$ rpki-client -vvf rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft File: 28IYSbtMFwTSMZPEG3DGaxqWVi8.mft (raw, json) Hash identifier: gB2FByIUv4ENNd56adeMmbpYCru5Snun95A+fE/2dp4= Subject key identifier: 34:ED:08:AB:00:89:34:63:13:98:60:BC:61:1B:2A:B3:F0:7D:EF:68 Authority key identifier: DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F Certificate issuer: /CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Certificate serial: 146F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft Manifest number: 1467 Signing time: Sat 04 May 2024 17:30:05 +0000 Manifest this update: Sat 04 May 2024 17:30:05 +0000 Manifest next update: Sat 11 May 2024 17:30:05 +0000 Files and hashes: 1: 28IYSbtMFwTSMZPEG3DGaxqWVi8.crl (hash: i56EfeyJ4UziKXSnXMXr+4MG2dngaHDkKFqGGyO5Nsk=) 2: C355C10243E611E8843B4E66C4F9AE02.roa (hash: tE+xvKEU2lq0YqE+NTYg8y1a5SGXjU0ke0uyncrO2F0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:30:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5231 (0x146f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Validity Not Before: May 4 17:30:05 2024 GMT Not After : May 11 17:30:05 2024 GMT Subject: CN=6636709d-f2da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:ba:17:92:31:cc:26:76:fc:3c:e0:50:51:ba: 59:8a:e5:c0:59:3e:76:b1:a9:b1:8a:45:53:b7:7f: a9:47:6a:25:a7:46:a2:77:7d:ef:34:b5:f7:18:86: 03:72:93:4b:f1:71:8a:46:6c:8d:2d:66:14:a5:97: 4e:92:d3:01:57:e1:67:25:bb:5e:7c:83:da:ca:e0: fd:1a:ed:72:86:12:c3:13:c8:6e:3e:cc:d5:f2:4b: 6a:be:dd:cb:a5:49:2a:ce:48:60:0a:41:fe:b8:d0: 1a:2d:90:37:1e:ed:cd:9f:3b:52:4f:49:2a:a6:0c: c1:3d:80:27:9c:9e:5a:59:14:7f:32:6d:61:b8:f5: 7f:8e:51:63:ef:e6:4f:52:40:dc:2b:85:88:26:81: 12:1a:7f:79:07:d5:48:6e:50:58:35:53:ac:75:0c: 08:b4:49:7e:e1:06:5c:82:c1:5c:ee:51:ed:fa:c5: 5f:1d:34:1a:3a:12:ad:5e:2e:17:5b:4b:29:b2:90: 8a:d4:14:5c:77:e3:75:8e:69:3d:f2:ce:01:1f:84: c8:4a:ac:f1:c8:fb:2f:b7:04:dc:42:1a:d8:0c:42: ed:ba:9f:79:cc:95:5a:c5:0d:67:aa:cc:01:19:ad: 3c:65:95:b5:62:15:28:0c:0f:96:92:e3:f8:78:72: de:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:ED:08:AB:00:89:34:63:13:98:60:BC:61:1B:2A:B3:F0:7D:EF:68 X509v3 Authority Key Identifier: keyid:DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:0a:c5:38:5c:07:06:35:31:d8:86:8c:fd:45:09:2d:b5:84: 99:c8:a3:62:7f:49:48:65:ef:90:cc:01:88:85:46:9f:45:6d: 0b:80:ef:32:59:59:08:31:f6:e6:86:5a:0c:7f:58:80:d2:99: 19:7e:36:94:04:e6:58:89:0f:64:77:6a:8f:12:73:f5:f8:27: 75:6e:74:ef:08:db:99:41:4c:64:13:86:e1:6b:cb:28:2d:5b: c2:30:18:7b:ab:78:09:3b:33:f0:b1:b6:15:23:b3:72:42:87: 77:bf:dc:2d:89:99:df:e7:d3:50:e8:fa:6c:3b:4d:9f:88:68: 69:7b:87:34:01:ec:54:b0:1e:43:a0:28:85:de:77:51:01:99: 0a:d4:54:82:30:44:74:bb:ca:87:a7:d0:7a:5b:c5:74:7c:7d: 2a:09:c3:a9:79:90:c7:a7:ce:4c:99:d8:8c:ca:89:4a:88:d6: 53:a8:15:1a:46:c1:41:44:b9:49:ee:1f:06:18:7a:02:6d:75: 12:a1:70:c9:fe:8c:2d:f0:c6:a7:e1:16:56:3f:d6:60:72:ea: d2:27:0e:00:5d:1e:3c:09:9b:11:01:8e:06:ac:15:7c:3a:93: 5c:e3:dd:64:80:fe:e8:56:d2:53:35:3e:8c:23:af:bf:62:0c: fb:23:f4:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMyMzMxMTAvBgNVBAUTKERCQzIxODQ5QkI0QzE3MDREMjMxOTNDNDFCNzBDNjZC MUE5NjU2MkYwHhcNMjQwNTA0MTczMDA1WhcNMjQwNTExMTczMDA1WjAYMRYwFAYD VQQDEw02NjM2NzA5ZC1mMmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9roXkjHMJnb8POBQUbpZiuXAWT52samxikVTt3+pR2olp0aid33vNLX3GIYD cpNL8XGKRmyNLWYUpZdOktMBV+FnJbtefIPayuD9Gu1yhhLDE8huPszV8ktqvt3L pUkqzkhgCkH+uNAaLZA3Hu3NnztST0kqpgzBPYAnnJ5aWRR/Mm1huPV/jlFj7+ZP UkDcK4WIJoESGn95B9VIblBYNVOsdQwItEl+4QZcgsFc7lHt+sVfHTQaOhKtXi4X W0spspCK1BRcd+N1jmk98s4BH4TISqzxyPsvtwTcQhrYDELtup95zJVaxQ1nqswB Ga08ZZW1YhUoDA+WkuP4eHLeuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDTtCKsA iTRjE5hgvGEbKrPwfe9oMB8GA1UdIwQYMBaAFNvCGEm7TBcE0jGTxBtwxmsallYv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzIzMy8xRkRBRkQ2MjQz RTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3VFNNWlBFRzNER2F4cVdW aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI4SVlTYnRNRndUU01aUEVHM0RHYXhxV1ZpOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzIzMy8xRkRBRkQ2MjQzRTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3 VFNNWlBFRzNER2F4cVdWaTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfCsU4XAcGNTHYhoz9RQkttYSZyKNif0lIZe+QzAGIhUafRW0LgO8y WVkIMfbmhloMf1iA0pkZfjaUBOZYiQ9kd2qPEnP1+Cd1bnTvCNuZQUxkE4bha8so LVvCMBh7q3gJOzPwsbYVI7NyQod3v9wtiZnf59NQ6PpsO02fiGhpe4c0AexUsB5D oCiF3ndRAZkK1FSCMER0u8qHp9B6W8V0fH0qCcOpeZDHp85MmdiMyolKiNZTqBUa RsFBRLlJ7h8GGHoCbXUSoXDJ/owt8Man4RZWP9ZgcurSJw4AXR48CZsRAY4GrBV8 OpNc491kgP7oVtJTNT6MI6+/Ygz7I/T4 -----END CERTIFICATE-----Generated at Sat May 4 19:58:42 2024 by rpki-client on console-ams.rpki-client.org