$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft File: hrHxHRgdpsydsDI95DvJbFkJZeE.mft (raw, json) Hash identifier: qfIvVe2B1TzyP7EKEROyGWO0UVQASFYo7SDB2Yz6ciw= Subject key identifier: AB:9A:11:69:E6:F7:44:B2:EA:44:D3:3A:D9:35:1F:DA:C4:C5:0B:FB Authority key identifier: 86:B1:F1:1D:18:1D:A6:CC:9D:B0:32:3D:E4:3B:C9:6C:59:09:65:E1 Certificate issuer: /CN=A91CBFCF/serialNumber=86B1F11D181DA6CC9DB0323DE43BC96C590965E1 Certificate serial: 0AEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrHxHRgdpsydsDI95DvJbFkJZeE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft Manifest number: 0AE0 Signing time: Tue 30 Apr 2024 20:23:23 +0000 Manifest this update: Tue 30 Apr 2024 20:23:22 +0000 Manifest next update: Tue 07 May 2024 20:23:22 +0000 Files and hashes: 1: hrHxHRgdpsydsDI95DvJbFkJZeE.crl (hash: t7f6LVZ1te6A1XSiFyZc8LQMhFZNKmLCci1UIN0xkIs=) 2: C41D0390EA9611EEA68A3A1DC4F9AE02.roa (hash: 5i93kRFt15g1HXOZqcCTfVRBgr0xgYI+radWhnpC7c0=) 3: BF21F788EC5811EEB4293455C4F9AE02.roa (hash: a1JRhaeXn2WFPrwLiqmndenyLacpnioyFrrd1MH8M2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.crl rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrHxHRgdpsydsDI95DvJbFkJZeE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 20:23:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2796 (0xaec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CBFCF/serialNumber=86B1F11D181DA6CC9DB0323DE43BC96C590965E1 Validity Not Before: Apr 30 20:23:22 2024 GMT Not After : May 7 20:23:22 2024 GMT Subject: CN=6631533b-a9ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9b:f8:e2:c5:f1:ba:1b:11:79:62:bb:84:58: 09:1e:b5:a2:0c:fd:9d:34:71:51:2a:ad:fc:67:59: 4a:36:c5:15:3a:2a:6a:44:eb:25:11:89:ba:37:1a: d4:36:92:43:08:a8:15:b1:7e:24:d4:b4:3c:51:f7: 03:c5:4f:af:f0:11:8b:ff:9a:eb:0e:cc:bf:47:01: 61:bd:a8:ca:51:24:c0:d9:f8:96:07:38:18:eb:e4: 77:47:5f:fb:d3:44:be:b6:48:71:2f:e7:82:7b:4f: 25:f9:02:17:c7:2c:7e:fe:38:b5:f4:33:f0:6b:02: 19:13:ec:a3:e4:3d:9b:a5:40:87:87:69:6c:01:70: 2b:08:7c:b4:10:53:af:4a:29:c3:97:ab:f1:81:c5: 47:fd:0c:cd:27:20:49:78:9f:bf:b6:29:5e:31:6d: 77:a0:7e:40:f7:ac:16:74:08:10:ee:0a:3d:04:19: f0:25:e7:65:7e:89:ef:c6:02:be:5d:93:3f:e3:00: 59:bb:3c:72:3c:9c:ec:02:1b:9f:a2:97:2c:99:5e: c4:fa:5a:09:38:9f:9f:2f:5e:b6:39:6a:a8:27:8f: ca:b5:1d:1e:3e:2f:d0:7c:9a:9f:e1:92:e4:29:d2: c1:7b:4a:3f:63:e3:d2:5a:6d:04:53:ef:19:c3:79: 8b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:9A:11:69:E6:F7:44:B2:EA:44:D3:3A:D9:35:1F:DA:C4:C5:0B:FB X509v3 Authority Key Identifier: