$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: VIMkcCmw/+k0yGoUohv9J7Kqi/InP1hmU/24JUNd4dg= Subject key identifier: 67:73:36:EB:F8:C1:57:05:D2:74:86:B5:76:A2:51:83:BD:9B:35:78 Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 24B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 24AB Signing time: Sat 04 May 2024 16:06:23 +0000 Manifest this update: Sat 04 May 2024 16:06:23 +0000 Manifest next update: Sat 11 May 2024 16:06:23 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: 3/2b4+aUQM1ITda2IHE1iPK9osHEHSx5gt2+PNRiXes=) 2: E45046A4221011ED980A6F47C4F9AE02.roa (hash: siRPYIn9MoC3AfZ59NEY03e1lBhneCPYnMoLaBB8e1o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 16:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9394 (0x24b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: May 4 16:06:23 2024 GMT Not After : May 11 16:06:23 2024 GMT Subject: CN=66365cff-4916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:5d:f6:51:31:fe:2e:0e:7d:6a:d0:16:b2:8e: 83:ff:95:33:01:f9:ec:54:78:db:89:78:ca:a1:94: fe:be:d2:2c:a6:70:76:40:0f:89:d6:93:a7:c4:59: e4:ac:94:26:34:b5:f3:1e:77:ef:34:e7:51:8a:98: 9b:94:1b:fc:19:57:e9:12:de:30:d1:4b:d9:e8:1e: 3d:46:d6:03:48:03:29:f9:9f:19:c0:0e:aa:11:7f: 62:21:00:92:6a:20:2d:43:18:a0:fe:f4:33:b3:54: 50:05:b1:d5:00:da:8b:a8:b5:9f:ff:a5:68:6e:a8: c2:61:e8:19:9b:4a:e2:bb:e0:3e:79:e2:00:0d:9f: fd:8b:f6:6a:84:d2:fa:87:c6:b7:39:7a:03:fa:2c: d1:dc:31:0b:ff:b1:89:7d:87:87:99:3b:b4:89:70: c8:a7:ff:84:e2:5b:9b:cc:30:b9:48:49:4b:14:9f: a5:70:fd:00:1a:7d:53:79:33:22:f8:4a:7d:f0:b5: f9:e0:6a:ed:b5:3d:3a:b5:5c:83:87:fb:ca:17:39: 97:36:3b:76:0c:48:6d:03:0b:16:1a:1f:e9:14:1d: 7f:18:c6:d1:5b:26:a5:2f:43:5d:1c:60:f2:c7:cb: c1:00:4d:0d:42:45:de:76:d4:2b:73:49:32:f3:67: 98:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:73:36:EB:F8:C1:57:05:D2:74:86:B5:76:A2:51:83:BD:9B:35:78 X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:a8:97:76:17:58:1c:77:78:f2:bc:bf:58:e0:a5:aa:17:f4: f1:cc:23:a1:ba:6e:a6:27:ef:4b:1b:2a:bd:d8:c2:b6:9c:d0: 84:b3:29:37:77:1e:83:4e:5d:3a:b4:68:5b:1e:7b:43:ac:84: 61:51:22:db:e8:24:23:20:be:f0:39:73:97:7e:0b:68:f4:a8: 56:0e:51:4a:3a:39:9c:df:dc:2b:d6:7e:45:bc:bc:59:07:ad: df:cf:88:3c:b7:a2:67:73:f7:62:73:57:bf:2d:95:b7:44:10: 54:8c:d7:8f:cf:2c:bd:4e:9f:26:e1:94:ff:37:67:a4:69:14: 53:c8:e9:7f:8c:a5:b7:8e:f1:c4:c9:8e:95:38:0d:18:df:9b: c8:a7:32:41:93:5a:b9:f6:79:20:93:6f:1f:c2:b8:16:17:5e: 80:de:d9:3c:bc:fe:a6:e6:3f:40:92:5d:c6:d6:fb:01:d5:eb: 67:3a:e4:aa:bd:7b:78:c2:c2:ec:bc:95:e6:f6:e7:9d:3c:23: b2:95:8b:25:01:a1:d3:61:57:f2:5b:19:10:a0:2c:8a:40:fb: 93:25:c8:70:5f:52:06:2f:be:67:5a:93:e9:8d:60:bc:f7:7a: c7:1e:6b:5a:6b:2d:a2:a7:a3:a5:bd:80:05:10:2a:1d:ea:21: 59:eb:ae:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjQwNTA0MTYwNjIzWhcNMjQwNTExMTYwNjIzWjAYMRYwFAYD VQQDEw02NjM2NWNmZi00OTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxV32UTH+Lg59atAWso6D/5UzAfnsVHjbiXjKoZT+vtIspnB2QA+J1pOnxFnk rJQmNLXzHnfvNOdRipiblBv8GVfpEt4w0UvZ6B49RtYDSAMp+Z8ZwA6qEX9iIQCS aiAtQxig/vQzs1RQBbHVANqLqLWf/6VobqjCYegZm0riu+A+eeIADZ/9i/ZqhNL6 h8a3OXoD+izR3DEL/7GJfYeHmTu0iXDIp/+E4lubzDC5SElLFJ+lcP0AGn1TeTMi +Ep98LX54GrttT06tVyDh/vKFzmXNjt2DEhtAwsWGh/pFB1/GMbRWyalL0NdHGDy x8vBAE0NQkXedtQrc0ky82eYfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGdzNuv4 wVcF0nSGtXaiUYO9mzV4MB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3qJd2F1gcd3jyvL9Y4KWqF/TxzCOhum6mJ+9LGyq92MK2nNCEsyk3 dx6DTl06tGhbHntDrIRhUSLb6CQjIL7wOXOXfgto9KhWDlFKOjmc39wr1n5FvLxZ B63fz4g8t6Jnc/dic1e/LZW3RBBUjNePzyy9Tp8m4ZT/N2ekaRRTyOl/jKW3jvHE yY6VOA0Y35vIpzJBk1q59nkgk28fwrgWF16A3tk8vP6m5j9Akl3G1vsB1etnOuSq vXt4wsLsvJXm9uedPCOylYslAaHTYVfyWxkQoCyKQPuTJchwX1IGL75nWpPpjWC8 93rHHmtaay2ip6OlvYAFECod6iFZ666J -----END CERTIFICATE-----Generated at Sat May 4 17:19:50 2024 by rpki-client on console-fra.rpki-client.org