$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft File: yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft (raw, json) Hash identifier: sHxqKID+ybmfwdu0HskxOqnkdODHezpBxjmEl+QDrGg= Subject key identifier: FA:F7:D2:41:7F:0B:4B:27:7D:BD:50:89:13:03:F2:BC:C4:05:23:97 Authority key identifier: C8:90:92:54:F6:96:66:D5:85:E3:10:AC:D8:DF:F2:B1:FB:9A:5F:2A Certificate issuer: /CN=A91B3558/serialNumber=C8909254F69666D585E310ACD8DFF2B1FB9A5F2A Certificate serial: 0F95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft Manifest number: 0F8B Signing time: Thu 02 May 2024 18:10:47 +0000 Manifest this update: Thu 02 May 2024 18:10:46 +0000 Manifest next update: Thu 09 May 2024 18:10:46 +0000 Files and hashes: 1: yJCSVPaWZtWF4xCs2N_ysfuaXyo.crl (hash: j8NNTKzL1IhvFhzD4SlT4tPjVsbPsAB//4zkcANcIR8=) 2: 97DCD534391211E99E31F655C4F9AE02.roa (hash: F5FtRE3LurbbC4C9r3/+ElKSAxCmRV9MJ4xGL6NHLTk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.crl rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 18:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3989 (0xf95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3558/serialNumber=C8909254F69666D585E310ACD8DFF2B1FB9A5F2A Validity Not Before: May 2 18:10:46 2024 GMT Not After : May 9 18:10:46 2024 GMT Subject: CN=6633d727-e520 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:83:9a:df:be:9c:a6:af:bc:4b:77:93:f0:18: bb:39:93:cf:44:5e:a7:12:12:77:a4:2d:11:9a:80: 26:cf:3a:6c:6f:bf:ff:d8:12:46:ed:d3:64:7d:fd: b9:e3:5f:a4:7d:53:e8:96:76:ab:c9:8f:51:ca:eb: 24:24:69:8e:47:90:5a:8a:b3:45:e9:ed:16:c0:68: 85:7e:0e:63:8d:a8:45:99:79:9d:e0:ea:5e:69:c1: 2e:92:23:e5:66:bb:c7:c6:79:0e:fe:ed:a7:42:c9: fe:03:4a:25:b6:3f:68:9a:f0:13:42:12:84:b9:f6: 95:86:19:9a:cd:1e:08:07:46:da:e7:ff:1b:4c:cf: 61:81:e5:79:22:45:b3:04:b9:a9:73:0a:dd:b6:06: b6:9c:fd:2f:4a:93:55:b7:0e:4e:02:7a:6b:88:c3: 65:e4:9a:29:59:d1:0f:b5:c6:2d:1a:be:0e:e7:f1: 39:37:be:79:6c:b0:06:14:a7:28:aa:a8:b0:db:93: 31:1e:e2:12:5c:9e:50:78:6c:3e:ac:69:8f:b7:63: 36:f7:3b:be:ac:eb:7a:bb:60:3c:bf:bb:0a:a0:3a: de:ce:f4:d5:0b:91:53:3f:fa:3e:e0:85:e9:47:40: 06:43:5e:de:df:3f:7a:7a:05:8a:af:92:98:ad:a8: a6:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:F7:D2:41:7F:0B:4B:27:7D:BD:50:89:13:03:F2:BC:C4:05:23:97 X509v3 Authority Key Identifier: keyid:C8:90:92:54:F6:96:66:D5:85:E3:10:AC:D8:DF:F2:B1:FB:9A:5F:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:c7:cb:17:d4:cd:02:83:95:ba:ec:3e:2d:fc:f9:b7:3c:ae: 