$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: i2JH4i4BwWqsGWdtqzubUC2rhf7So4gwo8QaZSdacqw= Subject key identifier: 52:9A:62:F4:A8:A5:A5:B8:3C:F0:85:82:9C:28:4D:73:C6:6C:26:1C Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 088D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 0888 Signing time: Thu 02 May 2024 21:42:35 +0000 Manifest this update: Thu 02 May 2024 21:42:35 +0000 Manifest next update: Thu 09 May 2024 21:42:35 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: +Uf5HZNpr+BTms/3CwLyuk4qUfmYv2+LwsCm97idkXc=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: d6SxXVS1lQJvsIAW+IUDOIk4BqrA5vmSuci8klQHiNY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 21:27:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2189 (0x88d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: May 2 21:42:35 2024 GMT Not After : May 9 21:42:35 2024 GMT Subject: CN=663408cb-7244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f2:5e:39:a1:a5:d8:cd:47:a0:2e:5f:c5:2e: 2f:1d:ab:e2:d7:5b:8b:fc:0e:a1:ce:b9:89:ab:fd: 2c:af:be:4d:df:a7:fa:0e:b2:88:4c:55:a4:c7:94: f8:02:54:dd:5b:02:0a:57:62:78:04:2a:5f:a0:b6: 97:79:b9:94:97:91:23:68:7c:3f:e6:e6:ea:a9:a2: 80:0b:bc:6d:a1:62:32:d6:3c:f7:45:89:c5:f1:b9: 67:c2:8b:53:1e:0d:64:3f:2c:ec:c1:ee:42:8e:26: ff:d3:2c:73:07:c2:04:aa:b4:70:a6:23:04:02:18: 4a:0d:46:6b:3e:66:5f:c6:25:52:14:33:1b:79:ed: 52:6f:7a:9d:e6:9f:cf:be:55:74:e1:5b:4d:96:ad: 42:ae:e0:d7:2b:c1:30:e0:f9:31:01:11:91:e4:e5: 7c:98:63:a6:ea:9f:ad:44:ae:21:15:d8:2c:a7:f9: 7d:e8:c3:5a:ee:04:13:1a:e4:f4:97:35:21:b8:b9: b6:20:9d:bb:08:1c:5b:72:d2:6c:16:51:6b:d8:41: d2:51:69:40:58:b1:d8:2f:9b:af:d7:b7:99:ac:e2: 04:40:38:c8:ed:e4:c7:db:1b:d3:90:f9:dc:40:ab: dd:f9:a0:96:19:4e:2b:c4:75:aa:ac:cc:e9:48:c4: 8c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:9A:62:F4:A8:A5:A5:B8:3C:F0:85:82:9C:28:4D:73:C6:6C:26:1C X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:43:71:03:ec:b4:f7:87:a1:ba:b9:37:cc:d2:4c:cf:d8:e6: 36:2c:ed:99:38:5a:f1:0c:4a:a3:57:b4:88:cd:a9:c9:3a:e9: 97:b4:10:b1:c3:56:c3:d2:9f:77:b9:42:25:5d:87:ed:cf:11: 0e:cc:ca:07:1e:be:80:45:26:99:1a:4c:f5:3c:20:5b:47:08: 36:6f:98:a7:24:75:b7:f7:cb:ae:3b:4e:7d:65:5b:92:b8:53: 4a:78:d4:95:88:44:c8:75:18:bc:34:ac:c0:1b:93:ef:dd:1a: f3:7e:87:f3:49:a2:00:fe:df:0a:4b:4b:f0:82:76:45:a0:d2: da:44:47:1a:63:c6:6d:a5:b8:f7:38:01:fe:95:83:5d:03:f8: 67:d0:cc:a5:e4:32:fc:07:ab:72:64:8b:e2:d9:48:08:e7:43: 3c:e8:3b:35:bd:85:84:7c:7f:cf:ff:70:70:15:81:95:7c:1a: a8:d1:8e:f1:86:81:40:98:c2:55:1b:c5:f5:16:5c:e7:01:ea: fd:0a:6d:58:55:67:b1:36:17:ad:ce:6c:37:a1:7b:ba:51:eb: cc:80:27:af:96:4c:97:86:a8:eb:23:f4:87:23:15:c9:00:55: ae:f5:43:56:54:6a:85:2b:d1:72:d0:d0:5a:78:20:9e:39:3d: bc:21:3c:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjQwNTAyMjE0MjM1WhcNMjQwNTA5MjE0MjM1WjAYMRYwFAYD VQQDEw02NjM0MDhjYi03MjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoPJeOaGl2M1HoC5fxS4vHavi11uL/A6hzrmJq/0sr75N36f6DrKITFWkx5T4 AlTdWwIKV2J4BCpfoLaXebmUl5EjaHw/5ubqqaKAC7xtoWIy1jz3RYnF8blnwotT Hg1kPyzswe5Cjib/0yxzB8IEqrRwpiMEAhhKDUZrPmZfxiVSFDMbee1Sb3qd5p/P vlV04VtNlq1CruDXK8Ew4PkxARGR5OV8mGOm6p+tRK4hFdgsp/l96MNa7gQTGuT0 lzUhuLm2IJ27CBxbctJsFlFr2EHSUWlAWLHYL5uv17eZrOIEQDjI7eTH2xvTkPnc QKvd+aCWGU4rxHWqrMzpSMSMRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFKaYvSo paW4PPCFgpwoTXPGbCYcMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrQ3ED7LT3h6G6uTfM0kzP2OY2LO2ZOFrxDEqjV7SIzanJOumXtBCx w1bD0p93uUIlXYftzxEOzMoHHr6ARSaZGkz1PCBbRwg2b5inJHW398uuO059ZVuS uFNKeNSViETIdRi8NKzAG5Pv3RrzfofzSaIA/t8KS0vwgnZFoNLaREcaY8Ztpbj3 OAH+lYNdA/hn0Myl5DL8B6tyZIvi2UgI50M86Ds1vYWEfH/P/3BwFYGVfBqo0Y7x hoFAmMJVG8X1FlznAer9Cm1YVWexNhetzmw3oXu6UevMgCevlkyXhqjrI/SHIxXJ AFWu9UNWVGqFK9Fy0NBaeCCeOT28ITxk -----END CERTIFICATE-----Generated at Thu May 2 22:28:57 2024 by rpki-client on console-ams.rpki-client.org