$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft File: XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft (raw, json) Hash identifier: vF7MAAa4inE1teAWoz5qL8y5j6vRMxn1dCJldS76BTM= Subject key identifier: BB:33:02:11:BA:85:F8:F9:80:7D:15:62:F9:B5:EC:98:10:C0:DC:4A Authority key identifier: 5D:5F:61:90:21:5D:FF:0A:C3:54:32:BC:3A:52:A0:8B:D3:41:B7:00 Certificate issuer: /CN=A91D28E1/serialNumber=5D5F6190215DFF0AC35432BC3A52A08BD341B700 Certificate serial: 53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft Manifest number: 51 Signing time: Wed 15 May 2024 08:02:11 +0000 Manifest this update: Wed 15 May 2024 08:02:10 +0000 Manifest next update: Wed 22 May 2024 08:02:10 +0000 Files and hashes: 1: XV9hkCFd_wrDVDK8OlKgi9NBtwA.crl (hash: LxCmmHg25Wpnhrl7lhVMOlPMAAdTT6aqeYdFMqiZqNs=) 2: 0A576F089A4C11EEBD557E12C4F9AE02.roa (hash: t+gLjWKuMmtai3i+isqz9fnXY+98bRxTkq694uOYDEM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.crl rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 08:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28E1/serialNumber=5D5F6190215DFF0AC35432BC3A52A08BD341B700 Validity Not Before: May 15 08:02:10 2024 GMT Not After : May 22 08:02:10 2024 GMT Subject: CN=66446c02-1c52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d7:70:12:22:74:52:ba:07:c2:e2:e1:d5:40: e3:aa:b1:2d:5a:07:e0:09:15:46:db:95:12:f3:97: 89:61:fb:bd:dc:ef:3c:48:63:d9:1d:bb:d0:b7:21: 13:67:4b:66:84:68:ea:50:43:b8:f4:e2:2f:ae:fa: 19:b3:9b:b6:fb:59:6a:e2:88:8d:8f:fb:88:6d:a7: 93:e5:2b:a7:85:aa:12:a8:ba:d5:e9:09:f8:11:8a: 72:d0:b8:d6:ec:71:94:2b:9c:9e:c5:3a:0f:56:3c: 7b:4e:f2:9b:7b:d7:49:ef:6f:6b:f6:d4:5d:78:c6: 37:65:2a:8f:c9:ff:f6:70:18:b2:5a:59:16:74:b8: 41:01:9e:01:53:d9:23:d3:40:75:10:d2:30:d6:5c: 22:9c:3e:3c:b7:cd:4e:f4:fe:92:00:fd:01:14:2a: 7f:d3:21:74:67:b9:31:60:e6:d4:bf:aa:c2:2c:41: 9c:1a:59:04:b5:39:aa:45:04:e0:c9:b0:1b:e0:6b: 48:81:3b:32:55:11:57:1e:74:41:cb:3d:db:54:2b: 55:2d:13:95:de:46:2c:fc:0f:4d:e5:c7:fd:e6:2e: a2:a5:f8:80:82:b8:d3:46:a8:90:a1:29:a2:b3:9f: 76:36:e7:d4:9a:f4:6e:be:4f:6e:37:fe:3a:8a:6f: 19:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:33:02:11:BA:85:F8:F9:80:7D:15:62:F9:B5:EC:98:10:C0:DC:4A X509v3 Authority Key Identifier: keyid:5D:5F:61:90:21:5D:FF:0A:C3:54:32:BC:3A:52:A0:8B:D3:41:B7:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:b8:04:ae:fa:37:76:3d:cb:c7:02:12:3d:7d:57:bc:c2:63: 