$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: yn1s72Uneq1M62xRLGqWYEFR0GpzndZuZufew33Ell0= Subject key identifier: 7B:87:BE:73:D2:FB:94:78:F6:DA:C3:A0:BA:5C:63:CC:C1:B8:43:28 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 011D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 011B Signing time: Fri 17 May 2024 05:21:09 +0000 Manifest this update: Fri 17 May 2024 05:21:08 +0000 Manifest next update: Fri 24 May 2024 05:21:08 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: 8po9SqFt/PEeQs4VLBE88WJJ7B8c1IDexn9y+R6B810=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: xE/xZa6TYzKjMLhAvEDRO+yMvL872xJ1e6xs+4CgEjM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:50:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 285 (0x11d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: May 17 05:21:08 2024 GMT Not After : May 24 05:21:08 2024 GMT Subject: CN=6646e945-d410 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ad:22:55:52:b2:a1:b7:9d:5e:64:2b:11:92: 54:38:f1:e8:b3:1d:f7:58:9e:cd:2f:67:bf:c0:73: 1d:6e:ad:f7:d7:60:34:68:03:af:7a:6f:25:fd:2e: 6d:a9:62:9b:84:c5:c8:a4:0c:98:90:ff:7c:3d:ad: b8:00:1e:eb:a8:09:c7:6d:d5:80:bd:bb:ec:02:3c: c7:3c:d8:75:3a:f6:a1:98:11:4d:38:43:cb:f9:e8: f4:c2:8a:00:d7:6b:19:14:6b:73:76:7e:fb:3e:96: 4d:8a:90:3c:74:a4:5a:7b:55:a6:f2:b2:2c:06:84: 03:c7:ca:b3:c0:63:b2:c1:9b:d1:cd:50:ff:d4:0b: c5:e7:a3:c3:fe:36:6d:b7:c9:4e:4e:37:45:b3:16: 47:26:de:8c:bc:e6:89:70:a7:4f:b2:6b:e3:24:56: 5b:7f:b9:14:64:8c:f7:6e:d8:75:eb:66:a4:ff:3e: f6:5e:57:96:be:24:a3:8c:60:81:85:69:18:18:04: da:45:39:8f:21:7a:7c:43:98:2d:7c:d5:cd:e3:97: 41:35:42:a6:47:be:32:ab:7d:43:33:7f:dc:67:cd: 8c:2c:35:8a:f3:bf:ba:6e:94:33:93:e0:e2:f7:bb: 0f:f1:08:7f:6a:10:b3:e8:96:f0:fa:03:1c:d9:8a: c4:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:87:BE:73:D2:FB:94:78:F6:DA:C3:A0:BA:5C:63:CC:C1:B8:43:28 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:40:7d:9d:cc:92:64:cd:19:7a:40:42:5c:bb:bf:50:de:3a: 21:26:5e:7c:21:e4:d5:a3:21:d6:7f:e1:b8:61:62:3c:ae:a9: 6d:0b:3a:ca:ac:1d:3c:d1:31:c6:83:c4:b9:90:da:3f:e8:e1: 2e:a9:11:b2:de:be:fa:d4:92:e7:20:12:96:94:e6:b3:84:8b: 02:e7:8e:f0:23:31:a0:94:a3:2b:0d:8f:63:2b:74:57:42:5b: 11:1d:c9:0b:bf:d4:78:81:3e:a9:c6:1e:44:f2:87:5a:03:1b: 72:f7:0d:60:29:f8:bb:53:c1:72:af:ca:d5:f4:86:35:ff:92: 19:3d:53:24:06:88:f6:c2:76:97:2b:92:76:3b:19:f2:cf:f1: d4:ee:0f:08:07:e0:c4:61:2f:eb:88:b9:75:a7:c6:71:0f:ce: 9e:6a:39:47:03:81:fb:1f:ff:7d:85:e4:25:8a:81:eb:3d:64: 7b:77:3a:a3:93:f7:0d:a7:49:2b:aa:f1:03:79:4f:4a:93:62: c8:17:80:f9:73:d0:d3:83:ab:a4:b0:9d:08:0b:7a:33:1a:db: ef:22:bb:2e:fb:02:61:c8:f0:a3:3e:26:04:9c:4b:88:de:02: 6b:09:4b:f8:6f:f7:b1:09:31:74:e7:7d:9b:4d:af:f8:54:ad: 5f:44:6b:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjQwNTE3MDUyMTA4WhcNMjQwNTI0MDUyMTA4WjAYMRYwFAYD VQQDEw02NjQ2ZTk0NS1kNDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0q0iVVKyobedXmQrEZJUOPHosx33WJ7NL2e/wHMdbq3312A0aAOvem8l/S5t qWKbhMXIpAyYkP98Pa24AB7rqAnHbdWAvbvsAjzHPNh1OvahmBFNOEPL+ej0wooA 12sZFGtzdn77PpZNipA8dKRae1Wm8rIsBoQDx8qzwGOywZvRzVD/1AvF56PD/jZt t8lOTjdFsxZHJt6MvOaJcKdPsmvjJFZbf7kUZIz3bth162ak/z72XleWviSjjGCB hWkYGATaRTmPIXp8Q5gtfNXN45dBNUKmR74yq31DM3/cZ82MLDWK87+6bpQzk+Di 97sP8Qh/ahCz6Jbw+gMc2YrEwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHuHvnPS +5R49trDoLpcY8zBuEMoMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2QH2dzJJkzRl6QEJcu79Q3johJl58IeTVoyHWf+G4YWI8rqltCzrK rB080THGg8S5kNo/6OEuqRGy3r761JLnIBKWlOazhIsC547wIzGglKMrDY9jK3RX QlsRHckLv9R4gT6pxh5E8odaAxty9w1gKfi7U8Fyr8rV9IY1/5IZPVMkBoj2wnaX K5J2Oxnyz/HU7g8IB+DEYS/riLl1p8ZxD86eajlHA4H7H/99heQlioHrPWR7dzqj k/cNp0krqvEDeU9Kk2LIF4D5c9DTg6uksJ0IC3ozGtvvIrsu+wJhyPCjPiYEnEuI 3gJrCUv4b/exCTF0532bTa/4VK1fRGvP -----END CERTIFICATE-----Generated at Fri May 17 06:46:27 2024 by rpki-client on console-ams.rpki-client.org