$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft File: IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft (raw, json) Hash identifier: d0/QM5LiqibHagb+ScgzoucTNlH7bikAJjBWNntoxOk= Subject key identifier: B2:8A:01:3A:29:9D:99:A0:EC:39:4F:B9:7C:BE:17:8D:30:B3:B4:9C Authority key identifier: 22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62 Certificate issuer: /CN=A9195BA9/serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62 Certificate serial: 08FD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft Manifest number: 08F3 Signing time: Mon 06 May 2024 21:24:29 +0000 Manifest this update: Mon 06 May 2024 21:24:28 +0000 Manifest next update: Mon 13 May 2024 21:24:28 +0000 Files and hashes: 1: IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl (hash: 376Fk/KjOKV2EeEKCHd2Sj6mEpfWo8yLXjA8aFPBBh0=) 2: 543CDDF0839011EAB5B82263C4F9AE02.roa (hash: svTopiS+RYcKVKCTFFaIbvFYwVwSXRdDkMRKlgdMBU0=) 3: 54DD69FA839011EAB5B82263C4F9AE02.roa (hash: 21cd0AAkt6/w9sJ9ys0cn0VlSdqf+92mdCo6Phpu6sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 20:40:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2301 (0x8fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195BA9/serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62 Validity Not Before: May 6 21:24:28 2024 GMT Not After : May 13 21:24:28 2024 GMT Subject: CN=66394a8d-6cfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ca:7b:cd:84:99:1a:6c:8e:39:c5:21:59:ef: 2f:a5:bf:b5:87:ae:75:f2:4b:da:19:8e:b0:ed:0d: f3:9e:8c:44:21:5c:73:b9:74:c8:01:04:18:a8:1a: 7a:29:6c:43:35:4e:3f:63:57:90:d3:37:e4:70:0d: 6a:8a:e9:f4:5b:74:3a:3b:d8:4a:74:f7:2a:62:d0: e0:f1:6d:6d:ef:d0:fc:51:73:8e:71:f9:09:41:c9: 38:05:d5:82:d4:83:3b:36:6a:42:b7:3f:ef:34:5d: c1:07:e1:2e:a3:50:94:34:60:b3:28:39:98:d1:89: 0f:d1:fb:9c:1a:bb:6f:0d:57:f3:49:a0:0a:6c:e7: c6:82:ce:6d:b2:c7:fa:aa:c3:c4:16:b2:5e:e1:5b: 95:cc:a9:47:d3:33:ea:e2:ec:f5:c3:89:34:79:38: 0e:9a:da:73:11:d7:8b:dd:8f:cc:d3:97:a7:04:ef: 3f:34:51:7a:22:70:0b:fd:0e:c0:76:ea:e2:d7:ec: 63:16:09:63:50:98:98:c5:63:54:07:2e:d4:74:83: 44:ec:ac:44:bd:67:fd:c1:e9:be:28:cb:6c:0b:a8: 04:6e:89:b8:13:b2:bd:38:12:0c:38:d1:2a:ae:a0: 16:2c:19:7e:8e:51:5f:86:4b:2e:3d:ce:ce:44:09: 61:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:8A:01:3A:29:9D:99:A0:EC:39:4F:B9:7C:BE:17:8D:30:B3:B4:9C X509v3 Authority Key Identifier: