$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft File: httX5pD30wkpOii6fFX7ivN9Xb0.mft (raw, json) Hash identifier: Ojae83a6Km1pwj970CdKfLpQaW8gwNvqltIhw+lQqOY= Subject key identifier: 12:3F:E2:EE:8E:23:91:31:96:29:D0:0A:AD:D3:5C:FE:AD:D2:3E:9D Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 351C Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft Manifest number: 351C Signing time: Sat 18 May 2024 14:37:12 +0000 Manifest this update: Sat 18 May 2024 14:37:11 +0000 Manifest next update: Sat 25 May 2024 14:37:11 +0000 Files and hashes: 1: httX5pD30wkpOii6fFX7ivN9Xb0.crl (hash: x2/Mq0oYi5+fZ5ebxXgUPOlHPWXiUB3UjTpDHWz3Nqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:37:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13596 (0x351c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: May 18 14:37:11 2024 GMT Not After : May 25 14:37:11 2024 GMT Subject: CN=6648bd17-de64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:13:05:bd:20:10:09:9e:3a:ea:ea:ee:d9:b2: 73:ae:fb:f4:fe:5c:4c:d2:51:45:1e:f5:b6:74:15: bb:cf:cc:4f:67:5f:ac:5f:9e:74:6f:48:32:d5:90: fc:db:bb:7e:4f:90:1b:71:e1:14:d8:df:23:43:f1: 9b:1a:48:19:d6:5c:85:68:31:d8:2a:bf:0e:1c:f4: 60:60:c4:97:a2:c6:a6:a9:69:62:c7:d7:c2:8a:3e: cf:64:c7:aa:b8:95:3e:0b:6a:80:85:9f:0e:3d:27: a6:61:07:cc:2f:7e:e3:f7:b5:86:b4:1d:03:08:e7: 3c:ba:ca:95:ba:3c:91:a1:8d:7a:4a:c2:17:5b:79: c7:40:a4:61:fc:fd:a2:28:95:25:16:85:60:f4:40: a7:a9:c6:fd:da:d1:55:30:33:a7:f3:0a:65:48:ee: f6:32:5c:f4:5c:f4:d8:0a:4c:50:f9:d6:be:ad:f1: 78:e1:89:c6:1b:f7:f4:07:61:7e:76:87:84:b2:8d: 3d:e3:4e:08:fa:12:53:24:ee:9a:dd:5a:dd:4b:be: 3d:fa:14:7f:62:86:39:5c:7e:0a:9c:f5:36:bc:b5: 8d:c9:2b:2c:6b:16:ff:c4:11:b4:b4:5c:9d:3e:e0: ab:08:f4:e1:41:c6:75:90:54:7c:cf:7f:dd:78:26: 9f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:3F:E2:EE:8E:23:91:31:96:29:D0:0A:AD:D3:5C:FE:AD:D2:3E:9D X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:8e:5d:b6:1b:e6:c2:a8:14:fe:eb:c8:89:f8:e8:60:31:be: 8d:b7:4a:07:99:f8:78:39:96:3b:e5:69:db:b9:60:4b:cf:cc: 2f:1b:8f:ba:54:a5:0f:3e:6a:36:d1:a7:8a:5c:ba:6b:77:ea: 16:58:b9:21:db:08:8f:76:d2:e3:fc:e0:3d:91:f6:5b:92:71: 93:62:6a:09:10:98:07:14:f7:c2:7a:ac:c6:4e:e4:c8:e2:84: 6b:92:f9:d3:0f:73:e5:c9:9d:da:31:07:9b:47:85:fa:e8:cc: 26:a5:f0:5d:11:82:64:ed:d6:e4:a5:80:57:91:5b:b7:34:19: 3b:6e:7f:7d:27:b1:26:73:17:35:19:08:07:4c:f2:f1:c3:37: b1:5f:62:24:00:95:3c:e5:aa:51:91:1b:e1:c3:e2:38:32:eb: 14:f0:41:c7:be:3f:67:cc:02:2d:d5:9d:25:96:63:11:13:b5: 37:a0:30:b3:49:28:2c:3d:d5:0b:50:24:ae:23:4b:6e:25:92: 82:cd:e1:45:ed:9c:6e:e1:a6:6a:40:aa:4c:d9:e8:f4:29:5e: 7e:1e:84:32:12:ef:c1:a0:bd:a3:7e:f2:41:14:e3:1b:81:35: db:58:6a:33:72:fa:16:d2:5d:a2:c2:14:b1:13:b5:d0:22:f0: de:93:44:3a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjQwNTE4MTQzNzExWhcNMjQwNTI1MTQzNzExWjAYMRYwFAYD VQQDEw02NjQ4YmQxNy1kZTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxBMFvSAQCZ466uru2bJzrvv0/lxM0lFFHvW2dBW7z8xPZ1+sX550b0gy1ZD8 27t+T5AbceEU2N8jQ/GbGkgZ1lyFaDHYKr8OHPRgYMSXosamqWlix9fCij7PZMeq uJU+C2qAhZ8OPSemYQfML37j97WGtB0DCOc8usqVujyRoY16SsIXW3nHQKRh/P2i KJUlFoVg9ECnqcb92tFVMDOn8wplSO72Mlz0XPTYCkxQ+da+rfF44YnGG/f0B2F+ doeEso09404I+hJTJO6a3VrdS749+hR/YoY5XH4KnPU2vLWNySssaxb/xBG0tFyd PuCrCPThQcZ1kFR8z3/deCafWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBI/4u6O I5ExlinQCq3TXP6t0j6dMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTYwQS9COTk1M0RCQTFEOEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3 a3BPaWk2ZkZYN2l2TjlYYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5jl22G+bCqBT+68iJ+OhgMb6Nt0oHmfh4OZY75WnbuWBLz8wvG4+6 VKUPPmo20aeKXLprd+oWWLkh2wiPdtLj/OA9kfZbknGTYmoJEJgHFPfCeqzGTuTI 4oRrkvnTD3PlyZ3aMQebR4X66MwmpfBdEYJk7dbkpYBXkVu3NBk7bn99J7Emcxc1 GQgHTPLxwzexX2IkAJU85apRkRvhw+I4MusU8EHHvj9nzAIt1Z0llmMRE7U3oDCz SSgsPdULUCSuI0tuJZKCzeFF7Zxu4aZqQKpM2ej0KV5+HoQyEu/BoL2jfvJBFOMb gTXbWGozcvoW0l2iwhSxE7XQIvDek0Q6 -----END CERTIFICATE-----Generated at Sat May 18 15:58:25 2024 by rpki-client on console-ams.rpki-client.org