$ rpki-client -vvf rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.mft File: ID0eLahSvltkOpm-9WTXdL3cx_Q.mft (raw, json) Hash identifier: 4qBRLzvxXxA05ceeBIHavjfxGfS02vtH1Vo38PSQF+M= Subject key identifier: 52:F0:D4:80:AE:F6:FE:8E:A2:CB:5C:7D:F4:FF:E0:11:D2:ED:C3:B1 Authority key identifier: 20:3D:1E:2D:A8:52:BE:5B:64:3A:99:BE:F5:64:D7:74:BD:DC:C7:F4 Certificate issuer: /CN=A917E832/serialNumber=203D1E2DA852BE5B643A99BEF564D774BDDCC7F4 Certificate serial: 09FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ID0eLahSvltkOpm-9WTXdL3cx_Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.mft Manifest number: 09F8 Signing time: Sat 04 May 2024 20:50:09 +0000 Manifest this update: Sat 04 May 2024 20:50:09 +0000 Manifest next update: Sat 11 May 2024 20:50:09 +0000 Files and hashes: 1: ID0eLahSvltkOpm-9WTXdL3cx_Q.crl (hash: 07N8AKM3T85aYEuICb5f81rk/PYqYxeUmfZ82xNXpqk=) 2: E869880C500511EA98307A59C4F9AE02.roa (hash: cz+t6coOoiEJVHT3LwW2YEjV8uO65kXVoERqHDBBoK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.crl rsync://rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ID0eLahSvltkOpm-9WTXdL3cx_Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 20:50:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2557 (0x9fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E832/serialNumber=203D1E2DA852BE5B643A99BEF564D774BDDCC7F4 Validity Not Before: May 4 20:50:09 2024 GMT Not After : May 11 20:50:09 2024 GMT Subject: CN=66369f81-9c7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e0:c2:2b:2f:62:4b:03:18:ac:ed:f2:34:fd: 8c:06:39:e8:c8:ad:04:e0:77:2b:ca:4a:0c:5e:07: 41:46:7b:3c:a6:e9:19:4e:ef:13:1b:d9:af:05:8e: 28:22:fe:92:c7:26:12:8d:38:c3:9c:63:9a:b8:6a: c6:7f:0f:b0:4c:a5:f3:35:3d:a6:c4:bb:3a:1f:5f: cb:70:12:b9:fe:8b:55:a5:2f:18:53:d2:b0:c0:6e: 75:28:f0:a8:fc:ad:42:f7:85:bc:91:c0:ed:5e:20: 33:bb:a6:45:c0:12:3c:7f:f8:8f:36:ef:e5:8a:72: 3f:91:11:83:3f:11:6f:14:18:00:d6:e7:94:57:9d: 1c:0b:c7:3f:3b:68:d8:13:6f:0a:8d:b7:76:0e:c2: f0:7a:2a:63:2f:ee:44:9d:91:bc:e0:bf:f4:4e:22: bf:26:ec:ec:62:46:cf:b9:5f:d5:44:7c:c4:d7:45: 98:50:9e:6b:22:8e:68:01:88:f0:63:d4:32:07:c6: f4:e6:93:c2:5d:47:3c:46:9f:4d:28:27:54:8a:8f: 47:cd:34:81:ec:2b:21:ff:e5:43:82:f2:dc:bd:0b: a6:71:a9:95:ee:93:1b:40:9a:d6:78:95:07:ca:74: bc:d5:c3:da:f8:a5:3f:51:0c:a4:71:bd:17:ac:5f: 3d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:F0:D4:80:AE:F6:FE:8E:A2:CB:5C:7D:F4:FF:E0:11:D2:ED:C3:B1 X509v3 Authority Key Identifier: keyid:20:3D:1E:2D:A8:52:BE:5B:64:3A:99:BE:F5:64:D7:74:BD:DC:C7:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ID0eLahSvltkOpm-9WTXdL3cx_Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E832/3B47108C500411EAA6D93054C4F9AE02/ID0eLahSvltkOpm-9WTXdL3cx_Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:19:a0:57:27:b4:a3:c8:c6:59:09:fe:d8:d7:99:6f:e6:6b: 94:25:e0:e5:a3:77:c9:84:f0:9f:6c:a2:df:3e:e1:5d:f7:d0: 31:ac:d6:16:36:5c:e7:46:78:5e:fb:75:dd:69:f3:00:5e:a9: 8d:e5:fc:46:e1:b1:b5:eb:3c:92:9a:1c:e5:43:c6:c6:ff:53: 5c:d2:20:b1:8f:52:fb:45:08:b7:53:3e:f2:24:d5:3f:a3:c9: c2:f9:3b:2a:37:38:c4:ad:fe:24:77:91:ad:75:b9:f9:aa:fc: 94:c9:81:87:d7:f2:11:7a:0f:01:d7:09:8c:48:3c:59:ee:99: a0:63:35:d0:49:d1:86:bf:29:b2:23:d8:43:13:00:58:fe:37: 80:88:96:36:b3:09:9b:25:e1:a5:3c:18:bc:14:a3:c8:20:30: 1e:f5:f2:e3:dc:c9:ad:a1:9b:2a:ed:dd:a0:fb:ad:33:c9:6a: 53:ea:f0:e9:47:56:ad:6d:5a:7a:33:0e:e7:72:e7:3d:85:48: 40:fb:e5:53:b3:d5:9b:cc:73:53:57:98:2a:0a:ac:c5:a2:bf: 7a:07:2d:d9:a8:21:6f:0f:f7:a6:a8:b9:07:3f:47:85:87:68: 3f:50:42:71:6a:a2:af:7f:49:00:3a:63:08:73:99:f7:92:3d: 35:12:5e:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U4MzIxMTAvBgNVBAUTKDIwM0QxRTJEQTg1MkJFNUI2NDNBOTlCRUY1NjRENzc0 QkREQ0M3RjQwHhcNMjQwNTA0MjA1MDA5WhcNMjQwNTExMjA1MDA5WjAYMRYwFAYD VQQDEw02NjM2OWY4MS05YzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtuDCKy9iSwMYrO3yNP2MBjnoyK0E4HcrykoMXgdBRns8pukZTu8TG9mvBY4o Iv6SxyYSjTjDnGOauGrGfw+wTKXzNT2mxLs6H1/LcBK5/otVpS8YU9KwwG51KPCo /K1C94W8kcDtXiAzu6ZFwBI8f/iPNu/linI/kRGDPxFvFBgA1ueUV50cC8c/O2jY E28Kjbd2DsLweipjL+5EnZG84L/0TiK/JuzsYkbPuV/VRHzE10WYUJ5rIo5oAYjw Y9QyB8b05pPCXUc8Rp9NKCdUio9HzTSB7Csh/+VDgvLcvQumcamV7pMbQJrWeJUH ynS81cPa+KU/UQykcb0XrF89ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFLw1ICu 9v6OostcffT/4BHS7cOxMB8GA1UdIwQYMBaAFCA9Hi2oUr5bZDqZvvVk13S93Mf0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTgzMi8zQjQ3MTA4QzUw MDQxMUVBQTZEOTMwNTRDNEY5QUUwMi9JRDBlTGFoU3ZsdGtPcG0tOVdUWGRMM2N4 X1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lEMGVMYWhTdmx0a09wbS05V1RYZEwzY3hfUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTgzMi8zQjQ3MTA4QzUwMDQxMUVBQTZEOTMwNTRDNEY5QUUwMi9JRDBlTGFoU3Zs dGtPcG0tOVdUWGRMM2N4X1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIGaBXJ7SjyMZZCf7Y15lv5muUJeDlo3fJhPCfbKLfPuFd99AxrNYW NlznRnhe+3XdafMAXqmN5fxG4bG16zySmhzlQ8bG/1Nc0iCxj1L7RQi3Uz7yJNU/ o8nC+TsqNzjErf4kd5Gtdbn5qvyUyYGH1/IReg8B1wmMSDxZ7pmgYzXQSdGGvymy I9hDEwBY/jeAiJY2swmbJeGlPBi8FKPIIDAe9fLj3MmtoZsq7d2g+60zyWpT6vDp R1atbVp6Mw7ncuc9hUhA++VTs9WbzHNTV5gqCqzFor96By3ZqCFvD/emqLkHP0eF h2g/UEJxaqKvf0kAOmMIc5n3kj01El6b -----END CERTIFICATE-----Generated at Sat May 4 22:06:52 2024 by rpki-client on console-ams.rpki-client.org