$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft File: cYQNfZjFz5vWvrRIatRnQGXxR0E.mft (raw, json) Hash identifier: eyMrMSbZa3gscwSH3GFgyRb0yJb5cbMx5V/JAQwmEPQ= Subject key identifier: BA:FE:65:8C:C1:96:4A:31:C8:BD:84:B4:1F:88:BD:3F:A3:15:11:33 Authority key identifier: 71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 Certificate issuer: /CN=A91B7B61/serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Certificate serial: 04E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft Manifest number: 04DD Signing time: Sat 27 Apr 2024 01:17:37 +0000 Manifest this update: Sat 27 Apr 2024 01:17:37 +0000 Manifest next update: Sat 04 May 2024 01:17:37 +0000 Files and hashes: 1: cYQNfZjFz5vWvrRIatRnQGXxR0E.crl (hash: 8TJdoHIIakXij6WGh5JgKNP0FfkvEgKze18hHlF0uew=) 2: C2EFC706CAAE11EBA95C5E64C4F9AE02.roa (hash: q6sLAuUSwf58Tj2wEMhaQb8JCtyb7MpxdvJTeHgvbIw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 01:17:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1248 (0x4e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B61/serialNumber=71840D7D98C5CF9BD6BEB4486AD4674065F14741 Validity Not Before: Apr 27 01:17:37 2024 GMT Not After : May 4 01:17:37 2024 GMT Subject: CN=662c5231-6614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:83:a2:a4:e8:b0:a5:74:eb:bc:7c:08:57:66: 54:53:11:ba:6d:4d:67:93:f6:6d:de:21:4e:1f:01: ec:53:e0:d5:29:45:aa:33:79:3a:30:81:3c:0f:26: 78:81:c2:a3:0a:fe:f0:9b:6a:5b:0b:f3:53:d9:55: d0:94:a0:a6:cf:40:3d:71:c1:40:98:89:56:32:35: 4a:67:b0:ae:2f:fa:07:91:6d:84:91:5f:e6:2b:4d: 02:09:06:a4:ef:48:80:f1:05:24:16:d0:08:9e:ba: 85:fb:b4:a8:4d:8f:97:89:2e:f7:99:64:ce:9d:91: 82:47:bc:ab:64:88:65:d7:4f:0e:6b:4c:4a:2c:83: 83:30:13:f8:7d:7e:8c:e2:4e:06:26:54:62:87:d3: 8e:b8:e0:bc:b0:fd:cb:68:93:45:73:67:ec:1d:25: ff:e9:e0:c8:cd:90:70:ca:4c:e6:42:31:5c:21:0a: b6:cf:e6:ba:23:8f:a7:6d:30:c4:71:46:2a:94:b8: 02:0e:65:f9:cf:ab:48:7d:1c:a4:bc:cf:0a:61:1e: 2e:b0:53:85:4b:42:a7:fc:e2:49:ca:eb:5b:50:7b: 6d:3f:e5:d7:91:b3:87:b8:46:49:76:7e:2c:9f:0c: 55:cf:bc:48:50:9d:4c:47:27:bd:46:2a:bf:e9:97: 20:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:FE:65:8C:C1:96:4A:31:C8:BD:84:B4:1F:88:BD:3F:A3:15:11:33 X509v3 Authority Key Identifier: keyid:71:84:0D:7D:98:C5:CF:9B:D6:BE:B4:48:6A:D4:67:40:65:F1:47:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cYQNfZjFz5vWvrRIatRnQGXxR0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B61/BE68D302CAAA11EBB8C02B5CC4F9AE02/cYQNfZjFz5vWvrRIatRnQGXxR0E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:4f:22:a5:95:71:a2:f0:89:7a:87:08:c6:d0:bd:c4:44:f9: 