$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft File: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft (raw, json) Hash identifier: 6GF++wPnT5jVY/5Y5a0WcR9UD+2tU8S0lXf9mjzYzQ4= Subject key identifier: 40:9F:3E:69:AF:53:BF:3D:66:44:19:EF:2B:6D:5C:72:11:10:F4:F5 Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2D0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft Manifest number: 2CF6 Signing time: Sat 04 May 2024 15:48:13 +0000 Manifest this update: Sat 04 May 2024 15:48:12 +0000 Manifest next update: Sat 11 May 2024 15:48:12 +0000 Files and hashes: 1: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl (hash: 5kBzCM5qWYfUQMx9u3vSTATybwNAixnLnQwwRDbLF2A=) 2: 611D8094B13D11E59299870AC4F9AE02.roa (hash: 3yLI1G9CDO88xmuEKu7WMAe/TJefaC7wumODSumchPk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 15:48:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11533 (0x2d0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: May 4 15:48:12 2024 GMT Not After : May 11 15:48:12 2024 GMT Subject: CN=663658bc-3a58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:5d:75:0c:ba:17:f2:7e:89:08:ac:8b:ad:33: aa:5f:13:b9:a2:b1:63:2f:3b:bb:c0:fe:64:b5:83: 5f:ff:39:48:e7:a2:d0:0d:d7:fc:cf:a5:18:05:4e: 17:71:18:e7:54:57:68:4c:19:94:6d:27:81:0f:c8: 82:80:0e:da:c1:a7:af:05:54:08:00:be:e6:46:25: ff:ea:65:82:88:b9:3f:1e:51:d2:ad:45:e6:ce:2d: 57:d6:e6:ae:15:e7:43:2d:af:6a:1a:a9:ae:80:5c: 96:2e:07:dc:fe:3c:1f:ec:e5:e9:b5:48:30:90:43: f6:ac:54:a0:d6:20:c6:05:c0:be:42:51:9e:5b:e7: 31:09:23:19:30:36:96:31:56:1a:d3:1c:e3:8c:66: c0:69:dc:e8:a1:6c:65:07:13:f6:13:6c:d7:c2:9f: 46:e4:5a:20:33:58:0d:a4:00:cd:fb:95:6b:03:da: db:a7:0f:6f:da:d9:ca:f5:5e:50:a2:f9:67:3c:64: ad:a5:d6:92:3f:17:5f:f6:37:37:75:dd:58:c9:cc: 3e:c5:7d:1c:bb:16:ee:04:0b:26:70:cd:2f:89:20: 01:cc:4a:22:83:37:6b:08:06:0c:d7:b0:7a:64:25: 2b:23:d0:d5:95:0c:03:bb:70:7a:55:58:71:df:91: 69:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9F:3E:69:AF:53:BF:3D:66:44:19:EF:2B:6D:5C:72:11:10:F4:F5 X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:76:6b:41:48:55:d9:07:34:fc:de:71:46:42:bc:24:26:64: 43:82:eb:17:f9:29:a8:2b:77:48:17:c1:a2:a2:f4:67:c2:11: d5:9d:76:6d:02:26:aa:6a:7b:9a:f9:a5:1d:dc:19:4d:19:63: 2e:81:de:f0:ce:0f:18:8c:d3:b1:25:1d:1e:7d:c6:92:1e:93: 1a:79:b4:1f:70:2e:d2:e3:0f:d6:7a:59:9e:9b:47:f6:f5:9c: 72:8f:b5:9c:d3:7a:70:57:33:b2:38:c5:0d:6b:89:42:e6:43: 23:4e:71:b7:90:07:fd:6f:55:01:66:bf:d3:5f:ff:b9:04:1d: 55:d2:2c:6c:fb:0d:5d:8a:df:b0:c6:3b:12:fb:8b:f7:5a:26: 5c:72:2a:3e:d4:ea:c1:7b:27:22:e1:0e:27:11:8b:83:34:e6: d5:0c:29:e7:ed:e3:81:07:b5:f0:40:2c:46:8e:4d:a2:d9:af: ac:10:25:21:29:66:d2:d4:3a:5b:df:bd:39:05:85:e5:95:5a: 0c:f9:29:07:ee:74:26:2d:55:22:ca:3a:c7:fa:e4:70:2c:91: 9b:79:64:4f:89:06:c0:3e:c1:f4:ce:14:0a:6a:90:97:a8:b4: a0:9c:9d:bc:83:16:70:00:4d:1a:fd:8e:15:a4:97:55:15:97: a9:e1:35:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLQ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjQwNTA0MTU0ODEyWhcNMjQwNTExMTU0ODEyWjAYMRYwFAYD VQQDEw02NjM2NThiYy0zYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2V11DLoX8n6JCKyLrTOqXxO5orFjLzu7wP5ktYNf/zlI56LQDdf8z6UYBU4X cRjnVFdoTBmUbSeBD8iCgA7awaevBVQIAL7mRiX/6mWCiLk/HlHSrUXmzi1X1uau FedDLa9qGqmugFyWLgfc/jwf7OXptUgwkEP2rFSg1iDGBcC+QlGeW+cxCSMZMDaW MVYa0xzjjGbAadzooWxlBxP2E2zXwp9G5FogM1gNpADN+5VrA9rbpw9v2tnK9V5Q ovlnPGStpdaSPxdf9jc3dd1Yycw+xX0cuxbuBAsmcM0viSABzEoigzdrCAYM17B6 ZCUrI9DVlQwDu3B6VVhx35FpNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFECfPmmv U789ZkQZ7yttXHIREPT1MB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzEwMi9ENEFFRTJDODc2OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhN UURxUDhpcEZPOG9hTzZiTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALdmtBSFXZBzT83nFGQrwkJmRDgusX+SmoK3dIF8GiovRnwhHVnXZt Aiaqanua+aUd3BlNGWMugd7wzg8YjNOxJR0efcaSHpMaebQfcC7S4w/Welmem0f2 9Zxyj7Wc03pwVzOyOMUNa4lC5kMjTnG3kAf9b1UBZr/TX/+5BB1V0ixs+w1dit+w xjsS+4v3WiZccio+1OrBeyci4Q4nEYuDNObVDCnn7eOBB7XwQCxGjk2i2a+sECUh KWbS1Dpb3705BYXllVoM+SkH7nQmLVUiyjrH+uRwLJGbeWRPiQbAPsH0zhQKapCX qLSgnJ28gxZwAE0a/Y4VpJdVFZep4TXN -----END CERTIFICATE-----Generated at Sat May 4 16:49:08 2024 by rpki-client on console-ams.rpki-client.org