$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft File: lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft (raw, json) Hash identifier: 2Fcwqkim3/HUeMa8Ol/UuJyLAuCgurOEL0tw8eH0Btw= Subject key identifier: 95:D2:AB:81:E6:C3:51:02:E4:2C:BC:41:1B:8A:9F:9C:3E:67:DB:94 Authority key identifier: 95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E Certificate issuer: /CN=A9185D6E/serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Certificate serial: 04BB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft Manifest number: 04B0 Signing time: Wed 01 May 2024 01:51:32 +0000 Manifest this update: Wed 01 May 2024 01:51:32 +0000 Manifest next update: Wed 08 May 2024 01:51:32 +0000 Files and hashes: 1: lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl (hash: NbXM84EDM2m9VW3MxMiWetDK+z5kbvwIDxdTuenIiv0=) 2: 229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa (hash: vxTnh7Ys9GK9aVV0JV17sEaOWGAhPV+32VGW/l83yYo=) 3: 53BCB840EA4211EB846B8757C4F9AE02.roa (hash: soXsyrMJ6LH8UMelZWRLqI5TSCoyhZNDcZCQT1n8tgY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 17:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1211 (0x4bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D6E/serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Validity Not Before: May 1 01:51:32 2024 GMT Not After : May 8 01:51:32 2024 GMT Subject: CN=6631a024-0658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9a:d2:56:c6:03:72:4a:cf:b1:5c:7a:52:34: 31:7b:d4:16:de:5a:56:18:3b:ce:6a:80:7a:78:15: a2:eb:96:f9:98:31:7e:e8:08:6a:43:01:96:c1:20: 42:ef:3e:8d:a1:fe:c8:5e:4e:b9:2f:0e:22:d8:cd: ce:82:e5:2a:ad:64:dc:49:7e:f9:f7:28:7e:5d:ce: 1c:fd:1e:96:2c:f9:08:99:ee:9c:af:38:2b:2c:14: b3:e8:9e:cb:e3:83:42:1d:45:54:b7:e7:ad:d4:08: 8d:e1:ec:24:11:02:f0:a1:3e:da:e2:56:f8:1e:43: 10:60:f2:ac:b3:b7:30:6a:5f:8f:c3:71:23:b1:cf: a1:27:1d:87:a6:b4:4f:c5:a5:d1:4d:56:65:3c:14: 81:da:1d:af:2c:ff:89:d0:b8:20:fc:63:70:41:be: 6e:0a:22:10:5c:b1:f2:e0:42:bb:39:02:c4:5f:23: 71:13:7d:f6:2a:93:0c:77:ce:cc:98:c7:c2:1e:5f: 64:1f:cb:bb:60:ef:bf:77:a7:d6:56:f1:4f:84:2d: 96:4e:ed:48:cd:8a:1b:c4:7d:53:a3:c4:03:a0:28: b3:f2:84:7b:40:25:51:bf:aa:89:71:f0:d8:dd:a4: 09:80:87:0c:8b:8f:bb:e0:dc:b8:84:44:19:98:fe: e6:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:D2:AB:81:E6:C3:51:02:E4:2C:BC:41:1B:8A:9F:9C:3E:67:DB:94 X509v3 Authority Key Identifier: keyid:95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:49:f3:0d:91:28:e3:ae:f1:de:f1:75:15:5e:87:2b:8b:5b: b4:43:26:88:72:42:07:04:7e:8b:19:8a:ed:b2:c9:0c:98:c9: 67:e4:6e:c7:a8:fc:7d:5c:2a:68:3f:65:ef:fb:88:ae:60:7f: 46:74:63:a1:22:75:40:46:45:ec:05:b1:5a:e9:cb:5b:e0:fe: e1:8a:63:20:bf:3b:69:ae:e7:4b:c3:e7:d0:19:6a:ab:39:f9: 4a:f2:80:03:71:1e:6f:ab:12:e7:9e:78:e9:28:72:4f:f7:fa: 0f:f8:d3:de:a4:36:96:e6:02:53:15:77:86:2a:20:a5:4e:29: c2:52:50:a8:0b:e5:67:4a:5b:93:10:3b:9d:ae:ff:96:12:a9: fd:c1:43:d8:38:1f:f9:0d:f6:a1:82:61:db:1c:52:56:7e:98: 9f:e6:07:4c:d7:a2:42:d4:9d:9d:4d:80:ae:cd:3a:03:5e:b5: 21:14:6c:94:85:c9:b4:2a:3a:f2:aa:b4:26:d2:4e:09:78:dd: b9:01:c3:fe:2d:d2:6d:57:cd:49:26:5e:f3:8e:85:b8:d8:75: 9a:b9:14:2c:69:3e:ba:4e:7a:31:98:28:af:88:d4:6c:e3:0d: 5e:95:fd:9e:ba:5d:53:5f:99:e2:dd:db:06:7f:ea:17:03:56: b9:86:8f:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVENkUxMTAvBgNVBAUTKDk1MjRFQTlCODIzQzIwRkE3ODkyM0JFNjY2N0UxNEY2 QzRDM0I0N0UwHhcNMjQwNTAxMDE1MTMyWhcNMjQwNTA4MDE1MTMyWjAYMRYwFAYD VQQDEw02NjMxYTAyNC0wNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxJrSVsYDckrPsVx6UjQxe9QW3lpWGDvOaoB6eBWi65b5mDF+6AhqQwGWwSBC 7z6Nof7IXk65Lw4i2M3OguUqrWTcSX759yh+Xc4c/R6WLPkIme6crzgrLBSz6J7L 44NCHUVUt+et1AiN4ewkEQLwoT7a4lb4HkMQYPKss7cwal+Pw3Ejsc+hJx2HprRP xaXRTVZlPBSB2h2vLP+J0Lgg/GNwQb5uCiIQXLHy4EK7OQLEXyNxE332KpMMd87M mMfCHl9kH8u7YO+/d6fWVvFPhC2WTu1IzYobxH1To8QDoCiz8oR7QCVRv6qJcfDY 3aQJgIcMi4+74Ny4hEQZmP7m/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJXSq4Hm w1EC5Cy8QRuKn5w+Z9uUMB8GA1UdIwQYMBaAFJUk6puCPCD6eJI75mZ+FPbEw7R+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQ2RS80Q0JGRjRBRURG RjExMUVCODk0RjMwNjdDNEY5QUUwMi9sU1RxbTRJOElQcDRranZtWm40VTlzVER0 SDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xTVHFtNEk4SVBwNGtqdm1abjRVOXNURHRINC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUQ2RS80Q0JGRjRBRURGRjExMUVCODk0RjMwNjdDNEY5QUUwMi9sU1RxbTRJOElQ cDRranZtWm40VTlzVER0SDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfSfMNkSjjrvHe8XUVXocri1u0QyaIckIHBH6LGYrtsskMmMln5G7H qPx9XCpoP2Xv+4iuYH9GdGOhInVARkXsBbFa6ctb4P7himMgvztprudLw+fQGWqr OflK8oADcR5vqxLnnnjpKHJP9/oP+NPepDaW5gJTFXeGKiClTinCUlCoC+VnSluT EDudrv+WEqn9wUPYOB/5DfahgmHbHFJWfpif5gdM16JC1J2dTYCuzToDXrUhFGyU hcm0KjryqrQm0k4JeN25AcP+LdJtV81JJl7zjoW42HWauRQsaT66TnoxmCiviNRs 4w1elf2eul1TX5ni3dsGf+oXA1a5ho92 -----END CERTIFICATE-----Generated at Wed May 1 02:46:19 2024 by rpki-client on console-ams.rpki-client.org