$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft File: m2fIchTtmWVAcRkL688LjZ-hr04.mft (raw, json) Hash identifier: Bp5QTBHEE8rFn33KGpD6lJZF4zcokk2qjwh4OwalVK8= Subject key identifier: 5D:7F:A2:D9:D4:83:E6:94:88:22:8B:77:C3:2C:FA:95:A3:43:6E:EC Authority key identifier: 9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E Certificate issuer: /CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Certificate serial: 0B2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft Manifest number: 0B20 Signing time: Tue 30 Apr 2024 20:11:06 +0000 Manifest this update: Tue 30 Apr 2024 20:11:06 +0000 Manifest next update: Tue 07 May 2024 20:11:06 +0000 Files and hashes: 1: m2fIchTtmWVAcRkL688LjZ-hr04.crl (hash: OXdl3+9rMGcKmQzy3OIKeaDegHAbXvqLqDMcVQP9W/I=) 2: D5CA565EDFFD11EE97B62A3CC4F9AE02.roa (hash: pi1uhfbf3UNc1f8g1WiIm7gpS/X62rWRXSb5a4XWgQY=) 3: D6AAA3B2DFFD11EE97B62A3CC4F9AE02.roa (hash: dH/dI9NKlgKXp1vrlH29LwYMzXgppca6gSzeHJf+2cU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 20:11:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2862 (0xb2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E Validity Not Before: Apr 30 20:11:06 2024 GMT Not After : May 7 20:11:06 2024 GMT Subject: CN=6631505a-ce5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:04:1e:0a:ee:6a:ef:ef:21:63:83:f1:cb:95: 11:af:11:58:3b:7d:25:77:28:87:8d:1b:99:9a:52: cf:ac:47:f5:4f:d7:44:bd:31:e0:fc:40:c4:d5:3d: b2:bf:57:06:98:0d:0d:f6:11:dd:7f:60:66:26:66: a6:ad:c8:e9:a0:f3:b8:22:0d:5a:5c:63:f6:31:93: 2a:1e:b4:39:5a:21:96:1f:f8:db:bf:4f:de:90:e0: a9:01:29:f2:a6:33:4b:dd:7a:5f:8f:f1:0d:2e:56: 3f:75:4c:4f:cf:8a:03:1c:45:98:34:63:5a:2e:ec: 2e:b4:b7:7c:b8:a5:8b:61:6c:f2:af:b9:dd:c5:92: 1c:29:67:43:a5:5b:db:82:36:b1:f3:4c:6f:16:3c: 36:9e:d9:96:e5:9d:97:96:8c:92:11:df:bd:1d:3e: 6f:75:c5:30:41:76:0f:ed:79:69:fe:c5:ed:29:6f: 80:93:c5:ca:fa:5f:01:7c:0d:08:e0:99:a9:a5:35: 1c:4c:62:20:d5:bb:7e:b2:77:80:8d:2e:f2:69:78: 91:17:9e:9d:75:52:16:bc:ec:5f:6f:35:a5:c3:ad: 06:df:09:18:a4:6a:cc:ac:3f:f4:ba:4a:a7:79:14: 7a:ca:a8:98:85:23:a7:58:e8:6f:09:b4:67:da:4c: 59:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:7F:A2:D9:D4:83:E6:94:88:22:8B:77:C3:2C:FA:95:A3:43:6E:EC X509v3 Authority Key Identifier: keyid:9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:ec:7c:b8:80:ad:44:8b:32:05:44:3d:4c:b9:d0:f9:7f:e1: c8:7f:e7:31:15:4f:de:f4:72:b5:10:7e:57:76:f0:ef:7e:27: 69:ea:fc:d8:52:bc:64:da:40:dd:3f:8b:b8:63:3f:a1:13:d1: a1:fc:f0:51:0a:cc:07:9d:aa:8b:c4:8b:cd:c6:c6:93:8e:f1: 1c:81:55:46:a2:84:c7:0d:54:bd:67:76:83:e0:b7:23:b1:45: 5c:60:c8:f9:d3:cf:3b:70:f8:c8:69:38:b1:c2:ff:2f:49:1d: bb:a1:54:e3:6d:c4:7e:e9:f9:34:ee:ce:31:ae:84:72:04:cd: 7e:13:7c:91:61:b0:9f:8f:53:62:48:e4:95:c5:91:83:9a:3e: 43:24:65:87:0f:54:0f:b7:cd:e7:f7:fd:0f:38:d4:70:22:e5: 9b:31:e2:df:db:6b:ec:db:61:30:c4:5c:79:95:dd:8f:b6:87: 4a:48:1d:65:06:5b:ba:5a:78:48:5b:5a:da:40:eb:dc:4a:c6: cd:56:e9:f7:60:98:22:d9:8e:0f:d2:34:75:35:b7:a2:fd:a6: 53:06:3c:99:50:66:d9:ef:6b:9f:cd:55:ff:9c:a7:8c:01:b2: 9e:d8:75:66:73:fa:0a:0a:7a:89:8b:42:ee:f8:14:79:3d:c3: 63:d2:85:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JEQzgxMTAvBgNVBAUTKDlCNjdDODcyMTRFRDk5NjU0MDcxMTkwQkVCQ0YwQjhE OUZBMUFGNEUwHhcNMjQwNDMwMjAxMTA2WhcNMjQwNTA3MjAxMTA2WjAYMRYwFAYD VQQDEw02NjMxNTA1YS1jZTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAogQeCu5q7+8hY4Pxy5URrxFYO30ldyiHjRuZmlLPrEf1T9dEvTHg/EDE1T2y v1cGmA0N9hHdf2BmJmamrcjpoPO4Ig1aXGP2MZMqHrQ5WiGWH/jbv0/ekOCpASny pjNL3Xpfj/ENLlY/dUxPz4oDHEWYNGNaLuwutLd8uKWLYWzyr7ndxZIcKWdDpVvb gjax80xvFjw2ntmW5Z2XloySEd+9HT5vdcUwQXYP7Xlp/sXtKW+Ak8XK+l8BfA0I 4JmppTUcTGIg1bt+sneAjS7yaXiRF56ddVIWvOxfbzWlw60G3wkYpGrMrD/0ukqn eRR6yqiYhSOnWOhvCbRn2kxZswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF1/otnU g+aUiCKLd8Ms+pWjQ27sMB8GA1UdIwQYMBaAFJtnyHIU7ZllQHEZC+vPC42foa9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkRDOC82Njk3NjNGMDE4 RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1XVkFjUmtMNjg4TGpaLWhy MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL20yZkljaFR0bVdWQWNSa0w2ODhMalotaHIwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QkRDOC82Njk3NjNGMDE4RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1X VkFjUmtMNjg4TGpaLWhyMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAd7Hy4gK1EizIFRD1MudD5f+HIf+cxFU/e9HK1EH5XdvDvfidp6vzY Urxk2kDdP4u4Yz+hE9Gh/PBRCswHnaqLxIvNxsaTjvEcgVVGooTHDVS9Z3aD4Lcj sUVcYMj50887cPjIaTixwv8vSR27oVTjbcR+6fk07s4xroRyBM1+E3yRYbCfj1Ni SOSVxZGDmj5DJGWHD1QPt83n9/0PONRwIuWbMeLf22vs22EwxFx5ld2PtodKSB1l Blu6WnhIW1raQOvcSsbNVun3YJgi2Y4P0jR1Nbei/aZTBjyZUGbZ72ufzVX/nKeM AbKe2HVmc/oKCnqJi0Lu+BR5PcNj0oWG -----END CERTIFICATE-----Generated at Tue Apr 30 21:38:06 2024 by rpki-client on console-fra.rpki-client.org