$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.mft File: gFLXiRiFOIg0vD1ozrIclvdiXmc.mft (raw, json) Hash identifier: 2xnYwnGjXOaHlc+VmmJOTlu+BjKvDMn/aG3QSu7mBMo= Subject key identifier: B9:6E:62:2B:59:88:9F:0F:4D:C6:2B:04:7F:3C:33:14:AC:B2:6B:33 Authority key identifier: 80:52:D7:89:18:85:38:88:34:BC:3D:68:CE:B2:1C:96:F7:62:5E:67 Certificate issuer: /CN=A91CBE89/serialNumber=8052D7891885388834BC3D68CEB21C96F7625E67 Certificate serial: 1D8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gFLXiRiFOIg0vD1ozrIclvdiXmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.mft Manifest number: 1D8D Signing time: Tue 30 Apr 2024 16:33:33 +0000 Manifest this update: Tue 30 Apr 2024 16:33:33 +0000 Manifest next update: Tue 07 May 2024 16:33:33 +0000 Files and hashes: 1: gFLXiRiFOIg0vD1ozrIclvdiXmc.crl (hash: oTHdPmimiSrUwn7ccYln2osQWz/sU8JkEMa/TIISJ4I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.crl rsync://rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gFLXiRiFOIg0vD1ozrIclvdiXmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 16:33:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7566 (0x1d8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBE89/serialNumber=8052D7891885388834BC3D68CEB21C96F7625E67 Validity Not Before: Apr 30 16:33:33 2024 GMT Not After : May 7 16:33:33 2024 GMT Subject: CN=66311d5d-6f07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:73:ab:8e:5a:0b:f3:0a:cc:f3:99:d1:41:6f: 9a:d6:06:17:44:1d:16:1d:44:b7:54:8b:8a:2b:3d: 32:19:01:58:0d:4f:a2:07:10:51:14:b6:ff:84:38: af:65:f0:37:06:2d:4e:70:8c:10:ea:58:f5:7e:1e: 5e:b8:4b:e2:61:d1:96:66:5f:e8:c6:34:5c:03:d1: c9:a5:3b:ac:ed:91:d8:0f:1a:91:70:c4:cf:18:fe: b6:db:c1:5c:12:5f:ab:48:a2:8d:ac:a1:d8:2f:59: 02:8c:4b:d3:eb:3a:ab:34:78:e0:7c:71:27:9a:42: e3:64:f6:57:bb:66:c6:e5:93:6f:e9:e1:40:d6:c8: a9:1a:31:41:ef:5c:64:1b:61:06:0a:bf:f8:66:4f: e8:25:0b:08:44:ac:ce:2d:7f:54:c2:6a:da:14:fe: b8:5c:47:81:0c:a9:7d:c9:80:bb:a4:ba:01:3c:3e: 40:f0:67:93:36:da:de:43:03:be:3e:36:53:db:23: 29:9c:59:96:33:53:ca:80:4a:2b:50:c3:fc:77:d8: b1:d7:27:14:16:2f:d3:da:7e:4b:2a:f8:44:52:9e: 7c:b2:15:a5:c0:ea:ee:76:77:ad:8d:75:6f:65:b8: 5e:19:13:a8:71:ca:68:ce:38:c5:46:7f:ce:8b:9b: d6:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:6E:62:2B:59:88:9F:0F:4D:C6:2B:04:7F:3C:33:14:AC:B2:6B:33 X509v3 Authority Key Identifier: