$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: ZtAURNPydvHCf21p9ie7Sf5Xk+oAA7ztO/509P2F+XE= Subject key identifier: 3C:AA:EA:7A:04:D5:EC:A1:07:71:C5:E9:A4:49:AE:28:46:56:11:77 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0D1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0D16 Signing time: Sat 04 May 2024 18:53:05 +0000 Manifest this update: Sat 04 May 2024 18:53:05 +0000 Manifest next update: Sat 11 May 2024 18:53:05 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: WldK2anozgohZvd+F5ekRLZ5VAKYqaQJt0SM8sb+BUQ=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: 4nKaNnAA+FlebgMH5PkzemVsKEEak9q9/5kaFpxo0dg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:53:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3356 (0xd1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: May 4 18:53:05 2024 GMT Not After : May 11 18:53:05 2024 GMT Subject: CN=66368411-cd27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b7:8c:b8:bd:db:b0:15:60:86:e0:45:3a:20: 78:6e:0c:40:5e:a0:fb:0f:5b:60:f1:20:15:5f:ad: 3a:59:22:71:53:d5:90:33:07:c7:42:87:a8:76:33: 30:ab:17:93:66:2d:87:a2:45:90:68:43:84:66:6d: 64:33:77:15:fb:48:f7:bf:2f:d3:a3:be:c6:68:30: 99:6c:7a:ad:7f:1b:38:d3:b1:4c:53:1c:0d:1c:43: a0:18:e6:37:cc:fa:d6:35:a7:77:0c:e1:9a:c1:b5: d2:95:2e:04:1c:9e:cc:70:d7:24:c0:d4:ce:b9:39: ba:5d:55:39:f1:2f:6a:20:a5:86:4d:1a:d0:c6:56: 61:aa:09:b4:26:94:0b:e7:30:c1:fe:56:d8:df:d9: d2:d7:80:a2:c9:b5:a6:b6:64:66:2a:69:c6:a2:2a: 6b:df:77:9b:8c:55:4f:f4:d6:62:f7:52:60:f3:08: 16:cb:aa:03:ef:f5:31:20:15:80:41:2e:a7:9b:26: 6b:09:90:dd:93:25:b9:3b:9f:c0:fe:f4:ca:83:ff: 85:bc:d1:1a:14:30:47:ea:df:23:90:15:39:30:0e: c8:51:71:92:84:74:b4:e1:f7:ac:4e:f9:e5:29:36: 0f:b7:6e:d4:5b:db:1f:b6:5d:51:97:31:76:0f:e0: 69:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:AA:EA:7A:04:D5:EC:A1:07:71:C5:E9:A4:49:AE:28:46:56:11:77 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:e2:37:2c:ea:fa:f5:d0:0f:a5:e1:f5:66:75:a7:74:87:89: 7c:d4:88:da:5f:b5:46:ac:50:4e:c6:e4:03:bd:6e:5b:be:59: 96:59:d0:65:33:ca:f1:7d:f5:a3:49:22:61:cb:72:71:ed:25: 28:81:d5:94:50:67:af:78:7e:24:db:aa:24:1d:4d:27:90:a6: a5:81:e4:db:3d:46:f6:5a:fb:e6:5d:78:c6:62:e4:0d:f2:1c: 43:8f:4a:ec:a5:d9:12:d2:01:3d:20:a1:de:a1:91:78:b9:e9: 93:14:9c:7a:8f:67:5e:00:6e:6b:4b:83:95:ac:b3:a6:0b:e1: 42:7e:72:76:9e:43:4e:c0:1e:a7:68:f1:a9:09:6b:aa:87:2f: 48:89:60:e4:05:d1:87:be:ad:ca:2c:a6:d7:cd:ba:f9:41:0d: 91:88:74:81:b5:4b:b0:d5:18:3b:2b:b0:7e:f5:47:13:be:a1: 67:69:42:b2:03:9c:b9:57:46:46:26:92:05:a4:62:81:7e:1d: 89:47:72:9e:37:d7:95:81:91:60:0c:fa:e1:9d:cd:d3:f2:0c: 64:19:0f:1f:cf:02:62:26:90:3a:15:f3:a6:a5:0b:92:4b:d4: 54:21:a0:ec:cf:03:ec:d6:48:63:bc:ba:f3:32:ba:56:af:a9: de:7e:2c:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjQwNTA0MTg1MzA1WhcNMjQwNTExMTg1MzA1WjAYMRYwFAYD VQQDEw02NjM2ODQxMS1jZDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1LeMuL3bsBVghuBFOiB4bgxAXqD7D1tg8SAVX606WSJxU9WQMwfHQoeodjMw qxeTZi2HokWQaEOEZm1kM3cV+0j3vy/To77GaDCZbHqtfxs407FMUxwNHEOgGOY3 zPrWNad3DOGawbXSlS4EHJ7McNckwNTOuTm6XVU58S9qIKWGTRrQxlZhqgm0JpQL 5zDB/lbY39nS14CiybWmtmRmKmnGoipr33ebjFVP9NZi91Jg8wgWy6oD7/UxIBWA QS6nmyZrCZDdkyW5O5/A/vTKg/+FvNEaFDBH6t8jkBU5MA7IUXGShHS04fesTvnl KTYPt27UW9sftl1RlzF2D+Bp/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDyq6noE 1eyhB3HF6aRJrihGVhF3MB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl4jcs6vr10A+l4fVmdad0h4l81IjaX7VGrFBOxuQDvW5bvlmWWdBl M8rxffWjSSJhy3Jx7SUogdWUUGeveH4k26okHU0nkKalgeTbPUb2WvvmXXjGYuQN 8hxDj0rspdkS0gE9IKHeoZF4uemTFJx6j2deAG5rS4OVrLOmC+FCfnJ2nkNOwB6n aPGpCWuqhy9IiWDkBdGHvq3KLKbXzbr5QQ2RiHSBtUuw1Rg7K7B+9UcTvqFnaUKy A5y5V0ZGJpIFpGKBfh2JR3KeN9eVgZFgDPrhnc3T8gxkGQ8fzwJiJpA6FfOmpQuS S9RUIaDszwPs1khjvLrzMrpWr6nefiz8 -----END CERTIFICATE-----Generated at Sat May 4 20:37:14 2024 by rpki-client on console-fra.rpki-client.org