$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft File: 2en59z7k9bHN8XYsLfODKVCja30.mft (raw, json) Hash identifier: gFGzUQ5Z256SDL7MvPyAtdiBrdz2L7GLtWgWoG0L208= Subject key identifier: 91:13:B0:55:B6:40:A3:2E:26:B4:F7:AE:BB:12:9C:5B:19:84:DC:F5 Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Certificate serial: 33C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft Manifest number: 33C1 Signing time: Thu 02 May 2024 15:07:28 +0000 Manifest this update: Thu 02 May 2024 15:07:28 +0000 Manifest next update: Thu 09 May 2024 15:07:28 +0000 Files and hashes: 1: 2en59z7k9bHN8XYsLfODKVCja30.crl (hash: UJ+kNg8roXklqEcDth8ZvNVRNP7+F1Gy1ym3/cR/AMY=) 2: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (hash: QZJWJH8ffRS/84lld/jGevk5cgpEhPMCEoE6pSD5XIs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 15:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13254 (0x33c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Validity Not Before: May 2 15:07:28 2024 GMT Not After : May 9 15:07:28 2024 GMT Subject: CN=6633ac30-7382 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:16:e5:85:c5:d8:8d:d9:38:54:dc:66:74:70: 27:17:34:f8:de:fa:e3:19:89:e7:ad:fa:1c:b1:79: ab:e3:58:73:f4:6b:eb:4d:24:61:30:db:30:d9:84: 2c:20:67:48:e5:97:03:d8:2a:12:3a:ac:07:56:31: d0:a8:7d:37:d6:18:a9:02:dd:8c:d1:81:cb:5e:5f: 3a:33:b1:59:60:a0:68:06:49:9d:a2:c0:37:c4:e6: e8:37:cf:e3:c1:74:a9:e5:36:b5:29:0a:6e:1f:7c: b4:c9:d0:e0:71:c9:85:6a:32:1e:72:38:8f:c4:ee: 17:ff:81:b3:90:51:90:1f:5d:3d:76:ef:ab:fc:19: c8:8b:d5:0f:35:4e:de:39:08:25:41:72:cf:04:55: 5d:ef:e2:1d:51:f5:f4:c5:4b:bb:8a:ac:55:dd:b7: 03:5c:7b:5f:2a:2d:c2:be:59:5d:b8:eb:ac:91:c6: 78:2f:8e:30:0c:79:2f:99:91:6d:25:98:c1:44:44: 6b:d4:0b:d8:73:8a:fa:84:1f:dd:29:7d:6f:71:44: 75:0c:d0:a4:8e:df:2a:8f:bc:5a:ae:5d:be:60:e7: 34:e6:e1:b6:fb:33:f9:2e:b9:d6:0d:e6:bb:e6:41: 01:36:cf:72:18:f3:6a:fd:90:02:ad:ef:6c:3e:79: 3b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:13:B0:55:B6:40:A3:2E:26:B4:F7:AE:BB:12:9C:5B:19:84:DC:F5 X509v3 Authority Key Identifier: keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:27:3b:5a:dd:6c:f7:2f:ff:f9:97:84:9e:bd:a1:5e:fd:2f: 58:be:b9:e2:db:bb:16:47:be:72:f2:14:70:4e:a4:ae:6a:58: 80:f1:0e:9b:e0:41:d1:72:c4:9e:0e:bd:ff:f8:a5:01:91:ae: 2c:66:a6:f1:79:43:31:33:df:d1:76:81:86:3a:92:7c:14:e1: d2:24:4f:6d:b7:2e:d8:f2:05:3f:31:92:eb:6d:4e:28:23:b3: ac:ac:0b:a0:40:72:3a:8c:f3:bc:59:88:e1:eb:11:a7:bc:ef: 19:f1:04:cb:b2:95:7a:54:02:93:01:9d:df:f1:73:10:5b:31: fa:dd:f1:8a:e9:5a:4a:91:63:ee:3f:5e:ac:8a:7b:7f:0a:6a: 63:da:1d:1a:3e:29:7c:af:6e:e3:58:ca:34:ac:75:7b:d9:35: 42:22:98:f4:04:df:85:72:a7:5a:fa:7b:32:ce:76:08:64:71: 62:c1:a2:3c:33:50:d0:cc:56:4b:8c:6a:0c:d6:1c:3e:19:09: 83:9a:57:41:ff:0a:0e:47:97:1f:34:c3:ea:d8:18:77:4c:00: 09:90:ed:01:35:16:0c:e3:fd:03:90:f3:ac:8d:0a:15:1e:52: c8:1c:20:b7:af:0d:96:b4:95:34:a5:67:05:5a:c2:06:6e:50: 15:de:41:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5 NTBBMzZCN0QwHhcNMjQwNTAyMTUwNzI4WhcNMjQwNTA5MTUwNzI4WjAYMRYwFAYD VQQDEw02NjMzYWMzMC03MzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvhblhcXYjdk4VNxmdHAnFzT43vrjGYnnrfocsXmr41hz9GvrTSRhMNsw2YQs IGdI5ZcD2CoSOqwHVjHQqH031hipAt2M0YHLXl86M7FZYKBoBkmdosA3xOboN8/j wXSp5Ta1KQpuH3y0ydDgccmFajIecjiPxO4X/4GzkFGQH109du+r/BnIi9UPNU7e OQglQXLPBFVd7+IdUfX0xUu7iqxV3bcDXHtfKi3CvllduOuskcZ4L44wDHkvmZFt JZjBRERr1AvYc4r6hB/dKX1vcUR1DNCkjt8qj7xarl2+YOc05uG2+zP5LrnWDea7 5kEBNs9yGPNq/ZACre9sPnk7HQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJETsFW2 QKMuJrT3rrsSnFsZhNz1MB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUNCMi8zN0Q1QTNERTFEOUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azli SE44WFlzTGZPREtWQ2phMzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAJzta3Wz3L//5l4SevaFe/S9Yvrni27sWR75y8hRwTqSualiA8Q6b 4EHRcsSeDr3/+KUBka4sZqbxeUMxM9/RdoGGOpJ8FOHSJE9tty7Y8gU/MZLrbU4o I7OsrAugQHI6jPO8WYjh6xGnvO8Z8QTLspV6VAKTAZ3f8XMQWzH63fGK6VpKkWPu P16sint/Cmpj2h0aPil8r27jWMo0rHV72TVCIpj0BN+Fcqda+nsyznYIZHFiwaI8 M1DQzFZLjGoM1hw+GQmDmldB/woOR5cfNMPq2Bh3TAAJkO0BNRYM4/0DkPOsjQoV HlLIHCC3rw2WtJU0pWcFWsIGblAV3kEe -----END CERTIFICATE-----Generated at Thu May 2 17:18:56 2024 by rpki-client on console-ams.rpki-client.org