$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft File: hsjX-0IuFSejmUSD0fne8sYKMHI.mft (raw, json) Hash identifier: LtBHuXddPGNWh4ht13+FJ0Y4W5kOOP3CVJf6suaSzH0= Subject key identifier: F1:85:1D:33:DC:B8:FD:B2:34:96:D1:80:1A:5A:44:B8:6D:0E:8F:6D Authority key identifier: 86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 Certificate issuer: /CN=A91BEB11/serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Certificate serial: 33BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft Manifest number: 33BB Signing time: Sat 04 May 2024 15:06:53 +0000 Manifest this update: Sat 04 May 2024 15:06:53 +0000 Manifest next update: Sat 11 May 2024 15:06:53 +0000 Files and hashes: 1: hsjX-0IuFSejmUSD0fne8sYKMHI.crl (hash: EH2grvPU1XbdLgi2CRwmXZ3fOttr1C6CBmQZGoGS/mg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 14:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13243 (0x33bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEB11/serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Validity Not Before: May 4 15:06:53 2024 GMT Not After : May 11 15:06:53 2024 GMT Subject: CN=66364f0d-d2e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a5:fb:b6:c7:08:0e:2c:c0:94:0a:2d:1b:00: 1c:d5:36:c8:ac:84:d3:89:35:54:01:fa:7f:7b:f9: 65:41:f8:41:58:86:90:e2:97:21:4b:04:9c:ad:4e: 3d:6d:e3:ac:1e:48:ab:c4:7b:c6:37:ab:28:e2:bc: 8e:de:6e:03:ea:24:6f:fb:43:50:a7:6a:8d:1c:b4: 46:8a:2f:24:e5:b6:68:d4:46:40:90:be:23:48:c3: 93:a4:34:2c:72:fc:4d:da:d7:12:fb:cb:48:e2:c0: fd:6f:b0:f3:b9:3a:8a:43:f1:7a:d5:04:5f:7c:8f: 7d:13:1a:13:18:87:6f:8b:c9:dd:ab:25:39:c5:d1: bf:22:d7:0f:85:47:3e:50:a3:f2:b5:b8:e2:4e:e0: 37:dc:17:54:57:47:89:31:2a:8e:af:31:62:23:1e: b7:a2:23:fb:a8:d3:27:df:08:05:76:73:4d:ab:9b: 76:2f:67:1b:cf:f1:98:e6:e1:2a:d2:74:8c:a6:6f: e8:20:7b:be:ff:08:98:ff:c2:ed:dc:23:9a:73:a7: 1a:ac:8a:38:1d:27:6f:90:44:f5:11:9f:0a:5b:db: 76:34:e6:6e:5b:7f:56:bf:de:c0:16:1e:72:ea:97: 9c:2c:ce:da:7a:95:42:3b:8f:f2:8c:86:5c:f2:b4: 6b:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:85:1D:33:DC:B8:FD:B2:34:96:D1:80:1A:5A:44:B8:6D:0E:8F:6D X509v3 Authority Key Identifier: keyid:86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:d7:b6:bf:c1:18:e2:24:ae:c9:05:51:b4:00:39:e5:24:77: 86:7d:20:b4:74:8a:e1:ee:1d:21:f2:e3:30:8c:87:89:1f:36: a4:8d:d1:09:c1:8b:22:63:05:0f:2c:09:f2:4b:50:d4:df:0a: 6e:15:75:2b:47:f2:fd:48:39:dc:52:30:09:e6:67:0f:a8:46: 0f:dc:37:2b:ed:43:f3:4f:6f:a6:15:19:e3:55:d0:03:3b:e7: 4e:33:01:d6:a6:01:ff:d1:6a:f3:a3:26:a9:95:0d:17:a0:42: 8d:01:ea:3c:35:2a:3d:d1:3a:eb:b6:76:17:e2:43:14:60:c5: 89:78:1c:c3:b6:19:3b:06:aa:57:e2:20:ba:35:24:8a:60:20: 12:14:31:9e:6d:bc:73:58:0e:e9:28:9e:34:71:4b:4e:c4:ca: 71:1f:11:5a:a7:eb:aa:af:dc:70:4c:fd:c6:08:3b:ea:7b:d9: bb:86:38:74:62:e3:55:39:a0:9a:99:14:e0:da:18:29:be:f0: 80:99:33:ad:b5:97:c6:e6:8a:e5:c3:4c:81:80:4d:6d:a5:1a: 6c:23:cb:e1:e1:e5:9f:39:f5:12:d6:0b:b9:99:32:ae:6a:e6: ae:17:68:5e:93:80:04:74:d9:cb:eb:db:a7:52:a3:61:95:b6: 9e:cf:96:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVCMTExMTAvBgNVBAUTKDg2QzhEN0ZCNDIyRTE1MjdBMzk5NDQ4M0QxRjlERUYy QzYwQTMwNzIwHhcNMjQwNTA0MTUwNjUzWhcNMjQwNTExMTUwNjUzWjAYMRYwFAYD VQQDEw02NjM2NGYwZC1kMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoaX7tscIDizAlAotGwAc1TbIrITTiTVUAfp/e/llQfhBWIaQ4pchSwScrU49 beOsHkirxHvGN6so4ryO3m4D6iRv+0NQp2qNHLRGii8k5bZo1EZAkL4jSMOTpDQs cvxN2tcS+8tI4sD9b7DzuTqKQ/F61QRffI99ExoTGIdvi8ndqyU5xdG/ItcPhUc+ UKPytbjiTuA33BdUV0eJMSqOrzFiIx63oiP7qNMn3wgFdnNNq5t2L2cbz/GY5uEq 0nSMpm/oIHu+/wiY/8Lt3COac6carIo4HSdvkET1EZ8KW9t2NOZuW39Wv97AFh5y 6pecLM7aepVCO4/yjIZc8rRrFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPGFHTPc uP2yNJbRgBpaRLhtDo9tMB8GA1UdIwQYMBaAFIbI1/tCLhUno5lEg9H53vLGCjBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUIxMS85RjQzNTg3RTFE OUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZTZWptVVNEMGZuZThzWUtN SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzalgtMEl1RlNlam1VU0QwZm5lOHNZS01ISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUIxMS85RjQzNTg3RTFEOUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZT ZWptVVNEMGZuZThzWUtNSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ17a/wRjiJK7JBVG0ADnlJHeGfSC0dIrh7h0h8uMwjIeJHzakjdEJ wYsiYwUPLAnyS1DU3wpuFXUrR/L9SDncUjAJ5mcPqEYP3Dcr7UPzT2+mFRnjVdAD O+dOMwHWpgH/0WrzoyaplQ0XoEKNAeo8NSo90TrrtnYX4kMUYMWJeBzDthk7BqpX 4iC6NSSKYCASFDGebbxzWA7pKJ40cUtOxMpxHxFap+uqr9xwTP3GCDvqe9m7hjh0 YuNVOaCamRTg2hgpvvCAmTOttZfG5orlw0yBgE1tpRpsI8vh4eWfOfUS1gu5mTKu auauF2hek4AEdNnL69unUqNhlbaez5Zk -----END CERTIFICATE-----Generated at Sat May 4 15:55:04 2024 by rpki-client on console-ams.rpki-client.org