$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft File: kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft (raw, json) Hash identifier: F/1H3DMH6q+2hA1SI56xrc0iu7LImvfzO2kezRUre0o= Subject key identifier: 4F:AF:63:D4:A7:1B:7F:E9:D5:F5:A7:BB:33:FC:AD:F7:7C:A4:A3:F6 Authority key identifier: 91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 Certificate issuer: /CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Certificate serial: D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft Manifest number: D6 Signing time: Wed 01 May 2024 06:21:19 +0000 Manifest this update: Wed 01 May 2024 06:21:19 +0000 Manifest next update: Wed 08 May 2024 06:21:19 +0000 Files and hashes: 1: kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl (hash: UDJzbwXMuWkAztR9tLKlzv1mtGoXKUFKZvDJLo+I3P0=) 2: F96174ECC27D11EDB8226F2DC4F9AE02.roa (hash: vKghqf3uyMxq7W/BIeNuSu7Pchmx3WrkN5kA6uCQZ+w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 06:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Validity Not Before: May 1 06:21:19 2024 GMT Not After : May 8 06:21:19 2024 GMT Subject: CN=6631df5f-e45d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:33:e2:94:b5:73:a3:6c:b0:1c:be:3b:07:b1: 5c:40:45:46:5d:ae:c9:b4:86:a0:e9:ae:0f:a9:8e: 24:a8:62:b7:d8:3b:38:0d:b0:9b:87:bc:67:8c:02: b2:f3:a8:94:fa:6e:bd:93:1d:7b:b7:d2:32:72:3f: b8:77:27:d5:8d:0f:a8:7e:39:89:99:d9:be:d8:00: de:c5:b6:8f:0b:93:23:d9:68:22:30:cf:03:de:25: a1:0b:18:b8:9b:98:ca:84:b9:5c:94:42:c2:a4:25: 82:99:90:db:c7:89:62:f1:24:86:0a:3e:d1:bf:25: d8:7a:5c:14:db:77:ba:14:9b:56:74:44:58:e3:d2: 82:77:b4:d3:66:92:ce:d9:b7:90:a3:90:c3:ad:09: 8e:e6:5a:ef:67:80:2d:c7:72:7b:e7:19:6c:09:a2: 97:cc:85:20:8d:0e:5d:ff:10:e5:b2:7c:7d:08:40: c8:9c:6b:f9:e9:07:0d:5d:99:00:74:ec:94:49:d5: dd:77:ea:e3:1d:af:06:78:31:cc:31:60:b3:ee:2f: 4c:f2:bb:2e:d6:45:0a:72:05:41:5b:4b:67:14:d0: 9d:04:d1:c9:15:55:3e:de:12:97:5b:80:6a:3f:c6: 3a:aa:a6:65:5b:ed:3a:eb:44:43:9a:69:dc:6b:f5: 56:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:AF:63:D4:A7:1B:7F:E9:D5:F5:A7:BB:33:FC:AD:F7:7C:A4:A3:F6 X509v3 Authority Key Identifier: keyid:91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:b8:98:e1:c0:e5:68:5d:e0:91:bd:90:c6:49:1f:d0:b2:07: 11:28:c4:69:70:11:76:52:55:41:21:76:70:b9:00:e1:aa:fb: 70:f3:20:c7:83:11:b8:3f:0e:c8:07:15:e6:d6:d1:d4:2f:bb: 01:5f:77:95:b2:cf:a3:6e:82:df:4b:b9:ee:3e:21:fc:3e:d9: 8c:a4:21:fa:ee:cd:29:53:04:73:e4:0e:b2:55:d4:19:4b:a3: e5:77:dc:6f:07:0f:a7:5d:56:d9:88:61:58:64:15:eb:0e:0d: 7f:de:53:7a:75:5b:c3:5e:a5:97:07:0c:74:f5:60:c7:df:65: 2e:cf:c6:5e:6e:18:90:9c:af:87:ae:49:93:cb:01:44:47:2a: c8:68:1e:bc:ff:5c:39:de:32:a7:b9:8d:c6:b6:10:e9:bc:01: 6b:31:f7:d3:d3:fd:de:0f:57:7d:15:ff:64:f6:f6:cf:cd:d4: 90:12:7d:9f:46:63:0d:97:bf:f3:12:a4:9d:42:e9:67:4c:ef: 69:63:6e:14:7e:04:d8:4f:30:05:56:af:b6:62:ae:bc:84:32: 9b:ca:21:b8:39:f4:70:d6:33:ab:cb:36:c7:18:fb:3e:3b:4c: fc:54:5d:dd:05:1e:17:aa:49:f4:c6:0a:19:eb:aa:99:09:64: 44:ad:8f:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI2RTMxMTAvBgNVBAUTKDkxOUZBODE5QjJGRkYxNDU1MjFBRjY2NDAzNTI3OEU3 RTc5MTRBNDkwHhcNMjQwNTAxMDYyMTE5WhcNMjQwNTA4MDYyMTE5WjAYMRYwFAYD VQQDEw02NjMxZGY1Zi1lNDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1jPilLVzo2ywHL47B7FcQEVGXa7JtIag6a4PqY4kqGK32Ds4DbCbh7xnjAKy 86iU+m69kx17t9Iycj+4dyfVjQ+ofjmJmdm+2ADexbaPC5Mj2WgiMM8D3iWhCxi4 m5jKhLlclELCpCWCmZDbx4li8SSGCj7RvyXYelwU23e6FJtWdERY49KCd7TTZpLO 2beQo5DDrQmO5lrvZ4Atx3J75xlsCaKXzIUgjQ5d/xDlsnx9CEDInGv56QcNXZkA dOyUSdXdd+rjHa8GeDHMMWCz7i9M8rsu1kUKcgVBW0tnFNCdBNHJFVU+3hKXW4Bq P8Y6qqZlW+0660RDmmnca/VWkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE+vY9Sn G3/p1fWnuzP8rfd8pKP2MB8GA1UdIwQYMBaAFJGfqBmy//FFUhr2ZANSeOfnkUpJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZFMy9BMjJDODE0Q0My NzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhVVlNHdlprQTFKNDUtZVJT a2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2taLW9HYkxfOFVWU0d2WmtBMUo0NS1lUlNray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjZFMy9BMjJDODE0Q0MyNzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhV VlNHdlprQTFKNDUtZVJTa2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBluJjhwOVoXeCRvZDGSR/QsgcRKMRpcBF2UlVBIXZwuQDhqvtw8yDH gxG4Pw7IBxXm1tHUL7sBX3eVss+jboLfS7nuPiH8PtmMpCH67s0pUwRz5A6yVdQZ S6Pld9xvBw+nXVbZiGFYZBXrDg1/3lN6dVvDXqWXBwx09WDH32Uuz8ZebhiQnK+H rkmTywFERyrIaB68/1w53jKnuY3GthDpvAFrMffT0/3eD1d9Ff9k9vbPzdSQEn2f RmMNl7/zEqSdQulnTO9pY24UfgTYTzAFVq+2Yq68hDKbyiG4OfRw1jOryzbHGPs+ O0z8VF3dBR4Xqkn0xgoZ66qZCWRErY8B -----END CERTIFICATE-----Generated at Wed May 1 07:07:05 2024 by rpki-client on console-fra.rpki-client.org