$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft File: KbaocCpK1kSocQZLZAet5JPmOo0.mft (raw, json) Hash identifier: i0A+njJHEUgeUORdL9EUjvlQbR1zkYVIqaboiqWZnIk= Subject key identifier: 2C:01:BF:C9:B3:12:AE:5A:73:DA:5F:5E:71:A7:70:19:15:A0:3A:62 Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D Certificate issuer: /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Certificate serial: 18B5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft Manifest number: 18AC Signing time: Tue 30 Apr 2024 16:59:58 +0000 Manifest this update: Tue 30 Apr 2024 16:59:58 +0000 Manifest next update: Tue 07 May 2024 16:59:58 +0000 Files and hashes: 1: KbaocCpK1kSocQZLZAet5JPmOo0.crl (hash: sna2wfJfqGsQOlqq0M26CLZCTAf1R6Qzxp5qcbr5a5Q=) 2: 53CBF5C66D1911E7A4448D81C4F9AE02.roa (hash: AP8Bb/DnmyM2tgkL9jAKis+gWAoJdpiwH0PuM/5AeKw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 16:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6325 (0x18b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Validity Not Before: Apr 30 16:59:58 2024 GMT Not After : May 7 16:59:58 2024 GMT Subject: CN=6631238e-8864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4b:d2:9d:a5:15:e1:18:4b:8d:a2:a7:86:1a: 3a:80:b3:61:0c:8b:6f:1d:9d:c1:79:9b:ad:fa:de: 8d:0b:b1:6c:7f:0b:46:e2:1a:49:bc:7c:bb:9f:4f: 93:cc:30:9d:af:72:8e:2d:e9:6a:7d:0d:6d:1f:9d: 15:c8:65:00:66:07:88:04:fc:f0:23:27:82:f5:16: d7:75:c8:a5:9b:49:0e:f0:c8:66:2a:93:cb:c3:f5: 02:63:18:27:42:a9:0d:1f:d6:ba:fb:4d:34:8b:7a: d8:dc:2f:1d:29:ad:6c:a7:08:3a:fd:3a:03:77:12: 24:dd:7d:54:e8:dd:09:7f:24:44:9b:91:38:a4:57: cf:a5:e9:65:15:c1:ae:ec:b5:ed:ba:00:93:3e:42: c6:39:ed:3f:69:1a:99:9b:f4:59:b8:d8:03:77:f6: cc:7c:81:e3:ad:41:57:b6:eb:1f:5d:51:37:5b:17: da:2f:a0:fe:fd:ec:f9:af:81:a1:89:48:5e:35:c1: 2e:ed:c7:e4:6d:59:68:bb:d7:7c:31:4c:58:3f:95: c2:a6:83:8d:33:b3:e9:0e:20:7d:d1:3c:76:88:17: 18:1c:46:66:c5:24:4c:cd:e5:f7:c9:f7:59:12:f2: 1b:8d:d5:01:34:00:20:88:95:d0:d3:e5:ef:6a:d8: 5e:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:01:BF:C9:B3:12:AE:5A:73:DA:5F:5E:71:A7:70:19:15:A0:3A:62 X509v3 Authority Key Identifier: keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:c4:b7:bc:e7:81:41:0f:51:2f:c1:66:e8:ff:3b:db:a1:44: 2b:25:ad:9c:16:fc:ee:a2:2a:c9:22:53:8e:1e:0f:85:8c:d9: 33:32:36:2a:b8:10:01:e1:c8:e9:b6:82:c1:48:94:fd:4d:71: 1a:a8:64:0a:aa:65:29:54:82:35:53:4f:07:50:4c:61:fa:bb: 5e:94:1b:71:09:cb:c1:39:09:9b:23:7b:92:b3:f9:36:2b:78: b3:f6:16:f5:0c:5c:34:e8:d0:71:50:eb:5a:25:73:10:29:56: a6:d6:2d:bc:75:f0:79:37:c7:69:3d:e1:33:e8:45:10:60:db: b7:ab:ad:64:fa:89:d6:41:59:31:61:6f:a0:a8:58:ba:e2:72: 79:6d:83:47:0f:c0:3c:e5:69:3a:84:7f:47:bd:d8:09:aa:ee: 48:5e:ac:a5:5b:41:95:13:e5:29:c6:4c:ee:9d:37:4e:47:f8: af:3d:7b:76:1c:d8:ca:9e:07:33:e5:b1:b1:63:5c:4e:43:9c: 28:fe:39:52:1d:bf:36:96:bb:15:9d:1b:aa:1a:87:a4:89:fc: e8:02:93:2e:53:d3:36:06:d8:86:0a:0f:41:00:c3:74:2b:50: f0:9a:df:8a:1a:86:9a:4e:02:ca:f9:7f:f8:f3:2d:dc:0e:ad: 38:a2:60:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0 OTNFNjNBOEQwHhcNMjQwNDMwMTY1OTU4WhcNMjQwNTA3MTY1OTU4WjAYMRYwFAYD VQQDEw02NjMxMjM4ZS04ODY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsEvSnaUV4RhLjaKnhho6gLNhDItvHZ3BeZut+t6NC7FsfwtG4hpJvHy7n0+T zDCdr3KOLelqfQ1tH50VyGUAZgeIBPzwIyeC9RbXdcilm0kO8MhmKpPLw/UCYxgn QqkNH9a6+000i3rY3C8dKa1spwg6/ToDdxIk3X1U6N0JfyREm5E4pFfPpellFcGu 7LXtugCTPkLGOe0/aRqZm/RZuNgDd/bMfIHjrUFXtusfXVE3WxfaL6D+/ez5r4Gh iUheNcEu7cfkbVlou9d8MUxYP5XCpoONM7PpDiB90Tx2iBcYHEZmxSRMzeX3yfdZ EvIbjdUBNAAgiJXQ0+XvatheiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCwBv8mz Eq5ac9pfXnGncBkVoDpiMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUFGMy85M0JCNTAyRTZEMTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFr U29jUVpMWkFldDVKUG1PbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmxLe854FBD1EvwWbo/zvboUQrJa2cFvzuoirJIlOOHg+FjNkzMjYq uBAB4cjptoLBSJT9TXEaqGQKqmUpVII1U08HUExh+rtelBtxCcvBOQmbI3uSs/k2 K3iz9hb1DFw06NBxUOtaJXMQKVam1i28dfB5N8dpPeEz6EUQYNu3q61k+onWQVkx YW+gqFi64nJ5bYNHD8A85Wk6hH9HvdgJqu5IXqylW0GVE+UpxkzunTdOR/ivPXt2 HNjKngcz5bGxY1xOQ5wo/jlSHb82lrsVnRuqGoekifzoApMuU9M2BtiGCg9BAMN0 K1Dwmt+KGoaaTgLK+X/48y3cDq04omB3 -----END CERTIFICATE-----Generated at Tue Apr 30 19:22:16 2024 by rpki-client on console-ams.rpki-client.org