$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json) Hash identifier: vtgB0RAljVU+EhaC9Xlth/YpP5pRE5mYRTTfh7ajox4= Subject key identifier: 42:2B:24:6C:F4:10:CC:E5:5E:CB:A1:4F:9D:8C:20:A5:60:28:91:CE Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Certificate serial: 33B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft Manifest number: 33B8 Signing time: Tue 30 Apr 2024 15:32:00 +0000 Manifest this update: Tue 30 Apr 2024 15:32:00 +0000 Manifest next update: Tue 07 May 2024 15:32:00 +0000 Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: XXyvDE+b1YTP7dytUhkphNktqWMY+GgQWED9EZZ6DjM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 15:31:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13240 (0x33b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Validity Not Before: Apr 30 15:32:00 2024 GMT Not After : May 7 15:32:00 2024 GMT Subject: CN=66310ef0-55c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:03:99:2b:c4:33:c7:f1:f4:a1:b6:36:70:7e: e5:25:1c:8a:ad:60:b3:4e:fb:bf:a4:3c:8b:f1:d9: 35:70:68:a3:09:95:52:09:23:cf:f5:a3:68:ee:25: 49:a9:66:84:4e:5f:9a:d7:56:5d:0e:d4:aa:fd:a0: 53:01:9a:a2:51:71:15:86:24:63:ba:a5:41:be:30: 3c:fb:be:59:d3:2b:a5:c1:c4:1b:4e:4c:45:2c:85: e0:1e:8b:80:91:cc:1e:7e:49:3d:3e:7f:64:32:6b: 13:d7:02:b5:cd:75:ee:be:d9:f5:9d:4e:00:17:71: dc:1c:b2:3f:b6:35:08:4c:2b:34:2d:bc:a6:00:b4: f4:52:22:9b:68:37:c0:a4:85:da:4d:9e:38:ff:69: 18:88:c7:e9:0a:f3:6e:04:08:77:c5:2a:58:5e:54: 21:31:39:9e:63:0b:00:46:00:f7:2f:c3:0a:27:59: 27:36:b7:0f:a8:ee:8d:e8:2f:37:f0:7c:ae:df:a7: 27:dd:d7:04:54:0c:08:b3:24:f3:c0:44:d0:f0:49: 32:f9:1c:4b:90:b2:a4:1c:70:29:2f:bd:a6:40:bd: c3:02:1b:37:a6:a1:18:a7:cf:40:e9:a7:57:31:16: fc:4e:c0:c5:e1:bf:9c:f5:5b:a4:da:85:3f:70:b3: b1:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:2B:24:6C:F4:10:CC:E5:5E:CB:A1:4F:9D:8C:20:A5:60:28:91:CE X509v3 Authority Key Identifier: keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:7b:d4:f7:3b:12:fd:08:77:c8:9b:3f:27:ab:7c:24:ce:b9: 8c:3e:0a:ec:70:76:b1:5c:1e:f0:0c:8c:56:9a:dc:4c:08:14: ac:e9:33:28:32:fd:0c:d2:72:36:8e:4d:c4:88:69:08:67:69: a3:bc:8d:2f:f7:d0:81:9f:c3:95:ce:41:52:14:ea:f7:81:21: 27:e5:51:34:11:2f:5e:cf:4b:4f:ee:17:f1:4d:dd:27:91:54: 9c:f4:7a:fe:15:6f:56:97:e9:b6:9f:a4:51:6b:76:66:3e:fb: 5b:95:af:d9:5a:ce:89:08:ee:22:3e:26:9d:8e:54:9e:d2:45: 64:7d:bb:02:95:10:0a:14:f8:54:98:34:58:21:18:e3:76:cf: b2:6c:99:35:65:59:ac:88:eb:ee:42:ed:3b:fc:be:d4:5b:cc: b3:2b:6f:56:02:14:35:d7:fc:02:00:bb:7c:6c:84:4f:16:bb: 3f:14:8a:a4:c9:40:b9:cd:b6:d1:5d:ff:6d:64:d1:5a:72:53: 2a:9b:cb:9e:10:2a:6e:9b:65:ea:e3:4e:be:fc:0f:27:6d:73: 1a:77:f7:d2:c8:db:ab:1a:ab:da:69:a6:01:09:8a:85:02:85: 92:4d:6b:ba:c4:71:28:95:75:11:39:7f:1d:a5:a1:1a:8b:bf: 73:25:6d:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF NTlGQTg0RjYwHhcNMjQwNDMwMTUzMjAwWhcNMjQwNTA3MTUzMjAwWjAYMRYwFAYD VQQDEw02NjMxMGVmMC01NWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsAOZK8Qzx/H0obY2cH7lJRyKrWCzTvu/pDyL8dk1cGijCZVSCSPP9aNo7iVJ qWaETl+a11ZdDtSq/aBTAZqiUXEVhiRjuqVBvjA8+75Z0yulwcQbTkxFLIXgHouA kcwefkk9Pn9kMmsT1wK1zXXuvtn1nU4AF3HcHLI/tjUITCs0LbymALT0UiKbaDfA pIXaTZ44/2kYiMfpCvNuBAh3xSpYXlQhMTmeYwsARgD3L8MKJ1knNrcPqO6N6C83 8Hyu36cn3dcEVAwIsyTzwETQ8Eky+RxLkLKkHHApL72mQL3DAhs3pqEYp89A6adX MRb8TsDF4b+c9Vuk2oU/cLOxTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEIrJGz0 EMzlXsuhT52MIKVgKJHOMB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4 bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBce9T3OxL9CHfImz8nq3wkzrmMPgrscHaxXB7wDIxWmtxMCBSs6TMo Mv0M0nI2jk3EiGkIZ2mjvI0v99CBn8OVzkFSFOr3gSEn5VE0ES9ez0tP7hfxTd0n kVSc9Hr+FW9Wl+m2n6RRa3ZmPvtbla/ZWs6JCO4iPiadjlSe0kVkfbsClRAKFPhU mDRYIRjjds+ybJk1ZVmsiOvuQu07/L7UW8yzK29WAhQ11/wCALt8bIRPFrs/FIqk yUC5zbbRXf9tZNFaclMqm8ueECpum2Xq406+/A8nbXMad/fSyNurGqvaaaYBCYqF AoWSTWu6xHEolXUROX8dpaEai79zJW3x -----END CERTIFICATE-----Generated at Tue Apr 30 18:57:39 2024 by rpki-client on console-fra.rpki-client.org