$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: A3pzFFLo59i4+cxzcASbvpCRa/Nm7VSU3a1hySCwDAU= Subject key identifier: 5D:D9:F6:DF:A6:99:FB:C7:02:6F:F5:69:10:BD:F4:C2:FF:7F:0D:6D Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: 1D Signing time: Wed 15 May 2024 08:49:52 +0000 Manifest this update: Wed 15 May 2024 08:49:52 +0000 Manifest next update: Wed 22 May 2024 08:49:52 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: Fb3IsNI/qRXpujknYeU0Bwg4eaD57ZyLaFFlJMx4jtk=) 2: 33B566F2E80811EEB4888B0FC4F9AE02.roa (hash: NoXuOW0Fxe9kbmt2KuqfmbmSgijDj9PUL7XzIgwj6mw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 08:49:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: May 15 08:49:52 2024 GMT Not After : May 22 08:49:52 2024 GMT Subject: CN=66447730-f83e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e9:2f:ea:ba:a5:e7:d1:f2:5a:dd:40:05:8f: 7f:c8:bd:a8:c3:61:fa:23:f1:d5:f0:10:0a:6c:3e: 2a:fb:a2:d6:56:29:1b:ed:2b:42:1e:34:55:cb:c3: 34:68:93:a4:1f:70:a9:85:cb:96:22:bf:2e:09:fa: 3b:38:f0:7b:64:58:e4:7d:2a:2d:77:f8:ca:5d:cd: aa:7b:e2:06:d7:b1:2a:a6:34:37:c6:fd:9c:49:52: 3a:83:59:5a:8d:ae:99:c6:3d:aa:af:7e:25:d6:b8: 9f:85:0a:e6:74:ce:61:27:a6:24:6c:f3:ca:67:bf: 05:9d:aa:6a:7a:00:ca:da:57:8f:11:ad:32:03:fc: 04:f8:e2:a4:e3:b5:0f:ea:09:9c:70:70:90:a8:1d: 84:0f:bc:1b:44:be:c9:1f:19:31:cb:f8:48:58:48: b5:18:76:f1:ea:08:7d:f2:63:3a:9c:c5:9b:03:9d: e7:7a:11:dc:f3:14:3a:1f:b6:c7:48:ea:60:99:dc: ad:85:84:de:05:fa:19:1e:50:03:17:b8:d2:ae:49: a6:30:98:01:5b:0c:65:a1:df:34:2d:56:d3:23:6a: 95:7f:d9:c5:22:2e:58:3c:6f:dc:0a:e9:1a:3f:10: 37:2f:c0:a5:cd:d2:da:56:9f:ad:4e:6d:55:e6:0b: f9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D9:F6:DF:A6:99:FB:C7:02:6F:F5:69:10:BD:F4:C2:FF:7F:0D:6D X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:45:30:75:39:02:f4:36:02:bc:2f:24:e3:c6:ed:bc:f5:c8: 2c:d7:26:a1:8c:d1:70:93:8f:5f:f2:bd:e9:dc:00:cb:de:97: 7d:f8:82:f7:9a:ae:49:5f:a3:fc:43:09:aa:8c:de:1c:11:72: 9f:5f:16:96:22:5d:13:c5:eb:26:bb:20:8a:1a:d1:3a:2b:e2: db:20:2c:4f:55:e5:2a:0a:f4:29:65:1a:7a:25:87:67:03:5d: f0:c4:56:f5:6f:e5:c8:90:6c:d2:a6:43:d4:57:ec:73:a7:38: d3:be:c7:ec:5b:88:77:8b:7e:bb:45:5e:e5:f1:41:78:aa:64: 00:67:a6:bd:7e:99:fc:ea:71:33:36:e4:64:0a:d3:eb:70:28: 43:a8:ad:cb:bf:dc:fe:03:58:e9:4f:a7:41:3c:35:3c:c1:2c: 24:aa:55:e6:c8:75:8d:c2:d3:93:f3:9c:54:5c:3b:07:37:08: 5d:86:3d:ad:bc:b1:5c:71:fa:ea:a8:52:b8:1c:a9:df:de:7a: d6:70:d6:5d:e8:42:06:5d:26:c8:61:31:b7:69:f0:e0:d4:5e: cc:e2:fb:3e:f6:79:74:1d:51:f2:3e:c6:14:6b:4d:a9:72:bd: e3:c6:34:d3:9b:b2:16:1f:19:70:5c:b2:f0:10:e1:ab:b7:df: 0f:6c:5e:2f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QUQyRDExMC8GA1UEBRMoOTRBOTUwQjMwM0I0NjkwMERENUEzMDYxMDMwQzg5QTQ4 OTY4MDNBRjAeFw0yNDA1MTUwODQ5NTJaFw0yNDA1MjIwODQ5NTJaMBgxFjAUBgNV BAMTDTY2NDQ3NzMwLWY4M2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDB6S/quqXn0fJa3UAFj3/IvajDYfoj8dXwEApsPir7otZWKRvtK0IeNFXLwzRo k6QfcKmFy5Yivy4J+js48HtkWOR9Ki13+Mpdzap74gbXsSqmNDfG/ZxJUjqDWVqN rpnGPaqvfiXWuJ+FCuZ0zmEnpiRs88pnvwWdqmp6AMraV48RrTID/AT44qTjtQ/q CZxwcJCoHYQPvBtEvskfGTHL+EhYSLUYdvHqCH3yYzqcxZsDned6EdzzFDoftsdI 6mCZ3K2FhN4F+hkeUAMXuNKuSaYwmAFbDGWh3zQtVtMjapV/2cUiLlg8b9wK6Ro/ EDcvwKXN0tpWn61ObVXmC/mzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXdn236aZ +8cCb/VpEL30wv9/DW0wHwYDVR0jBBgwFoAUlKlQswO0aQDdWjBhAwyJpIloA68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBRDJELzkwODhFRTVBRTgw MTExRUVBRDZDNTAzMEM0RjlBRTAyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbEtsUXN3TzBhUURkV2pCaEF3eUpwSWxvQTY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJB RDJELzkwODhFRTVBRTgwMTExRUVBRDZDNTAzMEM0RjlBRTAyL2xLbFFzd08wYVFE ZFdqQmhBd3lKcElsb0E2OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA5FMHU5AvQ2ArwvJOPG7bz1yCzXJqGM0XCTj1/yvencAMvel334gvea rklfo/xDCaqM3hwRcp9fFpYiXRPF6ya7IIoa0Tor4tsgLE9V5SoK9CllGnolh2cD XfDEVvVv5ciQbNKmQ9RX7HOnONO+x+xbiHeLfrtFXuXxQXiqZABnpr1+mfzqcTM2 5GQK0+twKEOorcu/3P4DWOlPp0E8NTzBLCSqVebIdY3C05PznFRcOwc3CF2GPa28 sVxx+uqoUrgcqd/eetZw1l3oQgZdJshhMbdp8ODUXszi+z72eXQdUfI+xhRrTaly vePGNNObshYfGXBcsvAQ4au33w9sXi8= -----END CERTIFICATE-----Generated at Wed May 15 11:17:43 2024 by rpki-client on console-ams.rpki-client.org