64:c3:ea:db:08:2d:20:76:12:1b:d1:e7:4d:3d:aa:e6:ad:7f: ad:bc:d8:71:1f:32:b5:91:ef:10:1a:df:4b:dd:1c:11:3a:6d: a0:12:7d:d5:83:c1:03:44:b5:e6:b8:f1:ad:4f:fa:0e:e4:f1: 08:3f:24:b0:da:6e:38:22:be:5b:a9:48:12:81:2a:9e:ad:ce: 66:2d:0e:0e:f7:55:4e:20:68:2e:74:a9:55:db:5b:6b:ab:8c: ae:92:ab:11:22:39:00:98:6d:69:ea:60:13:21:b0:a1:f2:74: 54:2f:ad:98:36:c1:e9:f6:f6:f7:61:76:98:9d:0d:05:79:47: ac:30:12:4a:32:fe:54:23:ce:ac:16:85:f4:bb:ce:f9:36:4e: f1:b7:c0:48:b8:a4:c6:f4:4e:24:80:69:f0:b5:9d:b1:40:73: 22:43:d2:ae:69:18:45:0b:96:e1:36:ff:b5:02:b8:bf:e8:a5: f6:01:b6:1f:20:87:45:16:ef:be:0f:57:bf:33:7c:84:e4:15: c4:18:f9:cc:0c:c4:d4:64:76:47:28:fa:8c:d7:91:cc:14:62: 1e:4b:fe:bd:a3:21:79:31:84:7a:d5:ea:f0:92:c9:db:d5:f3: 48:4f:1d:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjM1NTgxMTAvBgNVBAUTKEM4OTA5MjU0RjY5NjY2RDU4NUUzMTBBQ0Q4REZGMkIx RkI5QTVGMkEwHhcNMjQwNTAyMTgxMDQ2WhcNMjQwNTA5MTgxMDQ2WjAYMRYwFAYD VQQDEw02NjMzZDcyNy1lNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwoOa376cpq+8S3eT8Bi7OZPPRF6nEhJ3pC0RmoAmzzpsb7//2BJG7dNkff25 41+kfVPolnaryY9RyuskJGmOR5BairNF6e0WwGiFfg5jjahFmXmd4OpeacEukiPl ZrvHxnkO/u2nQsn+A0oltj9omvATQhKEufaVhhmazR4IB0ba5/8bTM9hgeV5IkWz BLmpcwrdtga2nP0vSpNVtw5OAnpriMNl5JopWdEPtcYtGr4O5/E5N755bLAGFKco qqiw25MxHuISXJ5QeGw+rGmPt2M29zu+rOt6u2A8v7sKoDrezvTVC5FTP/o+4IXp R0AGQ17e3z96egWKr5KYraim0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPr30kF/ C0snfb1QiRMD8rzEBSOXMB8GA1UdIwQYMBaAFMiQklT2lmbVheMQrNjf8rH7ml8q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzU1OC8wRjIxMjE0RTM5 MDUxMUU5OUEzMzAyMzNDNEY5QUUwMi95SkNTVlBhV1p0V0Y0eENzMk5feXNmdWFY eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lKQ1NWUGFXWnRXRjR4Q3MyTl95c2Z1YVh5by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MzU1OC8wRjIxMjE0RTM5MDUxMUU5OUEzMzAyMzNDNEY5QUUwMi95SkNTVlBhV1p0 V0Y0eENzMk5feXNmdWFYeW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFx8sX1M0Cg5W67D4t/Pm3PK5kw+rbCC0gdhIb0edNParmrX+tvNhx HzK1ke8QGt9L3RwROm2gEn3Vg8EDRLXmuPGtT/oO5PEIPySw2m44Ir5bqUgSgSqe rc5mLQ4O91VOIGgudKlV21trq4yukqsRIjkAmG1p6mATIbCh8nRUL62YNsHp9vb3 YXaYnQ0FeUesMBJKMv5UI86sFoX0u875Nk7xt8BIuKTG9E4kgGnwtZ2xQHMiQ9Ku aRhFC5bhNv+1Ari/6KX2AbYfIIdFFu++D1e/M3yE5BXEGPnMDMTUZHZHKPqM15HM FGIeS/69oyF5MYR61erwksnb1fNITx0x -----END CERTIFICATE-----Generated at Thu May 2 20:04:53 2024 by rpki-client on console-ams.rpki-client.org