$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft File: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json) Hash identifier: ohR8hrIJWoswlGMFgYuuTQXMOUU1/h8sVTZmTXxjp/I= Subject key identifier: 16:97:AE:12:3B:FC:8D:CA:B2:7C:FE:F7:FF:D8:7E:A5:EC:0D:F9:68 Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 Certificate issuer: /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft Manifest number: 23 Signing time: Fri 17 May 2024 08:42:54 +0000 Manifest this update: Fri 17 May 2024 08:42:54 +0000 Manifest next update: Fri 24 May 2024 08:42:54 +0000 Files and hashes: 1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: BGJyy2tgOShPDdRidjoQ05TEzbBu6QXrb8PMmJEFPvY=) 2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: gkDhVsMy2wpjgH+HYZGfejjLuVLx5h/KbFkHjnnS0sg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Validity Not Before: May 17 08:42:54 2024 GMT Not After : May 24 08:42:54 2024 GMT Subject: CN=6647188e-2ec9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e7:f2:98:2b:d0:70:07:44:64:3b:01:86:23: d5:44:2e:cf:03:3f:48:65:a1:0e:17:ef:ab:0b:a7: f2:9d:a3:fb:f8:d0:60:9c:8c:4a:f6:98:27:b2:be: e5:1b:01:e3:6e:4a:67:93:cd:b3:c3:b4:93:68:4b: 6f:49:e9:b0:3f:6b:1c:44:81:d9:d2:64:73:e3:28: a8:f2:62:2d:51:e7:94:93:fe:93:25:54:bc:ee:04: af:05:fa:17:0b:12:ea:fc:d3:44:00:aa:84:3d:e7: 46:96:9e:d6:c4:4a:fc:17:4a:53:2a:66:da:a1:e5: 2e:8f:23:de:a3:df:e8:c3:8a:f2:d3:45:e5:c8:aa: c1:c5:6d:0d:a5:bb:fe:94:ad:bb:6b:b9:03:08:25: ae:fc:c2:df:29:38:3c:1c:66:b6:48:6f:a0:46:45: 6b:0a:9b:e7:e3:e3:e6:a2:3a:9a:21:ef:3c:ec:e1: 55:17:68:23:ea:38:e3:a2:76:f6:2f:7c:92:d1:9b: 06:07:40:2a:b9:6e:6b:77:e3:fa:c7:af:ee:2a:f8: b6:47:90:fd:58:ef:c7:f5:7e:13:30:bd:ae:06:c0: f7:94:93:06:f5:03:79:18:50:ca:84:c8:b1:86:43: 60:75:c0:5f:f1:e4:95:ab:e3:5b:23:c4:91:3d:21: b5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:97:AE:12:3B:FC:8D:CA:B2:7C:FE:F7:FF:D8:7E:A5:EC:0D:F9:68 X509v3 Authority Key Identifier: keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:44:8f:5c:90:e1:12:82:23:2a:a9:37:23:67:52:59:19:4a: 50:13:97:9b:b8:0e:fa:c3:89:43:3e:f0:4d:5d:11:a5:4b:93: 66:11:78:4c:8e:d8:e8:49:9f:d1:51:bb:52:96:6c:ef:dd:c3: cd:d9:df:c0:68:ee:dc:38:3f:5e:02:fb:91:d7:2c:e6:7b:1a: 13:c6:c0:5e:d5:3b:25:63:ce:8f:e7:43:72:20:db:68:f5:c3: b6:38:3e:37:83:59:8b:dc:08:12:68:d5:55:7e:8e:ec:f4:82: 36:13:51:c5:ce:cf:cb:6f:7a:0a:50:48:08:f5:58:eb:db:9c: 2c:96:bc:bf:9a:b9:14:3b:ed:80:0a:35:a0:92:23:ec:12:df: 3f:2f:c2:ec:ac:a8:f9:50:37:d1:09:a2:81:f1:d3:61:41:15: 8b:68:cf:47:5b:27:3c:fc:b9:fc:fd:fa:56:59:4a:27:38:b8: 6d:55:55:f5:11:c8:57:09:bd:c3:bd:83:45:5f:9a:b3:fd:f3: 94:95:3c:c5:cc:66:98:7c:83:92:65:28:0a:a8:a7:7c:0b:c6: 04:48:45:06:06:8a:3d:2f:8e:a3:3d:70:19:d4:c8:82:48:f1: 92:27:eb:8a:0b:67:c1:3d:f6:46:ee:23:e1:e7:f6:e4:c7:2e: 80:0c:3a:9a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NjVBQzExMC8GA1UEBRMoQTEwRjU3ODNDOEY5QTZEOTREMjlCNEFBOTBDNTZFMDE2 QkI1MTQ1NjAeFw0yNDA1MTcwODQyNTRaFw0yNDA1MjQwODQyNTRaMBgxFjAUBgNV BAMTDTY2NDcxODhlLTJlYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCb5/KYK9BwB0RkOwGGI9VELs8DP0hloQ4X76sLp/Kdo/v40GCcjEr2mCeyvuUb AeNuSmeTzbPDtJNoS29J6bA/axxEgdnSZHPjKKjyYi1R55ST/pMlVLzuBK8F+hcL Eur800QAqoQ950aWntbESvwXSlMqZtqh5S6PI96j3+jDivLTReXIqsHFbQ2lu/6U rbtruQMIJa78wt8pODwcZrZIb6BGRWsKm+fj4+aiOpoh7zzs4VUXaCPqOOOidvYv fJLRmwYHQCq5bmt34/rHr+4q+LZHkP1Y78f1fhMwva4GwPeUkwb1A3kYUMqEyLGG Q2B1wF/x5JWr41sjxJE9IbWRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFpeuEjv8 jcqyfP73/9h+pewN+WgwHwYDVR0jBBgwFoAUoQ9Xg8j5ptlNKbSqkMVuAWu1FFYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2NUFDL0NCNzRGOEJFRTFF MDExRUVBRjZFMUU2OEM0RjlBRTAyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZG WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvb1E5WGc4ajVwdGxOS2JTcWtNVnVBV3UxRkZZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2 NUFDL0NCNzRGOEJFRTFFMDExRUVBRjZFMUU2OEM0RjlBRTAyL29ROVhnOGo1cHRs TktiU3FrTVZ1QVd1MUZGWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALZEj1yQ4RKCIyqpNyNnUlkZSlATl5u4DvrDiUM+8E1dEaVLk2YReEyO 2OhJn9FRu1KWbO/dw83Z38Bo7tw4P14C+5HXLOZ7GhPGwF7VOyVjzo/nQ3Ig22j1 w7Y4PjeDWYvcCBJo1VV+juz0gjYTUcXOz8tvegpQSAj1WOvbnCyWvL+auRQ77YAK NaCSI+wS3z8vwuysqPlQN9EJooHx02FBFYtoz0dbJzz8ufz9+lZZSic4uG1VVfUR yFcJvcO9g0VfmrP985SVPMXMZph8g5JlKAqop3wLxgRIRQYGij0vjqM9cBnUyIJI 8ZIn64oLZ8E99kbuI+Hn9uTHLoAMOpo= -----END CERTIFICATE-----Generated at Fri May 17 10:10:52 2024 by rpki-client on console-fra.rpki-client.org