$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: TG7J+pGzPJRu2gYfqQGmtmqdGjYH/D9SykTbN18q6QA= Subject key identifier: B2:99:E6:DB:6D:0D:44:BC:E1:17:9F:B5:C8:DB:FB:65:8F:D5:88:1A Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: 25 Signing time: Fri 17 May 2024 08:39:10 +0000 Manifest this update: Fri 17 May 2024 08:39:09 +0000 Manifest next update: Fri 24 May 2024 08:39:09 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: dLmJJCWMsizFp5MMz2X3ibWuDqJZ3r9fYm4+zc8aN9k=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: xVEJPm+31bLznblOWhCpwIQYSTvCz1YQ0x0L0sMQxuU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: May 17 08:39:09 2024 GMT Not After : May 24 08:39:09 2024 GMT Subject: CN=664717ad-342c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:eb:49:b8:e5:c7:74:28:2b:86:2d:50:a9:65: 1c:8d:a4:0b:ff:78:6d:ec:2c:4d:6f:c1:a2:bb:09: 53:a7:b0:1c:7a:92:d0:c4:5f:77:ad:45:da:d3:76: 0c:9f:c2:7d:61:d5:ba:02:37:36:4b:29:17:9d:98: 0a:7a:e7:a0:a7:c3:e7:b7:0d:6e:b9:d5:fa:16:6f: a4:fe:83:52:c1:97:d5:d1:6e:af:d4:20:81:8a:88: d0:2e:1a:56:6d:dc:25:b1:aa:fa:91:6a:a7:b1:2b: 1d:d0:ed:e8:fe:55:a5:23:79:33:4c:65:e4:24:d7: 7f:c4:36:a0:b0:6b:0a:60:5c:d9:e0:54:41:2a:a7: 41:a2:30:bb:ed:11:40:9a:2e:3e:40:8b:6e:8b:69: 35:49:d2:ef:56:97:b4:38:ce:c0:c0:11:b2:6e:3a: 89:7e:ea:a3:ec:e8:db:ad:b7:0d:bf:c2:62:4d:19: b1:51:ed:fc:37:a0:98:a6:ee:d9:f1:24:46:e7:be: c8:e7:8c:85:ed:fa:04:b0:ed:6f:47:c9:55:6e:30: 96:23:a1:70:30:43:c0:e9:2b:5e:c1:36:41:99:61: 20:63:8f:be:2e:8f:25:0e:5d:5d:bf:45:b4:9d:77: 3a:56:86:5b:45:93:e4:d9:5f:c8:5a:ac:f0:fa:15: c0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:99:E6:DB:6D:0D:44:BC:E1:17:9F:B5:C8:DB:FB:65:8F:D5:88:1A X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:e5:8f:d0:52:5e:78:c3:31:a6:17:81:e5:ba:5e:9e:14:58: 31:25:39:e1:a9:52:f2:9d:1e:89:77:c4:86:e9:6a:3c:cf:ba: f0:06:0b:9d:59:40:16:c7:15:63:76:77:c7:86:98:33:6e:de: 31:48:e6:1b:18:dd:3d:e2:30:05:78:e7:8d:c2:c3:91:dd:76: 0b:71:f2:28:7a:d9:66:45:3e:8f:08:20:ba:de:f7:b7:3a:3c: ae:c1:79:bb:b0:f6:39:9f:d0:c2:86:48:8d:f0:b5:b9:0b:25: 9d:8b:66:43:e5:a1:c5:20:f2:80:74:a0:75:2f:4d:76:b1:de: f8:dd:55:57:23:ed:5d:26:e4:a6:7b:95:f0:c9:5b:85:56:95: a8:cf:e1:da:54:d2:dc:d9:f8:ae:0b:fa:b6:21:65:47:a1:63: ac:d4:5b:d9:e8:c0:68:ee:6f:6d:1b:ac:83:9c:93:7c:eb:ae: d7:01:37:19:03:e2:35:33:15:07:1c:ef:c3:c5:50:71:b2:cc: 7b:66:2c:92:cf:e2:6a:a0:8f:8a:3a:d1:26:c1:f9:c2:5d:9e: d0:e0:3a:e8:b4:c8:64:51:fa:a7:a2:d9:99:5d:5c:eb:5f:f6: 50:60:5f:e4:db:2a:29:14:a4:bc:3b:78:4e:e7:a2:93:b1:1a: 4a:93:72:6f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjlEQTExMC8GA1UEBRMoMkZEMjRCNkZENzk4MDQ0NTczNTQzODY2NjJDRTMwRERB M0IyMDBCNTAeFw0yNDA1MTcwODM5MDlaFw0yNDA1MjQwODM5MDlaMBgxFjAUBgNV BAMTDTY2NDcxN2FkLTM0MmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDX60m45cd0KCuGLVCpZRyNpAv/eG3sLE1vwaK7CVOnsBx6ktDEX3etRdrTdgyf wn1h1boCNzZLKRedmAp656Cnw+e3DW651foWb6T+g1LBl9XRbq/UIIGKiNAuGlZt 3CWxqvqRaqexKx3Q7ej+VaUjeTNMZeQk13/ENqCwawpgXNngVEEqp0GiMLvtEUCa Lj5Ai26LaTVJ0u9Wl7Q4zsDAEbJuOol+6qPs6Nuttw2/wmJNGbFR7fw3oJim7tnx JEbnvsjnjIXt+gSw7W9HyVVuMJYjoXAwQ8DpK17BNkGZYSBjj74ujyUOXV2/RbSd dzpWhltFk+TZX8harPD6FcBxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUspnm220N RLzhF5+1yNv7ZY/ViBowHwYDVR0jBBgwFoAUL9JLb9eYBEVzVDhmYs4w3aOyALUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyOURBLzM0QjVCNTE0REE1 NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFM VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTDlKTGI5ZVlCRVZ6VkRobVlzNHczYU95QUxVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy OURBLzM0QjVCNTE0REE1NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZQkVW elZEaG1ZczR3M2FPeUFMVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIjlj9BSXnjDMaYXgeW6Xp4UWDElOeGpUvKdHol3xIbpajzPuvAGC51Z QBbHFWN2d8eGmDNu3jFI5hsY3T3iMAV4543Cw5Hddgtx8ih62WZFPo8IILre97c6 PK7Bebuw9jmf0MKGSI3wtbkLJZ2LZkPlocUg8oB0oHUvTXax3vjdVVcj7V0m5KZ7 lfDJW4VWlajP4dpU0tzZ+K4L+rYhZUehY6zUW9nowGjub20brIOck3zrrtcBNxkD 4jUzFQcc78PFUHGyzHtmLJLP4mqgj4o60SbB+cJdntDgOui0yGRR+qei2ZldXOtf 9lBgX+TbKikUpLw7eE7nopOxGkqTcm8= -----END CERTIFICATE-----Generated at Fri May 17 10:10:51 2024 by rpki-client on console-fra.rpki-client.org