$ rpki-client -vvf rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft File: 2DkrDZFbmsH00jv5hBlxQG-2GsY.mft (raw, json) Hash identifier: /AS6Hyh8W4V2pixZBCgRsMtFX9965DLA6/NhdrEDOrQ= Subject key identifier: 37:36:B5:F3:F6:BF:65:6F:57:1C:54:A3:8A:45:2B:B2:F2:3B:AE:2C Authority key identifier: D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 Certificate issuer: /CN=A9196DE5/serialNumber=D8392B0D915B9AC1F4D23BF9841971406FB61AC6 Certificate serial: 08B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft Manifest number: 08A4 Signing time: Sun 28 Apr 2024 21:31:59 +0000 Manifest this update: Sun 28 Apr 2024 21:31:59 +0000 Manifest next update: Sun 05 May 2024 21:31:59 +0000 Files and hashes: 1: 2DkrDZFbmsH00jv5hBlxQG-2GsY.crl (hash: 4QYRzkIC9pbrSanONxpA5N3IQGLPv40766E3hEZeDjk=) 2: 9738F1BAD46611ECA1A27035C4F9AE02.roa (hash: no7LLc8KQxkS2jqsW4CuNEInCZT97tlXgSb2fZCPw1Q=) 3: 6CEF4F06697C11EEBAF2E544C4F9AE02.roa (hash: JUpSXxLsfHWkSdKzxyQF0tVby2aaFCv0Cq7AtExK9Qs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 21:11:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2224 (0x8b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9196DE5/serialNumber=D8392B0D915B9AC1F4D23BF9841971406FB61AC6 Validity Not Before: Apr 28 21:31:59 2024 GMT Not After : May 5 21:31:59 2024 GMT Subject: CN=662ec04f-5c45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:47:0e:28:d6:d7:e8:57:05:fb:cf:37:42:23: 4f:0d:21:40:e3:7e:5d:8d:d5:8a:cf:87:89:e3:f0: 0b:c9:a0:05:88:24:49:d4:a3:23:ce:ef:bd:2f:83: 7e:6c:4e:bc:5f:d2:a4:6c:3e:27:a8:ad:84:a9:b7: da:e1:c6:a1:ac:2f:1c:1b:70:84:64:08:0e:45:54: 50:23:4f:2c:64:8f:e4:57:38:98:9c:06:e2:58:b8: 76:0c:42:56:f4:be:47:fb:68:47:23:64:d8:2f:d6: 2a:0f:c4:04:38:65:b4:de:54:89:29:22:b1:62:6f: 4d:17:46:76:c3:00:02:10:d4:5d:72:16:02:b4:9c: 54:d6:bc:b6:c9:1c:3a:bc:0a:ef:ad:28:1f:8c:07: 17:f8:e9:47:29:a8:b4:48:ae:eb:2a:c4:78:5e:f1: 89:b0:1c:0f:fc:4e:85:f0:fe:ba:b4:83:1d:f4:30: 7c:22:5f:4b:f4:30:35:99:75:e5:b7:c0:af:72:4b: fc:a2:70:17:9b:23:89:94:7d:2f:08:3b:a0:7e:6e: b3:69:25:0b:78:69:c1:c2:9a:d5:1e:e7:d6:c8:ce: 04:7b:48:63:5a:dc:ec:fd:b3:c1:9e:44:78:79:a4: 8d:43:48:10:b9:f9:a4:76:38:d9:4c:e7:6d:95:b7: 22:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:36:B5:F3:F6:BF:65:6F:57:1C:54:A3:8A:45:2B:B2:F2:3B:AE:2C X509v3 Authority Key Identifier: keyid:D8:39:2B:0D:91:5B:9A:C1:F4:D2:3B:F9:84:19:71:40:6F:B6:1A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2DkrDZFbmsH00jv5hBlxQG-2GsY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196DE5/72C5A9CC943011EABD75F983C4F9AE02/2DkrDZFbmsH00jv5hBlxQG-2GsY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:3a:0c:cf:fc:64:76:05:c1:49:59:8b:b7:6d:2d:34:48:24: 