$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft File: uOlsag2VSKKgQMvnGZdFun2x7Sg.mft (raw, json) Hash identifier: iIxnB31RLM53E0eATKDiB62xv5k+/it4UMkkJS9jsvM= Subject key identifier: 7F:D5:50:15:91:84:D9:CC:1F:49:3D:2A:C6:2F:B3:4A:47:D3:E8:05 Authority key identifier: B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 Certificate issuer: /CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Certificate serial: 08DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft Manifest number: 4405 Signing time: Thu 18 Apr 2024 16:10:14 +0000 Manifest this update: Thu 18 Apr 2024 16:10:13 +0000 Manifest next update: Thu 25 Apr 2024 16:10:13 +0000 Files and hashes: 1: uOlsag2VSKKgQMvnGZdFun2x7Sg.crl (hash: D4EGJgFO6PKQQ90SHNA70+dmiWsgZl3gMy1hP4l9Tsk=) 2: 7CEC1452E17E11ECAB421316C4F9AE02.roa (hash: nG/jUopxkthLdcs0Bc0H5El6keEVWt1e+jWBx/e/uTE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Apr 2024 16:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2269 (0x8dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2D29/serialNumber=B8E96C6A0D9548A2A040CBE7199745BA7DB1ED28 Validity Not Before: Apr 18 16:10:13 2024 GMT Not After : Apr 25 16:10:13 2024 GMT Subject: CN=662145e6-25a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:41:86:9d:37:7a:b5:fb:0c:74:30:dd:0f:44: f4:a1:eb:3d:d5:0f:ac:84:9d:7f:21:f1:46:93:58: 6f:85:cc:31:83:4c:7c:c4:41:e9:3f:f8:90:df:b9: bf:f7:97:98:3d:53:f6:17:64:e2:ec:05:5c:2b:33: 07:78:d0:27:74:54:a1:be:07:ba:00:b0:37:b7:7e: af:8d:af:cb:20:32:1e:89:60:8b:c0:66:e9:39:d8: 7e:58:95:65:1c:39:61:d5:bb:4a:f0:e1:a9:65:5b: 1b:1f:29:82:11:08:2b:4d:36:ef:d6:ef:db:9b:75: da:e9:c2:60:48:8d:48:5c:ac:65:b9:a7:4c:3a:04: 41:9d:08:a4:98:ba:22:63:fa:db:b0:7e:fd:a6:68: 59:ab:90:e6:ad:cc:fc:da:7a:30:b4:bb:56:37:60: 29:32:f7:5a:b6:0e:9a:61:b5:03:65:75:bc:13:a1: ba:25:2e:7d:16:b3:22:e1:a0:33:d3:90:76:f8:63: f3:f6:2b:ee:29:95:05:cf:b2:27:21:ae:49:57:1d: c3:d0:60:f5:8e:37:13:c5:60:3f:da:48:7f:38:e6: 43:df:f0:83:6d:8f:d6:c5:2f:4d:c5:d4:ee:70:fb: 4e:ae:2b:a5:6f:7b:ad:03:0e:47:15:6d:76:11:2f: 60:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:D5:50:15:91:84:D9:CC:1F:49:3D:2A:C6:2F:B3:4A:47:D3:E8:05 X509v3 Authority Key Identifier: keyid:B8:E9:6C:6A:0D:95:48:A2:A0:40:CB:E7:19:97:45:BA:7D:B1:ED:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uOlsag2VSKKgQMvnGZdFun2x7Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2D29/F71E7166552111E5ADB2092AC4F9AE02/uOlsag2VSKKgQMvnGZdFun2x7Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:8f:fd:63:bb:0f:a2:85:3a:ff:5e:0e:52:5d:d4:1f:b1:23: