: c8:33:cf:98:d1:1f:cd:06:22:6f:20:cd:58:9d:83:5d:1b:f7: b1:f6:4c:de:da:fe:7a:a0:8c:32:15:5d:c8:6d:f7:4b:0e:e2: 7b:2d:2d:d5:b1:fb:1f:e6:d7:0a:10:5f:0b:02:71:31:89:44: ab:53:33:4c:24:9e:87:8a:dc:68:38:03:60:f0:ac:58:94:cf: 2e:8b:88:36:7f:b0:89:a1:d7:7a:ac:fa:27:24:10:a4:25:2b: ac:f8:46:6d:89:43:44:84:57:1e:4c:ee:10:d1:d4:23:b5:66: 29:3c:fc:b8:bb:ba:14:7e:91:c7:27:01:b6:d0:b7:d1:88:a0: f0:3c:dd:2f:d7:7f:78:2d:98:66:8b:1e:f3:65:7c:43:8f:74: 3a:84:94:ab:4f:ad:af:e6:db:88:13:83:3d:4f:28:8a:59:74: 7c:37:bd:c2:d9:f4:80:71:c8:6c:9a:65:1b:13:3c:14:fd:9b: d1:38:0d:df:54:54:b8:ca:52:76:61:74:d2:f0:0b:2d:27:dc: 73:29:ff:bf:50:53:16:9d:38:1a:f2:eb:66:58:fb:65:02:8e: e9:01:55:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjQwNTE4MjA1MjMwWhcNMjQwNTI1MjA1MjMwWjAYMRYwFAYD VQQDEw02NjQ5MTUwZS1hMTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2NEIuREQu67mHv3VuTKUOVC5fgYpDEsDxgpEYvwA6hJWHuswU8NPsRP9P06O 3sas+0QuXEmS4TQ0Loro3nmxqyDs/24izAHQS4tRKOQNdpgJ039gMwz/fmR73yHw 29yEms0lZVjBGlTVcrl5C/0+G1oq51lfkOB+lFGbXwDLEErbz0cInNGynrhhTI+H aIixeURAE1euAO0KIXPlQA6PeUcpbkrppiKwBaqRWTrBdUFbJV47ezYWzwOnTVDK I2RRSZYMfH062HbEmiPmgtNL6Kl9uj3KNBcxkMua9GDhCPoNnNzCb1r7+5lAanKr RUQhW9q2R9t+1vQihNA5OxJszwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1+32Tj cW1/7pQigB6M9RIazWa7MB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBU6908dcIlpEhY5uIUVP6cC113DXR5KH7r9Jkf06ou+nVnNL3IM8+Y 0R/NBiJvIM1YnYNdG/ex9kze2v56oIwyFV3IbfdLDuJ7LS3Vsfsf5tcKEF8LAnEx iUSrUzNMJJ6HitxoOANg8KxYlM8ui4g2f7CJodd6rPonJBCkJSus+EZtiUNEhFce TO4Q0dQjtWYpPPy4u7oUfpHHJwG20LfRiKDwPN0v1394LZhmix7zZXxDj3Q6hJSr T62v5tuIE4M9TyiKWXR8N73C2fSAcchsmmUbEzwU/ZvROA3fVFS4ylJ2YXTS8Ast J9xzKf+/UFMWnTga8utmWPtlAo7pAVXE -----END CERTIFICATE-----Generated at Sat May 18 21:24:22 2024 by rpki-client on console-fra.rpki-client.org