77:7f:8c:bf:f7:aa:a8:dc:08:be:ee:2f:34:6b:56:7d:42:ed: fc:5f:06:17:19:01:19:38:98:cf:b6:f5:91:62:30:54:10:7d: e2:8d:14:fe:37:04:36:ed:da:ea:bc:70:b6:ff:da:48:7b:ea: be:c1:6d:fd:ba:a5:78:35:59:cd:40:fe:5f:b7:d9:9b:7a:0c: d5:ff:65:bb:9b:3c:73:f9:33:c7:d1:0e:f3:c8:a5:f6:73:cc: 01:8b:7a:fd:29:47:c7:ee:55:e5:6d:c8:e7:30:59:af:45:6f: 84:91:1d:99:8e:73:80:40:40:3c:cc:d5:c8:51:90:04:11:98: 31:ed:db:89:e8:ec:3b:ae:51:cc:6b:db:a8:e7:ff:2f:f8:e2: e2:9f:b0:36:ed:5c:47:fb:d3:3c:f9:31:12:91:0d:7b:44:32: c2:c9:fe:79:77:3b:54:8b:79:25:b3:92:b3:8c:99:a6:d6:1e: f8:08:35:f0:b3:b9:14:4a:f4:d2:f1:24:3f:8f:2f:8b:45:af: 25:4e:2d:e3:32:d6:ad:70:63:ed:42:60:d6:9a:dc:44:0f:1c: 2a:aa:fb:c1:82:f9:42:f9:ad:98:da:df:a7:6d:28:aa:97:96: 4f:ac:25:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCNjExMTAvBgNVBAUTKDcxODQwRDdEOThDNUNGOUJENkJFQjQ0ODZBRDQ2NzQw NjVGMTQ3NDEwHhcNMjQwNDI3MDExNzM3WhcNMjQwNTA0MDExNzM3WjAYMRYwFAYD VQQDEw02NjJjNTIzMS02NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsYOipOiwpXTrvHwIV2ZUUxG6bU1nk/Zt3iFOHwHsU+DVKUWqM3k6MIE8DyZ4 gcKjCv7wm2pbC/NT2VXQlKCmz0A9ccFAmIlWMjVKZ7CuL/oHkW2EkV/mK00CCQak 70iA8QUkFtAInrqF+7SoTY+XiS73mWTOnZGCR7yrZIhl108Oa0xKLIODMBP4fX6M 4k4GJlRih9OOuOC8sP3LaJNFc2fsHSX/6eDIzZBwykzmQjFcIQq2z+a6I4+nbTDE cUYqlLgCDmX5z6tIfRykvM8KYR4usFOFS0Kn/OJJyutbUHttP+XXkbOHuEZJdn4s nwxVz7xIUJ1MRye9Riq/6ZcgnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLr+ZYzB lkoxyL2EtB+IvT+jFREzMB8GA1UdIwQYMBaAFHGEDX2Yxc+b1r60SGrUZ0Bl8UdB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0I2MS9CRTY4RDMwMkNB QUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1dld2clJJYXRSblFHWHhS MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NZUU5mWmpGejV2V3ZyUklhdFJuUUdYeFIwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0I2MS9CRTY4RDMwMkNBQUExMUVCQjhDMDJCNUNDNEY5QUUwMi9jWVFOZlpqRno1 dld2clJJYXRSblFHWHhSMEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0TyKllXGi8Il6hwjG0L3ERPl3f4y/96qo3Ai+7i80a1Z9Qu38XwYX GQEZOJjPtvWRYjBUEH3ijRT+NwQ27drqvHC2/9pIe+q+wW39uqV4NVnNQP5ft9mb egzV/2W7mzxz+TPH0Q7zyKX2c8wBi3r9KUfH7lXlbcjnMFmvRW+EkR2ZjnOAQEA8 zNXIUZAEEZgx7duJ6Ow7rlHMa9uo5/8v+OLin7A27VxH+9M8+TESkQ17RDLCyf55 dztUi3kls5KzjJmm1h74CDXws7kUSvTS8SQ/jy+LRa8lTi3jMtatcGPtQmDWmtxE DxwqqvvBgvlC+a2Y2t+nbSiql5ZPrCVL -----END CERTIFICATE-----Generated at Sat Apr 27 10:20:20 2024 by rpki-client on console-ams.rpki-client.org