74:f4:38:0b:1c:7c:63:b2:46:76:36:ed:c9:e2:4c:2b:c1:5a: 59:18:b8:f2:f4:21:ae:00:0f:42:31:79:14:53:34:97:4a:94: 2d:b5:cc:86:8e:c4:db:9b:10:f0:dd:6f:27:a2:68:52:e1:cd: ec:84:f3:98:6e:c2:a5:35:ec:65:a1:da:c4:de:84:15:6e:77: d3:23:1b:ff:d3:de:5b:8c:2f:9c:74:3a:4d:cc:5f:d9:dd:24: f2:3c:e9:45:2c:be:ac:b9:6b:25:71:08:2d:c8:59:b5:6b:59: 5f:72:13:51:81:a6:97:18:d3:cd:3f:06:90:07:ad:d4:89:4d: 9c:cc:ca:a1:64:d4:89:80:5f:ae:a1:31:9d:dd:4a:95:20:a8: ef:58:62:29:3c:e7:19:bd:96:4d:db:49:e9:d9:da:cd:29:d1: 54:52:f6:df:5c:71:e6:c7:f1:38:01:5c:fb:77:5a:b6:c6:0a: 9e:7a:8f:82:75:8b:16:2b:fe:4f:f3:05:4a:2e:3f:55:2a:c8: 77:5f:f8:ba:e6:9c:73:b6:61:38:14:57:9f:43:a3:66:7f:41: b3:b8:01:8e:0b:3a:ec:ae:1f:35:74:b4:28:d2:17:da:ae:0d: 01:66:02:71 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MjhFMTExMC8GA1UEBRMoNUQ1RjYxOTAyMTVERkYwQUMzNTQzMkJDM0E1MkEwOEJE MzQxQjcwMDAeFw0yNDA1MTUwODAyMTBaFw0yNDA1MjIwODAyMTBaMBgxFjAUBgNV BAMTDTY2NDQ2YzAyLTFjNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDb13ASInRSugfC4uHVQOOqsS1aB+AJFUbblRLzl4lh+73c7zxIY9kdu9C3IRNn S2aEaOpQQ7j04i+u+hmzm7b7WWriiI2P+4htp5PlK6eFqhKoutXpCfgRinLQuNbs cZQrnJ7FOg9WPHtO8pt710nvb2v21F14xjdlKo/J//ZwGLJaWRZ0uEEBngFT2SPT QHUQ0jDWXCKcPjy3zU70/pIA/QEUKn/TIXRnuTFg5tS/qsIsQZwaWQS1OapFBODJ sBvga0iBOzJVEVcedEHLPdtUK1UtE5XeRiz8D03lx/3mLqKl+ICCuNNGqJChKaKz n3Y259Sa9G6+T243/jqKbxk9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUuzMCEbqF +PmAfRVi+bXsmBDA3EowHwYDVR0jBBgwFoAUXV9hkCFd/wrDVDK8OlKgi9NBtwAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyOEUxL0JCRTNENDNBOUE0 OTExRUU5MDkyRTA3MEM0RjlBRTAyL1hWOWhrQ0ZkX3dyRFZESzhPbEtnaTlOQnR3 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWFY5aGtDRmRfd3JEVkRLOE9sS2dpOU5CdHdBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQy OEUxL0JCRTNENDNBOUE0OTExRUU5MDkyRTA3MEM0RjlBRTAyL1hWOWhrQ0ZkX3dy RFZESzhPbEtnaTlOQnR3QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAI+4BK76N3Y9y8cCEj19V7zCY3T0OAscfGOyRnY27cniTCvBWlkYuPL0 Ia4AD0IxeRRTNJdKlC21zIaOxNubEPDdbyeiaFLhzeyE85huwqU17GWh2sTehBVu d9MjG//T3luML5x0Ok3MX9ndJPI86UUsvqy5ayVxCC3IWbVrWV9yE1GBppcY080/ BpAHrdSJTZzMyqFk1ImAX66hMZ3dSpUgqO9YYik85xm9lk3bSenZ2s0p0VRS9t9c cebH8TgBXPt3WrbGCp56j4J1ixYr/k/zBUouP1UqyHdf+LrmnHO2YTgUV59Do2Z/ QbO4AY4LOuyuHzV0tCjSF9quDQFmAnE= -----END CERTIFICATE-----Generated at Wed May 15 09:04:45 2024 by rpki-client on console-ams.rpki-client.org