4b:f8:84:80:58:51:94:0c:c8:51:46:b4:05:02:fc:54:43:b9: 82:86:8f:4c:ae:ce:5c:b5:3d:27:06:8a:3b:2d:26:20:90:5b: af:de:23:b2:71:e7:07:fc:b1:8b:4e:e9:9d:3f:29:ae:15:2c: b4:00:4e:31:fc:a2:25:58:72:17:c8:90:0d:c4:25:af:8e:b4: 67:00:58:61:67:a5:f5:f6:3b:be:26:2a:dd:8c:c4:c8:2b:0c: ce:d5:b3:84:6d:5b:54:ae:93:d6:63:11:ea:47:3d:bd:d7:fa: 0e:9a:7f:1d:3a:99:ce:8d:0e:03:f7:2e:6c:e4:7b:5d:e7:c5: 76:d0:f1:ff:09:60:f0:bd:62:f6:1c:fe:83:7f:19:9f:2f:fe: 7d:47:2e:6b:c8:4f:ae:12:6f:85:09:ca:c0:3b:f7:c3:40:7f: 80:a7:48:4a:65:df:be:1a:2a:dd:6b:71:9b:d7:d0:1d:20:a3: 62:71:eb:c9:74:58:e1:74:2c:c8:5e:21:0b:b7:e5:23:94:0f: 20:7d:52:24:b2:17:d8:be:15:a3:f2:4c:6a:0c:de:26:b5:ba: cd:2e:41:02:4e:37:29:c1:dd:5e:1c:ef:66:8a:62:da:36:89: dd:cc:d0:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTZERTUxMTAvBgNVBAUTKEQ4MzkyQjBEOTE1QjlBQzFGNEQyM0JGOTg0MTk3MTQw NkZCNjFBQzYwHhcNMjQwNDI4MjEzMTU5WhcNMjQwNTA1MjEzMTU5WjAYMRYwFAYD VQQDEw02NjJlYzA0Zi01YzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqUcOKNbX6FcF+883QiNPDSFA435djdWKz4eJ4/ALyaAFiCRJ1KMjzu+9L4N+ bE68X9KkbD4nqK2Eqbfa4cahrC8cG3CEZAgORVRQI08sZI/kVziYnAbiWLh2DEJW 9L5H+2hHI2TYL9YqD8QEOGW03lSJKSKxYm9NF0Z2wwACENRdchYCtJxU1ry2yRw6 vArvrSgfjAcX+OlHKai0SK7rKsR4XvGJsBwP/E6F8P66tIMd9DB8Il9L9DA1mXXl t8Cvckv8onAXmyOJlH0vCDugfm6zaSULeGnBwprVHufWyM4Ee0hjWtzs/bPBnkR4 eaSNQ0gQufmkdjjZTOdtlbciBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDc2tfP2 v2VvVxxUo4pFK7LyO64sMB8GA1UdIwQYMBaAFNg5Kw2RW5rB9NI7+YQZcUBvthrG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NkRFNS83MkM1QTlDQzk0 MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1zSDAwanY1aEJseFFHLTJH c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJEa3JEWkZibXNIMDBqdjVoQmx4UUctMkdzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NkRFNS83MkM1QTlDQzk0MzAxMUVBQkQ3NUY5ODNDNEY5QUUwMi8yRGtyRFpGYm1z SDAwanY1aEJseFFHLTJHc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBOgzP/GR2BcFJWYu3bS00SCRL+ISAWFGUDMhRRrQFAvxUQ7mCho9M rs5ctT0nBoo7LSYgkFuv3iOycecH/LGLTumdPymuFSy0AE4x/KIlWHIXyJANxCWv jrRnAFhhZ6X19ju+JirdjMTIKwzO1bOEbVtUrpPWYxHqRz291/oOmn8dOpnOjQ4D 9y5s5Htd58V20PH/CWDwvWL2HP6DfxmfL/59Ry5ryE+uEm+FCcrAO/fDQH+Ap0hK Zd++Girda3Gb19AdIKNicevJdFjhdCzIXiELt+UjlA8gfVIkshfYvhWj8kxqDN4m tbrNLkECTjcpwd1eHO9mimLaNondzNCd -----END CERTIFICATE-----Generated at Sun Apr 28 21:57:52 2024 by rpki-client on console-fra.rpki-client.org