$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft File: XDZbFzHKfOfbgd1XEwvU1kMBm14.mft (raw, json) Hash identifier: AnTsYY6xP+zkI1f77b4AracyB+3TvP/RNm3R8/jq3RE= Subject key identifier: 30:6A:63:3D:E3:6B:6B:2D:C0:F4:73:0D:56:2E:34:90:75:E8:02:98 Authority key identifier: 5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E Certificate issuer: /CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Certificate serial: 049A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft Manifest number: 0494 Signing time: Tue 07 May 2024 01:36:15 +0000 Manifest this update: Tue 07 May 2024 01:36:15 +0000 Manifest next update: Tue 14 May 2024 01:36:14 +0000 Files and hashes: 1: XDZbFzHKfOfbgd1XEwvU1kMBm14.crl (hash: 22M7KD1Nsq1gbK1iZVwAaGJ9ehOr2To/bKLYVrKB+R4=) 2: 8E90AA02EB0B11EBA0B6DD84C4F9AE02.roa (hash: cGA0ZQAQhZrC4mXNbZRUDuLhz5+stSxu/w+9xlh0ErM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 May 2024 01:36:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1178 (0x49a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28EB/serialNumber=5C365B1731CA7CE7DB81DD57130BD4D643019B5E Validity Not Before: May 7 01:36:15 2024 GMT Not After : May 14 01:36:14 2024 GMT Subject: CN=6639858f-b230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:17:42:6f:87:88:97:73:0e:1c:06:b8:3f:c3: 19:c7:48:39:87:fb:36:0e:a7:dd:b8:09:bd:86:d8: a7:d1:ee:ee:df:96:5f:9d:16:f1:df:2f:78:8f:5e: 56:1e:2f:32:d6:fb:74:8d:86:ea:96:fc:3f:47:da: 42:a2:de:84:a7:6a:ee:1b:5c:a8:d0:40:50:d2:6a: f9:23:0a:76:3d:a7:40:98:01:1d:26:cb:cd:0a:a0: 5e:b9:b8:11:ac:bb:b2:71:e7:82:db:db:fd:38:28: 14:65:41:1e:7d:01:1a:4f:14:b3:10:7f:82:54:f7: 2a:06:53:50:7b:74:88:06:84:ec:7a:1a:dc:f6:14: b7:d2:59:a2:08:5c:3e:c4:c4:67:c4:68:f4:b6:e6: e9:0e:3d:d7:76:5c:f8:88:0a:31:e9:73:9a:c1:6b: 25:21:79:4e:dc:22:5a:c3:f0:fa:4b:8a:f4:e3:54: 7f:ed:3f:08:40:87:f1:76:3b:e5:24:1d:2b:65:31: 75:17:aa:b4:88:ba:16:5b:63:a8:50:37:c5:18:de: 27:90:e1:df:32:e1:fc:21:8b:28:2c:44:ea:bb:aa: 89:22:7e:9d:46:b3:da:84:74:a1:a4:27:36:c4:fc: eb:e9:6f:1e:b4:63:bb:6a:61:a6:9d:41:97:d9:60: 39:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:6A:63:3D:E3:6B:6B:2D:C0:F4:73:0D:56:2E:34:90:75:E8:02:98 X509v3 Authority Key Identifier: keyid:5C:36:5B:17:31:CA:7C:E7:DB:81:DD:57:13:0B:D4:D6:43:01:9B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDZbFzHKfOfbgd1XEwvU1kMBm14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28EB/77148AC6EB0911EB9C759180C4F9AE02/XDZbFzHKfOfbgd1XEwvU1kMBm14.