$ rpki-client -vvf rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft File: tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft (raw, json) Hash identifier: XLuyNvdIK1ljG7LcKeA+yE9UAuPe9rlq5tKVYiRUHlA= Subject key identifier: 26:9E:44:7A:E9:F6:DB:7F:71:B2:D0:36:6F:6F:C9:9D:E0:B5:34:2E Authority key identifier: B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D Certificate issuer: /CN=A9197CBD/serialNumber=B4865E3BE9C569D2B93F2C351CAB24D1506AAC0D Certificate serial: 45 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft Manifest number: 43 Signing time: Fri 17 May 2024 08:12:08 +0000 Manifest this update: Fri 17 May 2024 08:12:08 +0000 Manifest next update: Fri 24 May 2024 08:12:08 +0000 Files and hashes: 1: tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl (hash: XHR2UZHT77oIPZ7it/C3LdWCagJxYQAueNy8/AayE4I=) 2: B7447DDE020511EF9142D32EC4F9AE02.roa (hash: ok/jqT9LWAnKBw91FngZeeHSkSeEPQy90QUc940ihD4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197CBD/serialNumber=B4865E3BE9C569D2B93F2C351CAB24D1506AAC0D Validity Not Before: May 17 08:12:08 2024 GMT Not After : May 24 08:12:08 2024 GMT Subject: CN=66471158-a1e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f7:7e:c7:45:e6:8d:0e:ef:4e:0a:49:03:8d: ab:c3:a6:a8:30:15:58:22:a6:17:1e:91:e4:9d:5a: a7:46:6a:e5:e5:d0:30:20:7f:33:76:f6:ab:04:85: 01:a7:45:57:a1:3a:4d:25:f3:97:78:58:2a:ff:dc: 7e:c8:64:e0:cc:bb:9a:4e:d6:54:d3:d8:05:5a:8a: de:d4:bd:a2:fc:3b:46:38:84:57:a5:df:4a:cc:e7: d0:3a:eb:51:13:e3:7d:58:e7:f6:d0:27:17:8a:72: df:e4:ee:b4:45:c6:7e:56:27:1f:5f:e4:1d:33:70: bd:27:f9:e1:0f:39:34:03:53:6b:1d:a5:97:1d:3a: db:c2:10:55:ea:8c:e0:51:2f:f0:71:25:7d:f8:4e: 7f:28:47:67:2e:fb:56:68:52:a5:cc:57:13:1a:11: ca:ae:03:a3:eb:16:f7:c8:33:6a:20:74:f5:77:66: 99:ae:5a:fc:28:1a:24:67:bc:ee:20:4b:df:6e:f3: f3:44:d4:75:ee:c7:31:51:52:fa:be:72:7c:79:75: d0:ca:c0:4b:4c:0d:f5:6a:18:92:67:70:60:aa:eb: 6e:39:91:5d:18:e7:21:c0:db:01:5e:af:3f:c4:b5: f8:25:0e:dc:f7:df:02:5b:4f:5e:a9:31:ad:58:a2: f4:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:9E:44:7A:E9:F6:DB:7F:71:B2:D0:36:6F:6F:C9:9D:E0:B5:34:2E X509v3 Authority Key Identifier: keyid:B4:86:5E:3B:E9:C5:69:D2:B9:3F:2C:35:1C:AB:24:D1:50:6A:AC:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tIZeO-nFadK5Pyw1HKsk0VBqrA0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197CBD/3570DF2EB11411EE95E74365C4F9AE02/tIZeO-nFadK5Pyw1HKsk0VBqrA0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:b7:54:bb:68:6a:4a:a9:ac:48:cf:4c:ae:93:10:91:44:5a: 