keyid:80:52:D7:89:18:85:38:88:34:BC:3D:68:CE:B2:1C:96:F7:62:5E:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gFLXiRiFOIg0vD1ozrIclvdiXmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBE89/F2726A18763C11E6B01E0859C4F9AE02/gFLXiRiFOIg0vD1ozrIclvdiXmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:c6:d7:5d:8c:ea:21:4d:99:ce:6f:16:79:4e:26:fc:45:c6: ef:ae:0b:65:c1:3d:e4:34:a1:28:e6:4a:b9:28:86:e5:94:71: 8f:2e:cc:33:27:2e:4e:b4:c0:02:64:e4:72:93:3d:cf:22:2e: d9:4c:9d:f0:dc:27:47:45:b9:af:9a:8a:dc:f8:56:ee:ca:03: 70:e0:b2:51:d1:6b:69:9b:5a:d7:56:28:82:c1:ac:8d:57:29: b3:31:0a:5c:59:8f:be:51:43:f9:54:ea:6d:18:cb:ff:ba:4a: ff:e3:e2:10:ea:c0:4d:85:9b:f9:33:aa:b0:bc:3b:17:eb:c2: dc:0f:07:42:a2:21:44:74:ab:90:37:93:52:1c:2e:37:f5:79: 81:70:0d:6d:38:5a:2e:08:2a:0f:85:a5:ef:a8:7d:62:32:02: c7:ee:56:23:97:5b:e8:7c:20:ba:35:ca:de:72:57:a3:88:8f: c0:eb:90:a3:df:02:68:86:35:49:57:fc:13:a3:70:5b:44:69: c6:87:66:3b:92:d2:b1:f3:52:0c:89:db:a8:69:a8:a2:fa:06: 9e:46:17:a1:5c:62:19:9c:80:de:4d:1f:54:4f:b7:58:4e:f5: 3b:0c:8f:99:ce:e0:ca:5f:b5:56:27:e1:a9:16:2a:5c:4d:2a: 30:3d:49:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JFODkxMTAvBgNVBAUTKDgwNTJENzg5MTg4NTM4ODgzNEJDM0Q2OENFQjIxQzk2 Rjc2MjVFNjcwHhcNMjQwNDMwMTYzMzMzWhcNMjQwNTA3MTYzMzMzWjAYMRYwFAYD VQQDEw02NjMxMWQ1ZC02ZjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxXOrjloL8wrM85nRQW+a1gYXRB0WHUS3VIuKKz0yGQFYDU+iBxBRFLb/hDiv ZfA3Bi1OcIwQ6lj1fh5euEviYdGWZl/oxjRcA9HJpTus7ZHYDxqRcMTPGP6228Fc El+rSKKNrKHYL1kCjEvT6zqrNHjgfHEnmkLjZPZXu2bG5ZNv6eFA1sipGjFB71xk G2EGCr/4Zk/oJQsIRKzOLX9UwmraFP64XEeBDKl9yYC7pLoBPD5A8GeTNtreQwO+ PjZT2yMpnFmWM1PKgEorUMP8d9ix1ycUFi/T2n5LKvhEUp58shWlwOrudnetjXVv ZbheGROoccpozjjFRn/Oi5vWFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLluYitZ iJ8PTcYrBH88MxSssmszMB8GA1UdIwQYMBaAFIBS14kYhTiINLw9aM6yHJb3Yl5n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkU4OS9GMjcyNkExODc2 M0MxMUU2QjAxRTA4NTlDNEY5QUUwMi9nRkxYaVJpRk9JZzB2RDFvenJJY2x2ZGlY bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dGTFhpUmlGT0lnMHZEMW96ckljbHZkaVhtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QkU4OS9GMjcyNkExODc2M0MxMUU2QjAxRTA4NTlDNEY5QUUwMi9nRkxYaVJpRk9J ZzB2RDFvenJJY2x2ZGlYbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbxtddjOohTZnObxZ5Tib8RcbvrgtlwT3kNKEo5kq5KIbllHGPLswz Jy5OtMACZORykz3PIi7ZTJ3w3CdHRbmvmorc+FbuygNw4LJR0Wtpm1rXViiCwayN VymzMQpcWY++UUP5VOptGMv/ukr/4+IQ6sBNhZv5M6qwvDsX68LcDwdCoiFEdKuQ N5NSHC439XmBcA1tOFouCCoPhaXvqH1iMgLH7lYjl1vofCC6NcreclejiI/A65Cj 3wJohjVJV/wTo3BbRGnGh2Y7ktKx81IMiduoaaii+gaeRhehXGIZnIDeTR9UT7dY TvU7DI+ZzuDKX7VWJ+GpFipcTSowPUl8 -----END CERTIFICATE-----Generated at Tue Apr 30 18:57:40 2024 by rpki-client on console-fra.rpki-client.org