$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.mft File: eFqwsi3OWhJmUAwQZrT2sF91ysA.mft (raw, json) Hash identifier: fBbL+SlHYzqnwona2kUK98dJ/KAo9hc4QLmlBfOApyU= Subject key identifier: CE:20:D3:FC:6D:76:CE:FE:98:12:C3:68:28:3C:FE:6D:99:4B:5A:E1 Authority key identifier: 78:5A:B0:B2:2D:CE:5A:12:66:50:0C:10:66:B4:F6:B0:5F:75:CA:C0 Certificate issuer: /CN=A91C2CE9/serialNumber=785AB0B22DCE5A1266500C1066B4F6B05F75CAC0 Certificate serial: 0FF2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eFqwsi3OWhJmUAwQZrT2sF91ysA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.mft Manifest number: 0FE8 Signing time: Sat 04 May 2024 18:10:52 +0000 Manifest this update: Sat 04 May 2024 18:10:51 +0000 Manifest next update: Sat 11 May 2024 18:10:51 +0000 Files and hashes: 1: eFqwsi3OWhJmUAwQZrT2sF91ysA.crl (hash: KH80x9cs4vSkjxtT8N0zn/GwdGbbvLHrzOvzF1QUecs=) 2: B3250BC6307B11E989188B3BC4F9AE02.roa (hash: 3mH1aV+Neu1YqHNEj/xQ7UJeQwo/DqtmJwOVZejG53U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.crl rsync://rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eFqwsi3OWhJmUAwQZrT2sF91ysA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:10:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4082 (0xff2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2CE9/serialNumber=785AB0B22DCE5A1266500C1066B4F6B05F75CAC0 Validity Not Before: May 4 18:10:51 2024 GMT Not After : May 11 18:10:51 2024 GMT Subject: CN=66367a2b-2831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b0:cf:5a:21:72:2c:ba:1e:f9:75:e7:99:ba: 18:c3:e7:1c:e7:ed:a2:17:71:cd:d4:a2:e1:27:46: 7f:15:65:ee:03:e5:f3:4e:0d:fc:ed:bf:91:5c:4e: b1:9e:6c:39:1f:8b:c4:15:93:c7:9c:1d:d6:35:e7: 60:a3:f3:7f:d7:fa:d2:d5:b1:8d:83:43:28:bf:f8: 95:84:45:6d:b7:4f:56:b6:1c:d1:23:32:4b:1e:d3: 17:81:12:5b:02:50:c6:4a:1b:49:1e:34:30:20:b8: 67:d7:54:41:4f:41:4b:e7:f5:9f:53:0e:cf:98:56: 1b:66:5d:c0:63:a8:9e:a8:3b:4e:01:f5:9f:2e:ec: ca:20:70:d5:67:14:fa:e0:3c:28:14:fb:9a:4c:de: ba:85:90:f0:e0:21:24:59:cd:73:42:93:af:4d:40: a3:75:b4:78:f7:fd:11:1f:f3:66:68:f8:3b:1d:6c: 1c:0a:f3:24:c2:22:ee:72:77:f0:f1:1d:9d:7b:f4: 9b:f6:c8:7b:2c:73:5d:1e:36:6d:37:12:a9:33:1a: 5d:3a:4c:d5:0f:74:f5:fa:1b:05:71:49:22:cd:f2: b5:57:24:db:53:31:ae:82:21:8e:b1:b6:ea:6e:cc: 60:5f:36:63:1f:2d:71:8a:78:a0:dd:57:89:9e:3d: 57:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:20:D3:FC:6D:76:CE:FE:98:12:C3:68:28:3C:FE:6D:99:4B:5A:E1 X509v3 Authority Key Identifier: keyid:78:5A:B0:B2:2D:CE:5A:12:66:50:0C:10:66:B4:F6:B0:5F:75:CA:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eFqwsi3OWhJmUAwQZrT2sF91ysA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CE9/87106D3E270011E9A77B6E2CC4F9AE02/eFqwsi3OWhJmUAwQZrT2sF91ysA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:c6:e2:6c:6d:d7:39:9f:d3:8a:7e:3d:2b:c9:a7:6e:e3:ee: de:0c:70:38:10:78:77:00:22:55:bc:20:4b:f4:63:82:67:7d: d9:ca:a2:00:12:fd:09:12:29:87:98:1b:ad:2d:1b:3c:ac:6b: 65:a9:a4:fd:49:c8:04:d8:de:a4:cf:bd:ff:0a:09:1a:c3:12: fd:e9:3c:0b:b3:c4:c8:f9:9b:18:c2:c0:1f:a6:bc:60:d5:97: c0:9e:cc:23:b4:91:d2:13:1c:06:c6:fc:12:83:b5:f4:8a:85: b8:d6:29:d8:ce:1e:7e:74:96:78:9d:d1:d6:00:18:b5:89:41: 49:6a:58:d8:3b:0b:a0:a9:90:1a:1d:2e:c4:b0:6a:7a:5c:ea: a3:07:2c:22:0d:ca:de:24:80:6c:5a:3d:aa:d2:b3:9b:02:5b: 37:71:bd:dc:0d:25:2a:7f:74:2e:4f:c0:e7:50:90:1e:b9:27: a0:9a:e3:c8:b6:fd:38:3c:0d:43:31:d8:28:f8:53:b8:35:d8: 5a:d2:30:f7:8c:a9:6a:76:97:53:46:12:95:4f:c2:1d:7c:f6: e5:3d:ca:96:29:e6:b6:99:19:2d:6b:dd:dc:b9:79:c7:38:7d: 7b:cb:9c:24:ee:fd:56:3d:93:72:42:32:c5:a0:2d:05:fd:f5: d6:c8:01:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJDRTkxMTAvBgNVBAUTKDc4NUFCMEIyMkRDRTVBMTI2NjUwMEMxMDY2QjRGNkIw NUY3NUNBQzAwHhcNMjQwNTA0MTgxMDUxWhcNMjQwNTExMTgxMDUxWjAYMRYwFAYD VQQDEw02NjM2N2EyYi0yODMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0bDPWiFyLLoe+XXnmboYw+cc5+2iF3HN1KLhJ0Z/FWXuA+XzTg387b+RXE6x nmw5H4vEFZPHnB3WNedgo/N/1/rS1bGNg0Mov/iVhEVtt09WthzRIzJLHtMXgRJb AlDGShtJHjQwILhn11RBT0FL5/WfUw7PmFYbZl3AY6ieqDtOAfWfLuzKIHDVZxT6 4DwoFPuaTN66hZDw4CEkWc1zQpOvTUCjdbR49/0RH/NmaPg7HWwcCvMkwiLucnfw 8R2de/Sb9sh7LHNdHjZtNxKpMxpdOkzVD3T1+hsFcUkizfK1VyTbUzGugiGOsbbq bsxgXzZjHy1xinig3VeJnj1X8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM4g0/xt ds7+mBLDaCg8/m2ZS1rhMB8GA1UdIwQYMBaAFHhasLItzloSZlAMEGa09rBfdcrA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNFOS84NzEwNkQzRTI3 MDAxMUU5QTc3QjZFMkNDNEY5QUUwMi9lRnF3c2kzT1doSm1VQXdRWnJUMnNGOTF5 c0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VGcXdzaTNPV2hKbVVBd1FaclQyc0Y5MXlzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MkNFOS84NzEwNkQzRTI3MDAxMUU5QTc3QjZFMkNDNEY5QUUwMi9lRnF3c2kzT1do Sm1VQXdRWnJUMnNGOTF5c0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsxuJsbdc5n9OKfj0ryadu4+7eDHA4EHh3ACJVvCBL9GOCZ33ZyqIA Ev0JEimHmButLRs8rGtlqaT9ScgE2N6kz73/CgkawxL96TwLs8TI+ZsYwsAfprxg 1ZfAnswjtJHSExwGxvwSg7X0ioW41inYzh5+dJZ4ndHWABi1iUFJaljYOwugqZAa HS7EsGp6XOqjBywiDcreJIBsWj2q0rObAls3cb3cDSUqf3QuT8DnUJAeuSegmuPI tv04PA1DMdgo+FO4Ndha0jD3jKlqdpdTRhKVT8IdfPblPcqWKea2mRkta93cuXnH OH17y5wk7v1WPZNyQjLFoC0F/fXWyAGj -----END CERTIFICATE-----Generated at Sat May 4 19:58:43 2024 by rpki-client on console-ams.rpki-client.org