$ rpki-client -vvf rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft File: x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft (raw, json) Hash identifier: oFqkNgPIFcpFgHHJG1uAz9zjF7cHaw+pKyuDP4Iu9mU= Subject key identifier: 49:3B:E2:34:E4:11:81:6B:A4:5A:B0:81:4C:35:D3:F0:11:46:41:D1 Authority key identifier: C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 Certificate issuer: /CN=A91C85E9/serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Certificate serial: 10D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft Manifest number: 10C9 Signing time: Thu 02 May 2024 17:57:17 +0000 Manifest this update: Thu 02 May 2024 17:57:16 +0000 Manifest next update: Thu 09 May 2024 17:57:16 +0000 Files and hashes: 1: x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl (hash: frvWYufWgdTmVSBu2xHWIX8RkK3M/FbNl2f/NwpRbZM=) 2: 8446564EF96611E8BE431B17C4F9AE02.roa (hash: nJ9SJM6sBPF7wPXXxyjuPOz53EU2DHqysBnOoMO38lI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 17:57:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4305 (0x10d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C85E9/serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Validity Not Before: May 2 17:57:16 2024 GMT Not After : May 9 17:57:16 2024 GMT Subject: CN=6633d3fd-800a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:11:1d:20:b7:2d:a6:18:8a:25:cb:11:71:5b: 7f:20:0c:76:f3:b1:e5:51:30:34:42:a4:0c:30:0f: 70:40:58:ef:b5:bd:53:93:24:f8:7d:7f:b5:19:5d: 36:f3:8c:fa:51:73:e2:6e:6e:ab:7e:15:79:bf:14: 0a:94:a2:a0:71:b9:09:28:96:77:b6:da:7d:d2:ce: 88:1e:0f:81:da:7c:ee:68:73:94:27:49:b2:4e:58: e1:a2:ba:4f:5f:43:f5:00:f9:da:f2:f0:bb:07:43: 4a:36:65:30:d5:2b:ad:94:60:68:2d:6d:b0:5d:6b: 66:e0:0d:77:03:ed:71:24:67:00:c5:c0:b0:a9:87: 44:f4:ae:04:bd:e8:28:b6:0f:66:36:8e:36:1a:60: 6c:b6:a7:80:68:60:17:fb:73:87:58:b9:88:e1:41: 24:3e:b4:4f:8f:dd:91:a7:74:75:c3:f8:c3:c7:10: ca:96:27:90:24:ad:d0:16:2e:2a:a7:7f:9c:1d:5a: 24:20:d6:72:17:04:75:d8:a1:13:24:2f:b3:cb:34: 68:66:e0:c4:fd:b1:30:5b:fd:84:d9:39:3b:7a:0e: 6d:d9:a9:5a:d8:ac:92:5b:1c:c8:ea:57:1e:b3:f0: 9d:11:34:4c:fd:77:77:8b:05:df:f0:cb:36:9a:72: 97:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:3B:E2:34:E4:11:81:6B:A4:5A:B0:81:4C:35:D3:F0:11:46:41:D1 X509v3 Authority Key Identifier: keyid:C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:e4:23:73:af:48:ef:3e:c8:80:6d:5a:ba:c0:5f:d7:9f:70: 8c:e1:00:2a:7d:a9:c6:c6:27:50:09:76:6b:b7:8b:9c:6f:10: 2f:87:8d:9e:8f:d4:1f:82:36:e2:c6:ce:b2:0c:5d:cc:cb:1b: 86:3a:6c:42:b4:f3:77:d9:73:dd:69:82:d7:7d:fa:8a:09:22: 91:b2:3f:cd:1d:7b:40:ba:68:9e:b5:f7:5b:d2:eb:5e:b9:e1: 29:e7:f7:e2:46:1e:ef:dc:04:51:ab:ce:5d:d1:ae:30:74:4c: 03:75:bf:73:cd:42:73:92:ed:c3:41:fe:28:c3:e6:23:99:ce: ee:9b:25:61:4d:05:11:2f:17:71:ec:24:f2:17:cf:0a:2e:ac: ec:15:fb:80:18:64:a3:44:50:f5:ff:38:9b:70:76:a3:1d:b6: 54:cd:62:f3:0c:18:3e:0e:6f:cc:a4:a2:a9:55:0c:e2:4c:22: 8a:a9:84:92:ee:a0:d5:6b:9c:1e:63:88:6f:55:85:fe:45:4f: a2:f7:a6:b0:bd:fc:31:f6:8d:ae:ce:f9:3f:ec:ac:49:c2:6a: f2:01:5d:1b:4e:fa:26:6a:b5:58:8b:e9:66:53:4e:03:1a:5c: 37:16:08:b9:0a:28:2e:49:48:52:5a:1e:c5:05:c9:25:83:ae: 47:7d:89:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICENEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzg1RTkxMTAvBgNVBAUTKEM3Q0Y5NDNFM0E3NjRGMzdDMDAzQ0Q0MzVBMkI4NTQz QkNFNDc2MDkwHhcNMjQwNTAyMTc1NzE2WhcNMjQwNTA5MTc1NzE2WjAYMRYwFAYD VQQDEw02NjMzZDNmZC04MDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyhEdILctphiKJcsRcVt/IAx287HlUTA0QqQMMA9wQFjvtb1TkyT4fX+1GV02 84z6UXPibm6rfhV5vxQKlKKgcbkJKJZ3ttp90s6IHg+B2nzuaHOUJ0myTljhorpP X0P1APna8vC7B0NKNmUw1SutlGBoLW2wXWtm4A13A+1xJGcAxcCwqYdE9K4Evego tg9mNo42GmBstqeAaGAX+3OHWLmI4UEkPrRPj92Rp3R1w/jDxxDKlieQJK3QFi4q p3+cHVokINZyFwR12KETJC+zyzRoZuDE/bEwW/2E2Tk7eg5t2ala2KySWxzI6lce s/CdETRM/Xd3iwXf8Ms2mnKXgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEk74jTk EYFrpFqwgUw10/ARRkHRMB8GA1UdIwQYMBaAFMfPlD46dk83wAPNQ1orhUO85HYJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODVFOS8wODI1MzhFQ0Y5 NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6ZkFBODFEV2l1RlE3emtk Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g4LVVQanAyVHpmQUE4MURXaXVGUTd6a2Rnay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD ODVFOS8wODI1MzhFQ0Y5NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6 ZkFBODFEV2l1RlE3emtkZ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC05CNzr0jvPsiAbVq6wF/Xn3CM4QAqfanGxidQCXZrt4ucbxAvh42e j9Qfgjbixs6yDF3MyxuGOmxCtPN32XPdaYLXffqKCSKRsj/NHXtAumietfdb0ute ueEp5/fiRh7v3ARRq85d0a4wdEwDdb9zzUJzku3DQf4ow+Yjmc7umyVhTQURLxdx 7CTyF88KLqzsFfuAGGSjRFD1/zibcHajHbZUzWLzDBg+Dm/MpKKpVQziTCKKqYSS 7qDVa5weY4hvVYX+RU+i96awvfwx9o2uzvk/7KxJwmryAV0bTvomarVYi+lmU04D Glw3Fgi5CiguSUhSWh7FBcklg65HfYnO -----END CERTIFICATE-----Generated at Thu May 2 20:04:59 2024 by rpki-client on console-ams.rpki-client.org