$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: KySrGXy4arlecdC8FI33CeGdQGfGl4gvQFhXoG3rC68= Subject key identifier: 8C:58:DC:65:03:67:42:CC:8F:0D:E1:2B:FB:62:D5:B9:4D:90:B9:09 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0C83 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0C66 Signing time: Thu 02 May 2024 18:59:58 +0000 Manifest this update: Thu 02 May 2024 18:59:58 +0000 Manifest next update: Thu 09 May 2024 18:59:58 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: zvwmjbAl++3/q8aLvnu/IMfTy/PO3lYcIdDfcrQC5vA=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: 2FP7e7gw78ziNTwpgl6+p7JSr0SareWjNhn+aYnzAJs=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: QsGXNJhyly1Cy0cu8F4jtfSmyRJHgjGfwS+cLqakTAo=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: TDYDydBX1PxrqDWmEJLGeZLYBXFUNq2KeD+oxooLvK4=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: BVKfghQ7tAg6bhpCne7JUjhk+MWk1O2HwLOjb+QyPOc=) 6: 4CD3C8DC14D011EA93366A85C4F9AE02.roa (hash: XB2QXLLzdZtLLUf24MhxFCrf2t9zzRGffOxjlSP+z00=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 18:55:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3203 (0xc83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: May 2 18:59:58 2024 GMT Not After : May 9 18:59:58 2024 GMT Subject: CN=6633e2ae-eaed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:85:57:6d:05:34:a1:af:64:eb:eb:a1:e7:60: 28:62:7b:e2:fe:ac:e0:ad:37:c0:94:7c:2f:42:e1: 4e:ad:72:69:2d:ab:d8:29:29:3f:ab:e7:2e:08:55: 5d:89:ec:70:bc:1f:57:d2:c7:e1:fa:20:a7:0d:8f: e6:82:15:bc:8d:ec:99:e5:61:9c:2e:31:ab:2d:aa: 37:fb:e4:d2:c6:c2:58:1a:45:8c:af:f8:7f:43:56: c0:57:75:8d:72:3c:05:c1:19:cf:81:11:4d:d9:1e: d7:6d:f7:a9:ed:e9:d1:98:a4:a8:26:35:91:3d:17: 2f:ef:af:6e:04:47:9f:18:42:41:3f:94:f0:2f:d8: 41:ed:3a:17:dd:19:6e:4c:4d:7a:e9:b0:09:7f:69: 90:dc:e3:e9:65:03:95:e0:91:de:8c:cf:29:3b:9e: e6:7e:a0:57:2d:5a:f3:17:30:c0:3b:6c:4c:0c:96: f7:08:5d:a0:6d:ef:29:4e:1f:96:6d:0b:ca:5e:ba: e8:9f:7b:a2:96:0b:a0:29:94:b6:d3:2f:1c:4d:9c: 19:54:95:e6:c2:e6:d8:b4:2d:da:b6:b6:64:1e:47: 9f:84:3d:1f:e6:0b:c0:4e:fe:d6:64:45:6d:c6:38: 0c:23:54:58:65:73:5c:78:67:b0:9f:a0:77:63:9f: 68:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:58:DC:65:03:67:42:CC:8F:0D:E1:2B:FB:62:D5:B9:4D:90:B9:09 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:93:38:fd:9f:d0:73:2b:80:0c:79:31:81:28:aa:d9:53:7e: a5:23:d7:db:41:3c:68:9d:d0:0b:51:15:8f:aa:31:f3:17:41: c6:a8:42:3d:bb:8b:ef:66:10:ed:6b:be:f4:99:f7:1a:64:58: ae:04:db:61:40:7b:90:c4:86:26:7f:d2:f1:4a:f0:f0:8f:7e: 58:e9:87:44:82:65:19:e9:71:a6:17:b3:46:00:ca:5b:82:87: 14:b7:e3:86:cf:55:a6:65:41:2b:09:cd:87:90:ac:ff:b5:89: be:71:7d:0b:b6:2a:ab:9c:0a:b6:7b:f3:60:0b:05:e5:92:43: ec:b5:44:fc:68:5e:07:c9:68:a4:a3:f1:d2:c9:5a:b2:7d:42: 40:e6:4c:d2:15:85:25:10:0a:b3:73:e5:59:60:ec:3b:b9:06: b2:61:23:3e:84:cb:39:47:70:89:07:2a:b0:d1:70:d5:55:d2: 1a:68:46:44:7d:ff:4a:8a:1f:61:77:3f:ca:2b:a7:57:4b:64: 81:23:a1:6b:31:c5:5f:91:a4:c9:1e:ba:c2:4e:89:13:01:8d: 61:d8:0b:6e:72:a4:55:9a:85:56:2a:20:62:a1:8c:ca:3c:a7: 8b:66:73:a0:4d:ac:36:20:e7:e4:73:81:63:29:1f:d1:1f:00: e4:a7:33:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjQwNTAyMTg1OTU4WhcNMjQwNTA5MTg1OTU4WjAYMRYwFAYD VQQDEw02NjMzZTJhZS1lYWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp4VXbQU0oa9k6+uh52AoYnvi/qzgrTfAlHwvQuFOrXJpLavYKSk/q+cuCFVd iexwvB9X0sfh+iCnDY/mghW8jeyZ5WGcLjGrLao3++TSxsJYGkWMr/h/Q1bAV3WN cjwFwRnPgRFN2R7Xbfep7enRmKSoJjWRPRcv769uBEefGEJBP5TwL9hB7ToX3Rlu TE166bAJf2mQ3OPpZQOV4JHejM8pO57mfqBXLVrzFzDAO2xMDJb3CF2gbe8pTh+W bQvKXrron3uilgugKZS20y8cTZwZVJXmwubYtC3atrZkHkefhD0f5gvATv7WZEVt xjgMI1RYZXNceGewn6B3Y59onQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIxY3GUD Z0LMjw3hK/ti1blNkLkJMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAEkzj9n9BzK4AMeTGBKKrZU36lI9fbQTxondALURWPqjHzF0HGqEI9 u4vvZhDta770mfcaZFiuBNthQHuQxIYmf9LxSvDwj35Y6YdEgmUZ6XGmF7NGAMpb gocUt+OGz1WmZUErCc2HkKz/tYm+cX0LtiqrnAq2e/NgCwXlkkPstUT8aF4HyWik o/HSyVqyfUJA5kzSFYUlEAqzc+VZYOw7uQayYSM+hMs5R3CJByqw0XDVVdIaaEZE ff9Kih9hdz/KK6dXS2SBI6FrMcVfkaTJHrrCTokTAY1h2AtucqRVmoVWKiBioYzK PKeLZnOgTaw2IOfkc4FjKR/RHwDkpzO3 -----END CERTIFICATE-----Generated at Thu May 2 20:50:36 2024 by rpki-client on console-fra.rpki-client.org