3e:d4:cd:a3:32:5a:cd:71:e2:4a:28:28:63:93:3a:07:fe:4c: b8:ea:64:61:9e:6a:a2:6a:e4:f6:26:1a:8c:e3:95:56:b0:6c: 97:86:ab:b8:3e:16:ee:c4:c8:e5:dd:c4:4f:c7:be:3f:09:98: 7c:40:12:56:03:ba:32:1e:ed:96:75:df:c2:06:02:2e:b1:17: 30:8e:09:1e:dc:ad:e1:f7:84:0f:91:36:0a:ec:55:8e:aa:07: 46:24:ff:19:de:c0:90:b3:48:a5:2a:3a:c2:3c:69:47:7e:ef: 0d:41:14:9e:31:bb:91:75:44:09:85:77:9c:a3:5f:5e:ca:d2: f3:0f:52:54:39:24:64:87:86:11:68:84:d7:e0:e3:ff:aa:39: 4d:df:f0:4d:67:8e:e6:68:49:56:34:b3:7b:ff:90:f3:84:1c: 00:4f:a1:47:da:7b:1f:c4:97:ee:22:e1:83:71:83:a5:fe:07: f0:03:51:0b:c3:1e:4c:96:fe:46:d4:d8:48:a4:43:ba:42:c3: dd:14:3a:ff:81:7e:46:4f:7e:29:d6:64:06:af:47:a8:87:22: 74:19:32:6e:df:8d:7f:78:39:a7:ff:98:c2:a5:c8:0d:5c:38: 7e:13:0c:d8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 N0NCRDExMC8GA1UEBRMoQjQ4NjVFM0JFOUM1NjlEMkI5M0YyQzM1MUNBQjI0RDE1 MDZBQUMwRDAeFw0yNDA1MTcwODEyMDhaFw0yNDA1MjQwODEyMDhaMBgxFjAUBgNV BAMTDTY2NDcxMTU4LWExZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9937HReaNDu9OCkkDjavDpqgwFVgiphcekeSdWqdGauXl0DAgfzN29qsEhQGn RVehOk0l85d4WCr/3H7IZODMu5pO1lTT2AVait7UvaL8O0Y4hFel30rM59A661ET 431Y5/bQJxeKct/k7rRFxn5WJx9f5B0zcL0n+eEPOTQDU2sdpZcdOtvCEFXqjOBR L/BxJX34Tn8oR2cu+1ZoUqXMVxMaEcquA6PrFvfIM2ogdPV3ZpmuWvwoGiRnvO4g S99u8/NE1HXuxzFRUvq+cnx5ddDKwEtMDfVqGJJncGCq6245kV0Y5yHA2wFerz/E tfglDtz33wJbT16pMa1YovS1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJp5Eeun2 239xstA2b2/JneC1NC4wHwYDVR0jBBgwFoAUtIZeO+nFadK5Pyw1HKsk0VBqrA0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3Q0JELzM1NzBERjJFQjEx NDExRUU5NUU3NDM2NUM0RjlBRTAyL3RJWmVPLW5GYWRLNVB5dzFIS3NrMFZCcXJB MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdElaZU8tbkZhZEs1UHl3MUhLc2swVkJxckEwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3 Q0JELzM1NzBERjJFQjExNDExRUU5NUU3NDM2NUM0RjlBRTAyL3RJWmVPLW5GYWRL NVB5dzFIS3NrMFZCcXJBMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB23VLtoakqprEjPTK6TEJFEWj7UzaMyWs1x4kooKGOTOgf+TLjqZGGe aqJq5PYmGozjlVawbJeGq7g+Fu7EyOXdxE/Hvj8JmHxAElYDujIe7ZZ138IGAi6x FzCOCR7creH3hA+RNgrsVY6qB0Yk/xnewJCzSKUqOsI8aUd+7w1BFJ4xu5F1RAmF d5yjX17K0vMPUlQ5JGSHhhFohNfg4/+qOU3f8E1njuZoSVY0s3v/kPOEHABPoUfa ex/El+4i4YNxg6X+B/ADUQvDHkyW/kbU2EikQ7pCw90UOv+BfkZPfinWZAavR6iH InQZMm7fjX94Oaf/mMKlyA1cOH4TDNg= -----END CERTIFICATE-----Generated at Fri May 17 10:10:51 2024 by rpki-client on console-fra.rpki-client.org