$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft File: y_Kp2oisCPjVEG3svXLW-gnIGOk.mft (raw, json) Hash identifier: fy8vNpVWSo5jW2AxI3SldSqDgz8v+HN+PTYlYL+TqwI= Subject key identifier: D9:B9:D6:F2:2D:21:BD:89:D5:89:47:61:2A:60:26:2D:DE:D6:C5:EB Authority key identifier: CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 Certificate issuer: /CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Certificate serial: 0E59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft Manifest number: 0E51 Signing time: Sat 04 May 2024 18:34:48 +0000 Manifest this update: Sat 04 May 2024 18:34:47 +0000 Manifest next update: Sat 11 May 2024 18:34:47 +0000 Files and hashes: 1: y_Kp2oisCPjVEG3svXLW-gnIGOk.crl (hash: q2Az5W9vqX2KGn6juDsP8Q6ikmavw9ZXkjH4mLcuQ4I=) 2: 4ECF0A4C765C11E9A01A6E34C4F9AE02.roa (hash: Ce9BbpW+u6Lf3eiA8gD0/jqkNi4bCrcEPxDFa4yC7Go=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:34:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3673 (0xe59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5C25/serialNumber=CBF2A9DA88AC08F8D5106DECBD72D6FA09C818E9 Validity Not Before: May 4 18:34:47 2024 GMT Not After : May 11 18:34:47 2024 GMT Subject: CN=66367fc7-ecc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fe:86:5e:07:f2:85:14:ad:72:55:d8:7d:5c: 7c:b1:c0:1d:ac:89:47:32:31:60:a3:94:01:f1:d8: 2e:08:fe:b6:a3:f5:24:11:cc:83:1a:eb:d7:1b:50: 18:01:cc:17:21:bc:65:88:62:f6:ea:ca:97:4b:ad: c4:8f:e2:ac:a6:4e:7d:24:50:2f:08:c8:3d:7b:82: aa:5e:88:03:ea:80:42:b3:36:ac:6f:73:85:fd:1d: d3:2b:e8:b6:ad:45:4c:b5:73:98:a9:e5:2b:0d:d1: e0:f8:bf:b3:2f:71:64:6b:6a:6d:29:66:78:eb:42: 4e:d7:b3:d1:a7:c6:f2:ff:64:16:a3:96:e2:86:24: 5d:a2:9c:f8:6c:13:3e:13:f5:e3:5d:37:50:07:be: 0e:fd:9e:24:1e:39:b0:00:d5:69:a1:46:18:18:77: 13:23:87:24:e4:72:a9:13:ef:a9:8b:97:65:f0:45: 86:99:95:ac:89:8a:90:73:52:21:96:06:f3:a3:19: 1d:ce:31:cd:ec:64:54:63:de:cd:ef:4d:84:65:ef: 70:ac:6b:c5:94:84:25:89:ee:f0:65:a8:f2:e1:c8: d7:bb:5e:da:4d:21:00:fe:59:b1:1a:0a:5d:8b:a2: d1:f5:82:bd:74:9d:5e:80:ef:db:29:9e:73:be:cc: 57:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B9:D6:F2:2D:21:BD:89:D5:89:47:61:2A:60:26:2D:DE:D6:C5:EB X509v3 Authority Key Identifier: keyid:CB:F2:A9:DA:88:AC:08:F8:D5:10:6D:EC:BD:72:D6:FA:09:C8:18:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y_Kp2oisCPjVEG3svXLW-gnIGOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5C25/687A10A6765A11E99D01E42EC4F9AE02/y_Kp2oisCPjVEG3svXLW-gnIGOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:35:08:f5:f0:e0:e5:27:22:d2:ad:26:18:9e:dc:22:65:51: a3:b5:68:12:2a:ca:11:e9:19:da:50:66:92:a1:7d:cc:c0:e9: 57:0b:87:3d:ef:94:34:44:b7:49:f2:af:06:99:b4:5a:99:d6: c0:0c:2a:c5:13:70:d6:69:e0:76:40:25:2f:d1:82:49:35:4c: df:e6:21:30:6c:42:9b:ea:8d:6c:b1:1c:01:5e:e3:32:d8:85: 5b:63:6d:8b:aa:44:f5:11:4e:5d:3a:1a:18:de:86:d0:7d:47: 13:be:93:1e:f6:59:16:8d:b5:bb:07:c8:72:1a:2f:ae:d6:af: 37:73:2c:96:19:c3:63:7b:f6:0c:7d:d0:df:1b:37:d7:05:94: a3:54:23:5e:99:57:c0:4e:26:a6:30:77:07:29:35:2b:8b:b2: 25:1a:b2:2a:ce:74:54:ba:01:9e:b5:f9:4d:25:ce:41:07:8a: 37:ac:d3:7b:00:74:22:0c:d4:d5:f2:03:e5:c5:c2:64:16:ce: 23:20:f9:47:69:27:05:4d:ca:c1:ad:a8:ad:0b:c0:6e:2f:27: fd:c5:44:73:75:3f:85:c8:66:e4:14:f7:4e:1f:a6:8a:40:ad: c5:44:12:b2:b7:11:5a:6b:89:31:35:0b:7b:d2:97:6e:55:b5: 81:f7:4e:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVDMjUxMTAvBgNVBAUTKENCRjJBOURBODhBQzA4RjhENTEwNkRFQ0JENzJENkZB MDlDODE4RTkwHhcNMjQwNTA0MTgzNDQ3WhcNMjQwNTExMTgzNDQ3WjAYMRYwFAYD VQQDEw02NjM2N2ZjNy1lY2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7f6GXgfyhRStclXYfVx8scAdrIlHMjFgo5QB8dguCP62o/UkEcyDGuvXG1AY AcwXIbxliGL26sqXS63Ej+Kspk59JFAvCMg9e4KqXogD6oBCszasb3OF/R3TK+i2 rUVMtXOYqeUrDdHg+L+zL3Fka2ptKWZ460JO17PRp8by/2QWo5bihiRdopz4bBM+ E/XjXTdQB74O/Z4kHjmwANVpoUYYGHcTI4ck5HKpE++pi5dl8EWGmZWsiYqQc1Ih lgbzoxkdzjHN7GRUY97N702EZe9wrGvFlIQlie7wZajy4cjXu17aTSEA/lmxGgpd i6LR9YK9dJ1egO/bKZ5zvsxXRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNm51vIt Ib2J1YlHYSpgJi3e1sXrMB8GA1UdIwQYMBaAFMvyqdqIrAj41RBt7L1y1voJyBjp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUMyNS82ODdBMTBBNjc2 NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQalZFRzNzdlhMVy1nbklH T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lfS3Ayb2lzQ1BqVkVHM3N2WExXLWduSUdPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUMyNS82ODdBMTBBNjc2NUExMUU5OUQwMUU0MkVDNEY5QUUwMi95X0twMm9pc0NQ alZFRzNzdlhMVy1nbklHT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLNQj18ODlJyLSrSYYntwiZVGjtWgSKsoR6RnaUGaSoX3MwOlXC4c9 75Q0RLdJ8q8GmbRamdbADCrFE3DWaeB2QCUv0YJJNUzf5iEwbEKb6o1ssRwBXuMy 2IVbY22LqkT1EU5dOhoY3obQfUcTvpMe9lkWjbW7B8hyGi+u1q83cyyWGcNje/YM fdDfGzfXBZSjVCNemVfATiamMHcHKTUri7IlGrIqznRUugGetflNJc5BB4o3rNN7 AHQiDNTV8gPlxcJkFs4jIPlHaScFTcrBraitC8BuLyf9xURzdT+FyGbkFPdOH6aK QK3FRBKytxFaa4kxNQt70pduVbWB905y -----END CERTIFICATE-----Generated at Sat May 4 20:37:18 2024 by rpki-client on console-fra.rpki-client.org