keyid:86:B1:F1:1D:18:1D:A6:CC:9D:B0:32:3D:E4:3B:C9:6C:59:09:65:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrHxHRgdpsydsDI95DvJbFkJZeE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:13:48:a7:c4:3b:3f:6b:c4:55:9e:62:4e:10:af:7c:fd:29: c6:72:8b:c6:a0:f0:94:e0:3a:fd:7d:09:55:7b:b6:57:c0:0f: ef:4c:27:7e:d7:bb:fc:65:09:d8:3a:92:69:5d:e7:7e:61:ba: 9f:ef:a6:54:34:c7:29:e8:ec:bf:54:ac:c8:b4:1f:c9:6c:0e: b3:8a:fa:31:ff:bf:2d:5c:ab:34:5d:1b:fd:fa:9f:3d:50:82: 23:2c:5f:18:88:65:89:62:27:37:be:37:80:a9:85:5f:74:c8: f9:e4:dd:c4:a7:79:7d:33:7e:bb:26:0c:26:47:f5:73:7a:f8: 78:f2:8e:b9:65:2d:60:d0:96:4a:d2:47:0e:5a:68:ee:37:7c: 32:8e:bd:1e:b5:8d:62:7d:4a:27:ea:75:99:1e:b6:ea:97:9c: f3:d6:00:72:5f:83:21:c4:d3:bc:ba:1a:c6:b6:8b:37:4e:64: 68:43:8f:89:17:85:59:73:c7:66:ef:1a:b4:97:2f:79:a2:6f: 24:eb:c3:ef:07:2c:96:67:18:95:87:79:6f:fa:56:8e:8e:00: f3:9b:53:80:65:8a:53:ad:ba:26:b6:b9:8d:6a:ed:db:fd:40: bf:4d:4c:56:57:92:50:4b:b6:1d:b0:f2:e9:26:90:54:19:16: 0c:19:43:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0JGQ0YxMTAvBgNVBAUTKDg2QjFGMTFEMTgxREE2Q0M5REIwMzIzREU0M0JDOTZD NTkwOTY1RTEwHhcNMjQwNDMwMjAyMzIyWhcNMjQwNTA3MjAyMzIyWjAYMRYwFAYD VQQDEw02NjMxNTMzYi1hOWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAypv44sXxuhsReWK7hFgJHrWiDP2dNHFRKq38Z1lKNsUVOipqROslEYm6NxrU NpJDCKgVsX4k1LQ8UfcDxU+v8BGL/5rrDsy/RwFhvajKUSTA2fiWBzgY6+R3R1/7 00S+tkhxL+eCe08l+QIXxyx+/ji19DPwawIZE+yj5D2bpUCHh2lsAXArCHy0EFOv SinDl6vxgcVH/QzNJyBJeJ+/tileMW13oH5A96wWdAgQ7go9BBnwJedlfonvxgK+ XZM/4wBZuzxyPJzsAhufopcsmV7E+loJOJ+fL162OWqoJ4/KtR0ePi/QfJqf4ZLk KdLBe0o/Y+PSWm0EU+8Zw3mL+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKuaEWnm 90Sy6kTTOtk1H9rExQv7MB8GA1UdIwQYMBaAFIax8R0YHabMnbAyPeQ7yWxZCWXh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkZDRi85NTYzOUJGMDI0 OEQxMUVBQURBMjA1NEVDNEY5QUUwMi9ockh4SFJnZHBzeWRzREk5NUR2SmJGa0pa ZUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hySHhIUmdkcHN5ZHNESTk1RHZKYkZrSlplRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QkZDRi85NTYzOUJGMDI0OEQxMUVBQURBMjA1NEVDNEY5QUUwMi9ockh4SFJnZHBz eWRzREk5NUR2SmJGa0paZUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC1E0inxDs/a8RVnmJOEK98/SnGcovGoPCU4Dr9fQlVe7ZXwA/vTCd+ 17v8ZQnYOpJpXed+Ybqf76ZUNMcp6Oy/VKzItB/JbA6zivox/78tXKs0XRv9+p89 UIIjLF8YiGWJYic3vjeAqYVfdMj55N3Ep3l9M367JgwmR/Vzevh48o65ZS1g0JZK 0kcOWmjuN3wyjr0etY1ifUon6nWZHrbql5zz1gByX4MhxNO8uhrGtos3TmRoQ4+J F4VZc8dm7xq0ly95om8k68PvByyWZxiVh3lv+laOjgDzm1OAZYpTrbomtrmNau3b /UC/TUxWV5JQS7YdsPLpJpBUGRYMGUPu -----END CERTIFICATE-----Generated at Tue Apr 30 21:59:07 2024 by rpki-client on console-ams.rpki-client.org