$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.mft File: EHo5wcwE8nzHJmPb97rm2SqVA4A.mft (raw, json) Hash identifier: 86bJ6WJ7mra4UoF662NepOWrs1GqcDwp8TDCq/Arulo= Subject key identifier: BA:83:DA:72:27:57:F8:AF:90:BF:BC:A2:E2:76:96:A2:C9:FF:EA:5F Authority key identifier: 10:7A:39:C1:CC:04:F2:7C:C7:26:63:DB:F7:BA:E6:D9:2A:95:03:80 Certificate issuer: /CN=A91AFBDA/serialNumber=107A39C1CC04F27CC72663DBF7BAE6D92A950380 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.mft Manifest number: 20 Signing time: Fri 17 May 2024 08:45:36 +0000 Manifest this update: Fri 17 May 2024 08:45:36 +0000 Manifest next update: Fri 24 May 2024 08:45:36 +0000 Files and hashes: 1: EHo5wcwE8nzHJmPb97rm2SqVA4A.crl (hash: A4fpeAvi56GRx+um2J0xuahB29Yw4DJlJ4Yi6rjjZ7I=) 2: 62246EC4E67E11EEAD030482C4F9AE02.roa (hash: JNSTi6YlhufjINfEjlj+6gqmVb617m0LLGx1Nj30gow=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.crl rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 08:22:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AFBDA/serialNumber=107A39C1CC04F27CC72663DBF7BAE6D92A950380 Validity Not Before: May 17 08:45:36 2024 GMT Not After : May 24 08:45:36 2024 GMT Subject: CN=66471930-cf38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:8e:14:41:13:14:52:27:95:97:56:65:30:95: 2c:c7:bc:06:93:3d:d0:0c:3c:3a:a0:ba:0c:38:cb: 23:e0:e0:b3:ac:f2:6b:54:5b:df:cc:0a:36:58:a4: 46:d9:2f:9d:30:e6:58:2a:0c:19:b4:60:02:67:0f: b4:eb:18:a1:fb:64:92:e0:39:32:f8:41:b4:c5:d8: 21:4b:14:54:53:ab:f1:24:0f:6a:88:10:a6:53:6d: 61:3c:7a:d9:45:bd:90:9b:11:df:f6:b6:06:c0:7e: 46:28:a0:8d:ca:5b:fb:f6:3f:b6:0f:e1:d8:f5:e2: 71:2b:fe:5d:3d:b8:f9:c8:b1:64:c2:36:06:38:92: c6:17:f3:77:66:a5:ed:3f:94:3e:63:3f:88:c5:dc: f9:67:11:d4:cc:c1:29:55:58:20:34:88:be:82:de: da:20:ff:77:a9:8c:67:57:48:a3:3a:67:97:b9:c3: ec:37:98:8d:4f:30:0a:26:23:82:13:da:7a:66:25: 8c:6c:dc:d1:d1:00:c6:99:b9:77:4d:a7:bc:e2:ef: df:b3:51:d3:73:67:87:5d:71:49:01:d9:78:d3:c4: 2e:8f:11:ed:2a:13:b4:e0:3a:ed:9d:9b:cd:89:8a: 94:b0:0c:bc:ce:c5:0c:e1:c1:5a:e4:89:b0:af:a4: f0:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:83:DA:72:27:57:F8:AF:90:BF:BC:A2:E2:76:96:A2:C9:FF:EA:5F X509v3 Authority Key Identifier: keyid:10:7A:39:C1:CC:04:F2:7C:C7:26:63:DB:F7:BA:E6:D9:2A:95:03:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EHo5wcwE8nzHJmPb97rm2SqVA4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFBDA/6AD374AAE65D11EEB6123E41C4F9AE02/EHo5wcwE8nzHJmPb97rm2SqVA4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:81:dc:9a:50:cb:42:16:cb:44:d0:47:6f:cd:f1:74:63:8d: ca:34:69:cb:f0:b7:db:57:75:bc:f7:05:8e:2f:ed:dc:0a:cc: e2:ee:1b:9d:93:fe:91:e7:3a:a1:a0:f3:78:77:f9:ea:79:7e: cb:c9:48:20:fa:f3:40:bd:51:ba:ad:e0:c5:6f:ab:1c:a9:0e: f2:c0:d2:6b:4e:51:91:fd:7c:a3:06:d2:8b:00:96:a4:8e:f4: 14:2e:2b:b5:93:d4:7a:7d:0f:bd:d7:dc:dc:f7:1d:b7:2e:63: 7f:bc:54:8f:14:dd:3a:1c:b3:18:ca:64:0b:3f:53:35:e3:2b: 6c:21:bf:bd:a6:dc:8f:95:6a:aa:33:56:d6:d6:e3:52:af:03: ea:21:41:c0:ad:d3:9d:91:df:9b:58:d3:34:60:fd:c7:63:02: 11:13:6d:1f:d3:96:59:46:04:54:d9:cc:72:b5:7f:56:65:45: da:3e:a6:e9:db:28:2f:44:c8:db:4c:2f:a4:03:97:6d:50:f3: 19:49:8b:c7:71:ab:7e:e6:f1:93:68:ac:13:7e:32:4f:78:0f: e2:94:17:61:20:4b:19:42:ca:ea:9a:41:23:c2:c3:d3:4b:25: 82:15:b6:d1:c4:11:e3:92:63:43:f0:f6:78:9a:7c:0f:a1:5a: 26:5d:13:8a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB RkJEQTExMC8GA1UEBRMoMTA3QTM5QzFDQzA0RjI3Q0M3MjY2M0RCRjdCQUU2RDky QTk1MDM4MDAeFw0yNDA1MTcwODQ1MzZaFw0yNDA1MjQwODQ1MzZaMBgxFjAUBgNV BAMTDTY2NDcxOTMwLWNmMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDgjhRBExRSJ5WXVmUwlSzHvAaTPdAMPDqgugw4yyPg4LOs8mtUW9/MCjZYpEbZ L50w5lgqDBm0YAJnD7TrGKH7ZJLgOTL4QbTF2CFLFFRTq/EkD2qIEKZTbWE8etlF vZCbEd/2tgbAfkYooI3KW/v2P7YP4dj14nEr/l09uPnIsWTCNgY4ksYX83dmpe0/ lD5jP4jF3PlnEdTMwSlVWCA0iL6C3tog/3epjGdXSKM6Z5e5w+w3mI1PMAomI4IT 2npmJYxs3NHRAMaZuXdNp7zi79+zUdNzZ4ddcUkB2XjTxC6PEe0qE7TgOu2dm82J ipSwDLzOxQzhwVrkibCvpPDhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuoPacidX +K+Qv7yi4naWosn/6l8wHwYDVR0jBBgwFoAUEHo5wcwE8nzHJmPb97rm2SqVA4Aw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGQkRBLzZBRDM3NEFBRTY1 RDExRUVCNjEyM0U0MUM0RjlBRTAyL0VIbzV3Y3dFOG56SEptUGI5N3JtMlNxVkE0 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRUhvNXdjd0U4bnpISm1QYjk3cm0yU3FWQTRBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFG QkRBLzZBRDM3NEFBRTY1RDExRUVCNjEyM0U0MUM0RjlBRTAyL0VIbzV3Y3dFOG56 SEptUGI5N3JtMlNxVkE0QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFiB3JpQy0IWy0TQR2/N8XRjjco0acvwt9tXdbz3BY4v7dwKzOLuG52T /pHnOqGg83h3+ep5fsvJSCD680C9Ubqt4MVvqxypDvLA0mtOUZH9fKMG0osAlqSO 9BQuK7WT1Hp9D73X3Nz3HbcuY3+8VI8U3TocsxjKZAs/UzXjK2whv72m3I+Vaqoz VtbW41KvA+ohQcCt052R35tY0zRg/cdjAhETbR/TlllGBFTZzHK1f1ZlRdo+punb KC9EyNtML6QDl21Q8xlJi8dxq37m8ZNorBN+Mk94D+KUF2EgSxlCyuqaQSPCw9NL JYIVttHEEeOSY0Pw9niafA+hWiZdE4o= -----END CERTIFICATE-----Generated at Fri May 17 10:59:13 2024 by rpki-client on console-ams.rpki-client.org