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:fc:86:30:e1:f7:8d:78:f3:9e:64:aa:34:4d:6a:2c:f7:7a: 66:9c:52:93:8e:2b:78:99:5b:f4:ed:fb:71:5a:49:94:54:e9: ae:27:a3:b0:d1:e9:24:1f:ae:24:0d:9b:c0:33:34:75:ae:60: 4f:84:8b:ca:34:46:51:6c:f0:84:68:60:9a:73:58:aa:f1:cd: 76:de:c8:17:c9:fd:b8:6d:fb:93:1e:d0:f4:f5:3b:8c:fc:eb: 66:7f:f5:05:f2:f1:0c:39:dc:2a:d7:74:73:68:7b:cf:05:12: a0:9f:8d:1b:1b:91:88:b8:66:8f:ab:51:ae:50:dc:64:5c:6b: c2:fe:ae:fa:83:42:23:ff:ec:5e:8f:02:73:d1:a3:e3:01:29: dd:15:37:07:91:53:52:db:2d:17:1d:4d:7b:53:2e:c6:43:3f: 59:9e:72:5b:74:e3:1c:25:d2:c9:92:6b:77:8c:c2:e2:e3:8b: 03:e7:28:ce:9d:69:26:bb:13:89:68:3a:40:60:f6:a0:fb:a7: ef:a5:24:fd:46:aa:de:b0:4f:e2:60:a2:f1:cd:2a:b9:fb:62: 11:8e:ba:54:cf:63:7d:59:29:ab:17:65:b5:00:30:e6:3c:8a: 2c:16:6a:a2:41:48:95:d5:94:4e:fe:da:cf:a4:0a:51:42:d1: 55:95:cf:fa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RUIxMTAvBgNVBAUTKDVDMzY1QjE3MzFDQTdDRTdEQjgxREQ1NzEzMEJENEQ2 NDMwMTlCNUUwHhcNMjQwNTA3MDEzNjE1WhcNMjQwNTE0MDEzNjE0WjAYMRYwFAYD VQQDEw02NjM5ODU4Zi1iMjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxRdCb4eIl3MOHAa4P8MZx0g5h/s2DqfduAm9htin0e7u35ZfnRbx3y94j15W Hi8y1vt0jYbqlvw/R9pCot6Ep2ruG1yo0EBQ0mr5Iwp2PadAmAEdJsvNCqBeubgR rLuyceeC29v9OCgUZUEefQEaTxSzEH+CVPcqBlNQe3SIBoTsehrc9hS30lmiCFw+ xMRnxGj0tubpDj3Xdlz4iAox6XOawWslIXlO3CJaw/D6S4r041R/7T8IQIfxdjvl JB0rZTF1F6q0iLoWW2OoUDfFGN4nkOHfMuH8IYsoLETqu6qJIn6dRrPahHShpCc2 xPzr6W8etGO7amGmnUGX2WA59wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDBqYz3j a2stwPRzDVYuNJB16AKYMB8GA1UdIwQYMBaAFFw2Wxcxynzn24HdVxML1NZDAZte MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFQi83NzE0OEFDNkVC MDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZPZmJnZDFYRXd2VTFrTUJt MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEWmJGekhLZk9mYmdkMVhFd3ZVMWtNQm0xNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjhFQi83NzE0OEFDNkVCMDkxMUVCOUM3NTkxODBDNEY5QUUwMi9YRFpiRnpIS2ZP ZmJnZDFYRXd2VTFrTUJtMTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAW/IYw4feNePOeZKo0TWos93pmnFKTjit4mVv07ftxWkmUVOmuJ6Ow 0ekkH64kDZvAMzR1rmBPhIvKNEZRbPCEaGCac1iq8c123sgXyf24bfuTHtD09TuM /Otmf/UF8vEMOdwq13RzaHvPBRKgn40bG5GIuGaPq1GuUNxkXGvC/q76g0Ij/+xe jwJz0aPjASndFTcHkVNS2y0XHU17Uy7GQz9ZnnJbdOMcJdLJkmt3jMLi44sD5yjO nWkmuxOJaDpAYPag+6fvpST9RqresE/iYKLxzSq5+2IRjrpUz2N9WSmrF2W1ADDm PIosFmqiQUiV1ZRO/trPpApRQtFVlc/6 -----END CERTIFICATE-----Generated at Tue May 7 03:12:23 2024 by rpki-client on console-fra.rpki-client.org