$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: hqX0mrRlq5nGvzs5fSo62vKL87VvIE6exKyfyNRAIFo= Subject key identifier: A0:DC:21:39:9E:B5:BA:4E:9B:CD:1F:28:EC:A4:85:68:02:1D:93:46 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0B3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0B2E Signing time: Fri 26 Apr 2024 19:48:07 +0000 Manifest this update: Fri 26 Apr 2024 19:48:07 +0000 Manifest next update: Fri 03 May 2024 19:48:07 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: p387cFvbjTCCgB+gjNjRS4uIfDn9Pt0eiWeKY8sWOHw=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: QPlSKOGUOKQELYhdEj0QP2f5mUxZcFrCVNsi3sTOf2A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 19:48:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2875 (0xb3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Apr 26 19:48:07 2024 GMT Not After : May 3 19:48:07 2024 GMT Subject: CN=662c04f7-5239 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:67:87:c2:76:07:b4:fd:a9:16:c0:fc:f5:93: 2a:49:bd:b5:14:b8:89:1a:d0:41:f6:1f:16:a2:09: 74:06:c9:c7:e0:98:52:66:18:f3:71:90:c6:c2:96: cf:b5:5f:57:1d:50:2b:a0:c1:d0:cb:cc:88:da:bb: 60:73:f1:6c:35:7f:ba:d6:a3:bd:97:f4:41:ce:32: 6b:ac:d5:5c:cb:0f:21:88:0d:97:45:7c:3a:98:1f: b1:8f:70:1f:26:48:a9:af:12:e8:46:d8:b4:7d:7e: 06:e0:27:63:30:6e:6b:e3:f0:93:f8:15:00:7f:37: f3:4b:72:c1:a6:9f:80:9c:d8:a9:c2:8e:ea:73:9d: b0:bf:7d:fb:cb:e1:ce:e4:13:da:da:d5:a3:2c:e2: fe:d8:94:f4:f5:f2:2e:a5:c7:65:97:ec:e5:4c:51: 70:32:83:fb:1b:72:cc:c1:e5:d4:87:a0:fc:de:d5: 55:e2:9e:48:44:f7:18:ea:de:18:66:ce:9d:bd:8d: 3e:23:e1:d6:b4:6a:da:d7:3d:7f:a3:21:f0:f8:87: 7c:7c:d9:42:7b:12:66:68:04:2e:57:a5:49:cf:5f: 5a:c3:e0:e7:5f:68:5f:83:e3:1e:6e:37:41:66:39: d1:d4:ec:ab:db:cc:fd:4d:4a:a6:36:93:36:3e:23: 7c:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DC:21:39:9E:B5:BA:4E:9B:CD:1F:28:EC:A4:85:68:02:1D:93:46 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:eb:c1:d8:3f:9a:6a:8d:68:d0:f4:51:0d:a3:f1:76:93:fe: 5e:5d:ea:98:08:6a:95:b4:48:e7:33:4f:2d:95:a6:57:a4:a4: 52:e0:a8:44:71:eb:73:11:0f:bf:99:20:7f:e8:ba:fa:4c:41: 53:66:31:c1:c4:e5:ff:13:12:6f:09:f9:0e:6f:0a:f8:c9:c2: 4c:e7:2f:03:39:ab:63:cc:ec:78:5f:02:0e:f2:66:a7:16:55: a8:e6:05:e3:b2:5e:31:52:f3:e9:e3:ca:d9:90:4b:27:b8:14: 08:95:cd:e1:84:1f:74:7c:07:cc:42:1a:f4:c1:b1:77:a2:ed: eb:ee:79:f9:92:46:bf:5c:18:e4:d3:cc:17:d7:cd:85:df:ba: 83:0a:1d:c0:1f:88:3e:da:08:62:6f:a5:f5:43:f3:ed:8b:73: 6d:e7:a1:f8:54:b5:3a:37:15:d3:9c:97:c8:a5:57:f0:d1:60: 41:ce:9c:7d:c1:bd:87:a4:c1:e7:a6:d0:6c:4c:9a:71:9b:2d: 8a:dd:d4:e8:4f:b0:c9:39:ac:ec:09:55:34:f1:63:de:bf:e3: 55:7a:11:02:73:3f:6e:fc:33:2b:34:cb:e4:50:f1:b1:2e:e3: b6:8d:e1:0e:04:b3:9d:6b:8f:82:99:51:7a:3d:30:97:b5:cb: 59:11:74:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjQwNDI2MTk0ODA3WhcNMjQwNTAzMTk0ODA3WjAYMRYwFAYD VQQDEw02NjJjMDRmNy01MjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApGeHwnYHtP2pFsD89ZMqSb21FLiJGtBB9h8Wogl0BsnH4JhSZhjzcZDGwpbP tV9XHVAroMHQy8yI2rtgc/FsNX+61qO9l/RBzjJrrNVcyw8hiA2XRXw6mB+xj3Af JkiprxLoRti0fX4G4CdjMG5r4/CT+BUAfzfzS3LBpp+AnNipwo7qc52wv337y+HO 5BPa2tWjLOL+2JT09fIupcdll+zlTFFwMoP7G3LMweXUh6D83tVV4p5IRPcY6t4Y Zs6dvY0+I+HWtGra1z1/oyHw+Id8fNlCexJmaAQuV6VJz19aw+DnX2hfg+MebjdB ZjnR1Oyr28z9TUqmNpM2PiN8mQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKDcITme tbpOm80fKOykhWgCHZNGMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAG68HYP5pqjWjQ9FENo/F2k/5eXeqYCGqVtEjnM08tlaZXpKRS4KhE cetzEQ+/mSB/6Lr6TEFTZjHBxOX/ExJvCfkObwr4ycJM5y8DOatjzOx4XwIO8man FlWo5gXjsl4xUvPp48rZkEsnuBQIlc3hhB90fAfMQhr0wbF3ou3r7nn5kka/XBjk 08wX182F37qDCh3AH4g+2ghib6X1Q/Pti3Nt56H4VLU6NxXTnJfIpVfw0WBBzpx9 wb2HpMHnptBsTJpxmy2K3dToT7DJOazsCVU08WPev+NVehECcz9u/DMrNMvkUPGx LuO2jeEOBLOda4+CmVF6PTCXtctZEXSk -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:24 2024 by rpki-client on console-ams.rpki-client.org