d4:91:40:4c:36:de:79:f9:44:0a:0f:77:fb:fc:ae:81:3b:7c: c4:78:fc:66:94:95:c4:53:f0:3b:5c:94:81:a3:fd:a4:86:ff: c5:74:7f:ad:b0:b2:fc:cd:6e:13:2c:b6:94:28:ad:20:94:84: c0:d8:36:03:63:b4:46:89:d9:88:b3:48:80:35:c0:40:b6:ac: ea:62:12:7e:3b:62:3d:9c:84:a9:12:80:f3:06:e5:0d:13:ec: 9f:4a:99:e4:bb:eb:ff:a2:4c:79:77:43:04:c8:b2:02:d6:a8: 3c:35:f0:c0:94:67:a2:09:c0:5e:6d:de:c7:20:7b:3b:d9:aa: dc:46:53:e8:d9:68:ac:af:ec:f9:37:05:fc:71:4d:87:4e:b5: fd:54:02:a8:8c:fe:d0:9e:c2:c8:4a:75:0c:c1:19:72:5e:bd: 7b:78:67:be:ca:dd:7b:c0:07:12:19:e3:70:58:ac:25:e4:d7: 94:4d:9e:3f:50:29:31:4b:56:35:87:1b:e4:47:5d:52:bc:9e: 1d:f0:ae:f9:c5:d6:17:9d:bd:29:51:35:da:50:26:b3:13:07: d8:dd:b5:8e:44:fa:c3:64:6c:83:af:27:2c:84:c5:c0:3a:80: 4f:ae:18:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJEMjkxMTAvBgNVBAUTKEI4RTk2QzZBMEQ5NTQ4QTJBMDQwQ0JFNzE5OTc0NUJB N0RCMUVEMjgwHhcNMjQwNDE4MTYxMDEzWhcNMjQwNDI1MTYxMDEzWjAYMRYwFAYD VQQDEw02NjIxNDVlNi0yNWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5kGGnTd6tfsMdDDdD0T0oes91Q+shJ1/IfFGk1hvhcwxg0x8xEHpP/iQ37m/ 95eYPVP2F2Ti7AVcKzMHeNAndFShvge6ALA3t36vja/LIDIeiWCLwGbpOdh+WJVl HDlh1btK8OGpZVsbHymCEQgrTTbv1u/bm3Xa6cJgSI1IXKxluadMOgRBnQikmLoi Y/rbsH79pmhZq5Dmrcz82nowtLtWN2ApMvdatg6aYbUDZXW8E6G6JS59FrMi4aAz 05B2+GPz9ivuKZUFz7InIa5JVx3D0GD1jjcTxWA/2kh/OOZD3/CDbY/WxS9NxdTu cPtOriulb3utAw5HFW12ES9g5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH/VUBWR hNnMH0k9KsYvs0pH0+gFMB8GA1UdIwQYMBaAFLjpbGoNlUiioEDL5xmXRbp9se0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkQyOS9GNzFFNzE2NjU1 MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNLS2dRTXZuR1pkRnVuMng3 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VPbHNhZzJWU0tLZ1FNdm5HWmRGdW4yeDdTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkQyOS9GNzFFNzE2NjU1MjExMUU1QURCMjA5MkFDNEY5QUUwMi91T2xzYWcyVlNL S2dRTXZuR1pkRnVuMng3U2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0j/1juw+ihTr/Xg5SXdQfsSPUkUBMNt55+UQKD3f7/K6BO3zEePxm lJXEU/A7XJSBo/2khv/FdH+tsLL8zW4TLLaUKK0glITA2DYDY7RGidmIs0iANcBA tqzqYhJ+O2I9nISpEoDzBuUNE+yfSpnku+v/okx5d0MEyLIC1qg8NfDAlGeiCcBe bd7HIHs72arcRlPo2Wisr+z5NwX8cU2HTrX9VAKojP7QnsLISnUMwRlyXr17eGe+ yt17wAcSGeNwWKwl5NeUTZ4/UCkxS1Y1hxvkR11SvJ4d8K75xdYXnb0pUTXaUCaz EwfY3bWORPrDZGyDrycshMXAOoBPrhiC -----END CERTIFICATE-----Generated at Thu Apr 18 18:16:07 2024 by rpki-client on console-fra.rpki-client.org