$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft File: HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft (raw, json) Hash identifier: 4lFMOnuyI5BQjvXRmzrk6yY6W2sDtoZZ3RBbwVlTuK8= Subject key identifier: 5C:FF:A6:C4:C4:91:DC:E4:F5:05:00:AD:91:D0:E6:8F:26:60:4D:34 Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Certificate serial: 129F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft Manifest number: 1278 Signing time: Thu 02 May 2024 17:44:42 +0000 Manifest this update: Thu 02 May 2024 17:44:41 +0000 Manifest next update: Thu 09 May 2024 17:44:41 +0000 Files and hashes: 1: HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl (hash: iHDOgYvziFPa1qroctYkb9i0H2PAUzvmCs13HZZ1D/8=) 2: 40366CF0F8C811EBB7BFD243C4F9AE02.roa (hash: 8hyXNYESkSjUrpbYxaS/qkwp3HcVC+EurBWeQvWRtvM=) 3: E4A74BE6255211EB96B9B269C4F9AE02.roa (hash: Ahmq+kO6A0bgXkAjwTqcQfdgpiGuxiz20RpREd5Xycs=) 4: 538F7B12B1D711EBB3C0A24AC4F9AE02.roa (hash: lphxg6l5kCfwED0OWn5gQnqtc1lhTVAr6wMcBhF8yGk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 17:44:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4767 (0x129f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Validity Not Before: May 2 17:44:41 2024 GMT Not After : May 9 17:44:41 2024 GMT Subject: CN=6633d109-60bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:61:e6:c5:62:06:3f:ef:c2:9b:5c:2d:9a:ac: 43:61:a5:da:cc:d9:b5:df:c8:2f:ae:1c:c3:65:e4: e0:fd:ae:13:7c:a6:38:63:83:c6:31:23:6c:3e:83: 27:12:fd:2e:87:7c:2a:49:37:df:77:c8:87:5b:ea: d2:38:2a:54:c3:81:ff:09:90:ce:6a:a2:95:1f:30: 34:e1:4e:5c:85:24:36:c6:cc:7d:f3:b7:b1:25:f8: 20:27:98:92:84:83:b6:aa:c1:b2:b1:34:a7:a5:5f: 1e:89:ea:34:3a:87:10:9f:35:7c:6f:98:c6:f8:ea: a8:53:13:24:b1:0d:5f:b3:2b:72:da:9f:c4:9e:5c: 5b:b9:b8:cd:c1:92:c3:11:32:3d:b7:64:8e:69:4e: 5e:ff:3e:c8:0c:f4:00:9e:ea:94:53:0b:f5:da:8e: 7a:bd:33:25:7a:e0:d9:e7:0b:4a:e5:80:ca:04:f1: 8d:1b:56:1f:bd:5c:f8:8f:2f:0c:32:1b:f9:ca:84: 7f:03:09:4c:80:38:39:71:dd:88:62:3a:40:7d:ff: 05:ff:85:86:b7:fd:58:d9:fb:b2:da:6a:c3:2a:40: 77:eb:47:6f:72:65:c6:41:dc:50:6b:fc:e2:aa:c3: 1d:59:e9:1b:cc:92:36:b8:99:26:7e:13:ac:98:a0: c7:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:FF:A6:C4:C4:91:DC:E4:F5:05:00:AD:91:D0:E6:8F:26:60:4D:34 X509v3 Authority Key Identifier: keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:01:9a:99:17:fd:a2:97:ca:bf:c5:1e:ae:94:e7:54:6b:0b: a1:61:65:ec:7d:ac:0f:ed:6c:40:6e:9b:06:fc:5c:0f:7e:93: d2:7e:21:a3:82:02:93:03:e5:b1:26:b9:79:d3:6e:a5:58:c2: 06:be:2d:4c:f7:19:11:81:c7:43:bc:02:ff:d9:e8:0a:b6:89: 4a:fc:eb:96:ab:3a:49:a8:78:f8:b6:b0:59:70:96:9a:42:db: 3e:92:67:b1:05:f6:4d:a6:88:03:14:6a:14:e0:89:36:fc:46: 4c:6a:ec:9b:bc:03:43:aa:bd:1a:43:6e:33:a1:bd:e4:52:42: 30:d1:52:ca:b0:16:7f:0b:cb:64:68:bc:36:65:9a:86:4e:ff: 7d:2e:11:13:58:f8:ce:9c:9e:7a:9e:07:55:ba:f3:10:21:e3: 9d:42:f6:6a:06:56:3b:5b:69:1b:ac:e5:d5:0d:8c:f5:6a:42: 5b:1e:4e:23:59:e9:b6:3b:c5:4e:ba:95:94:f7:a0:eb:2b:bf: 61:54:81:07:40:c3:88:4b:0e:9f:14:a4:13:f4:f4:ad:c8:fe: 43:dc:74:65:10:d4:b2:ab:be:47:6c:85:93:3c:35:87:d3:ae: 1e:c5:a4:e1:fd:ed:bf:59:4b:5b:86:72:94:fc:90:61:ed:bb: 0a:87:6c:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB MjJDNjRCM0IwHhcNMjQwNTAyMTc0NDQxWhcNMjQwNTA5MTc0NDQxWjAYMRYwFAYD VQQDEw02NjMzZDEwOS02MGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1GHmxWIGP+/Cm1wtmqxDYaXazNm138gvrhzDZeTg/a4TfKY4Y4PGMSNsPoMn Ev0uh3wqSTffd8iHW+rSOCpUw4H/CZDOaqKVHzA04U5chSQ2xsx987exJfggJ5iS hIO2qsGysTSnpV8eieo0OocQnzV8b5jG+OqoUxMksQ1fsyty2p/EnlxbubjNwZLD ETI9t2SOaU5e/z7IDPQAnuqUUwv12o56vTMleuDZ5wtK5YDKBPGNG1YfvVz4jy8M Mhv5yoR/AwlMgDg5cd2IYjpAff8F/4WGt/1Y2fuy2mrDKkB360dvcmXGQdxQa/zi qsMdWekbzJI2uJkmfhOsmKDH8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFz/psTE kdzk9QUArZHQ5o8mYE00MB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUZBOC9FODYxRkQzQUFGRDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJh UUxvV1cyd0NCQVdpTEdTenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3AZqZF/2il8q/xR6ulOdUawuhYWXsfawP7WxAbpsG/FwPfpPSfiGj ggKTA+WxJrl5026lWMIGvi1M9xkRgcdDvAL/2egKtolK/OuWqzpJqHj4trBZcJaa Qts+kmexBfZNpogDFGoU4Ik2/EZMauybvANDqr0aQ24zob3kUkIw0VLKsBZ/C8tk aLw2ZZqGTv99LhETWPjOnJ56ngdVuvMQIeOdQvZqBlY7W2kbrOXVDYz1akJbHk4j Wem2O8VOupWU96DrK79hVIEHQMOISw6fFKQT9PStyP5D3HRlENSyq75HbIWTPDWH 064exaTh/e2/WUtbhnKU/JBh7bsKh2wh -----END CERTIFICATE-----Generated at Thu May 2 20:50:34 2024 by rpki-client on console-fra.rpki-client.org