keyid:22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:5e:52:f4:be:67:3d:ac:a9:97:9c:d5:ec:35:79:50:e0:84: 10:86:0b:fe:af:79:9e:91:7d:90:db:ee:6e:00:b7:2a:fe:18: 94:09:c2:8f:ff:f1:4c:b8:b4:13:83:7c:9a:a0:07:f9:7e:2c: d8:31:ca:be:9a:12:17:d5:67:a0:32:e4:fc:1a:3e:b0:82:45: 68:1c:7b:79:04:f7:8c:79:50:fd:f9:7d:c5:9e:62:8c:d8:90: 7c:a4:46:6d:49:13:06:ba:36:b9:8a:f3:15:6b:65:8d:32:90: f4:ae:32:a9:92:b2:3f:d3:6c:0e:ec:a0:41:5a:b5:9c:43:b7: c5:3d:cd:2c:16:b6:8a:20:60:e4:51:02:22:34:6a:7d:6d:fe: 1f:d3:46:bc:7a:78:da:5d:d6:18:4b:05:f3:be:58:65:f9:95: ca:42:7e:9d:e7:be:0d:15:18:b0:b9:08:5b:af:53:bc:f7:70: 34:c8:01:58:4c:27:42:bc:d0:29:0d:d6:79:23:b1:82:2d:bd: 06:5e:4c:01:41:6e:6d:63:5e:1f:40:ec:16:72:b3:28:36:7d: c2:46:55:69:e6:3e:b6:9f:3f:9b:f2:16:5f:bd:f3:c1:e9:b6: 26:15:d0:a2:43:7d:7d:9d:fa:b4:fa:25:9a:77:0b:cb:2e:a7: bf:a3:dd:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVCQTkxMTAvBgNVBAUTKDIyNDVBRDkxNTQzQUREQUQ3ODEyM0RENDE1RDY1OUJC NTJENUZCNjIwHhcNMjQwNTA2MjEyNDI4WhcNMjQwNTEzMjEyNDI4WjAYMRYwFAYD VQQDEw02NjM5NGE4ZC02Y2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArsp7zYSZGmyOOcUhWe8vpb+1h6518kvaGY6w7Q3znoxEIVxzuXTIAQQYqBp6 KWxDNU4/Y1eQ0zfkcA1qiun0W3Q6O9hKdPcqYtDg8W1t79D8UXOOcfkJQck4BdWC 1IM7NmpCtz/vNF3BB+Euo1CUNGCzKDmY0YkP0fucGrtvDVfzSaAKbOfGgs5tssf6 qsPEFrJe4VuVzKlH0zPq4uz1w4k0eTgOmtpzEdeL3Y/M05enBO8/NFF6InAL/Q7A duri1+xjFgljUJiYxWNUBy7UdINE7KxEvWf9wem+KMtsC6gEbom4E7K9OBIMONEq rqAWLBl+jlFfhksuPc7ORAlhcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLKKATop nZmg7DlPuXy+F40ws7ScMB8GA1UdIwQYMBaAFCJFrZFUOt2teBI91BXWWbtS1fti MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9EODkxNDc4Qzgz OEUxMUVBOENFQTA5NjBDNEY5QUUwMi9Ja1d0a1ZRNjNhMTRFajNVRmRaWnUxTFYt MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lrV3RrVlE2M2ExNEVqM1VGZFpadTFMVi0ySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUJBOS9EODkxNDc4QzgzOEUxMUVBOENFQTA5NjBDNEY5QUUwMi9Ja1d0a1ZRNjNh MTRFajNVRmRaWnUxTFYtMkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3XlL0vmc9rKmXnNXsNXlQ4IQQhgv+r3mekX2Q2+5uALcq/hiUCcKP //FMuLQTg3yaoAf5fizYMcq+mhIX1WegMuT8Gj6wgkVoHHt5BPeMeVD9+X3FnmKM 2JB8pEZtSRMGuja5ivMVa2WNMpD0rjKpkrI/02wO7KBBWrWcQ7fFPc0sFraKIGDk UQIiNGp9bf4f00a8enjaXdYYSwXzvlhl+ZXKQn6d574NFRiwuQhbr1O893A0yAFY TCdCvNApDdZ5I7GCLb0GXkwBQW5tY14fQOwWcrMoNn3CRlVp5j62nz+b8hZfvfPB 6bYmFdCiQ319nfq0+iWadwvLLqe/o92e -----END CERTIFICATE-----Generated at Mon May 6 23:05:45 2024 by rpki-client on console-fra.rpki-client.org