$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft File: MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json) Hash identifier: TipeIO/TAyb9ISQcj+tMCZHkQRMEZXOmnmb/DLGnX80= Subject key identifier: 61:17:FB:91:FB:06:77:4A:53:E6:C0:8A:42:12:A6:AB:13:5B:01:B5 Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 Certificate issuer: /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Certificate serial: 33B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft Manifest number: 33B8 Signing time: Sat 04 May 2024 15:16:54 +0000 Manifest this update: Sat 04 May 2024 15:16:54 +0000 Manifest next update: Sat 11 May 2024 15:16:54 +0000 Files and hashes: 1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: Yq74TpQs1lg8J1SK25qcGFKNDgOYIlxWDnxjimXKtV0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 14:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13240 (0x33b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Validity Not Before: May 4 15:16:54 2024 GMT Not After : May 11 15:16:54 2024 GMT Subject: CN=66365166-846d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:93:6f:24:cf:89:68:ef:38:5b:23:54:04:55: 6b:6d:34:36:92:dd:a8:cf:33:ac:4e:64:5d:51:a9: 5d:36:01:a8:46:62:23:7b:6d:9c:fb:14:bf:0e:93: bb:39:f7:6c:ff:ac:15:61:6d:4f:20:52:30:3b:e4: e8:79:2b:fe:47:41:c1:ca:45:cf:2d:39:ae:1f:e0: cb:d6:1f:72:64:be:d6:f1:44:b2:dc:82:f4:ee:91: f4:60:35:a4:aa:d4:9d:58:d3:43:c8:87:b4:01:d9: 51:1e:e7:f5:34:1d:7a:cf:e5:51:5c:db:8f:8e:f0: ca:b9:2e:3a:0d:3f:1e:31:4b:ee:a8:62:40:a0:de: d6:3d:c9:a4:3b:28:89:33:59:0a:b5:b8:e9:84:75: 6d:9c:94:1f:b1:a2:14:b1:0a:0b:86:39:58:aa:8e: 27:b9:67:cd:01:5b:ca:ca:21:3a:fa:6b:e1:f3:61: 33:90:ad:5d:d2:1d:3d:63:15:d9:ff:95:5b:9e:8d: b1:88:d2:eb:b4:f8:f5:d1:b3:28:c7:32:29:5f:04: 31:73:2a:29:49:9d:76:bb:47:b5:14:7d:17:ea:5f: d1:62:39:64:69:60:4d:07:75:ca:15:e4:6e:4f:18: e3:3e:24:34:dc:86:32:ef:8c:b1:ec:0a:a5:e7:af: 03:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:17:FB:91:FB:06:77:4A:53:E6:C0:8A:42:12:A6:AB:13:5B:01:B5 X509v3 Authority Key Identifier: keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:16:e9:6a:32:83:07:81:58:65:ba:54:20:a7:74:5e:9d:aa: 01:0c:33:91:dc:9f:5e:a3:62:40:4a:26:ef:c9:48:ba:e1:0c: a1:0f:e2:17:c4:86:57:8a:97:6c:f1:94:c4:9b:95:04:4c:3b: 61:c2:67:b5:2c:fc:22:94:63:6f:1e:2d:cf:7d:cd:59:7e:76: 08:30:c2:a9:84:85:ff:f4:5d:a7:bc:aa:96:8a:11:18:81:c2: bb:8c:25:8e:39:e5:17:92:ad:e7:ca:df:05:43:13:6f:16:35: 92:99:f7:73:cb:73:f3:5f:2b:eb:21:b7:02:18:4d:87:8f:89: bd:2c:7a:fa:41:68:60:c8:5f:fe:66:02:24:46:2b:60:67:fa: a4:03:8d:26:e8:85:87:41:10:97:70:7c:09:29:85:9a:f5:15: aa:4f:52:73:1f:93:81:3f:c1:57:04:c2:45:35:92:ed:01:c5: 4e:16:d8:b1:35:8b:68:13:ba:e3:64:bf:09:5e:5d:3f:19:e2: 4f:64:03:99:2a:37:06:af:98:78:c3:82:1d:81:53:f2:a7:08: b0:f0:59:fc:5a:d7:4e:77:15:e4:87:f0:20:0d:38:37:9a:fe: 84:25:3e:d2:be:49:1c:58:c2:0d:fd:08:4a:ce:97:98:c9:84: 9a:48:12:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy MkE1MDNDRjgwHhcNMjQwNTA0MTUxNjU0WhcNMjQwNTExMTUxNjU0WjAYMRYwFAYD VQQDEw02NjM2NTE2Ni04NDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3pNvJM+JaO84WyNUBFVrbTQ2kt2ozzOsTmRdUaldNgGoRmIje22c+xS/DpO7 Ofds/6wVYW1PIFIwO+ToeSv+R0HBykXPLTmuH+DL1h9yZL7W8USy3IL07pH0YDWk qtSdWNNDyIe0AdlRHuf1NB16z+VRXNuPjvDKuS46DT8eMUvuqGJAoN7WPcmkOyiJ M1kKtbjphHVtnJQfsaIUsQoLhjlYqo4nuWfNAVvKyiE6+mvh82EzkK1d0h09YxXZ /5Vbno2xiNLrtPj10bMoxzIpXwQxcyopSZ12u0e1FH0X6l/RYjlkaWBNB3XKFeRu TxjjPiQ03IYy74yx7Aql568DvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGEX+5H7 BndKU+bAikISpqsTWwG1MB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0 LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/FulqMoMHgVhlulQgp3RenaoBDDOR3J9eo2JASibvyUi64QyhD+IX xIZXipds8ZTEm5UETDthwme1LPwilGNvHi3Pfc1ZfnYIMMKphIX/9F2nvKqWihEY gcK7jCWOOeUXkq3nyt8FQxNvFjWSmfdzy3PzXyvrIbcCGE2Hj4m9LHr6QWhgyF/+ ZgIkRitgZ/qkA40m6IWHQRCXcHwJKYWa9RWqT1JzH5OBP8FXBMJFNZLtAcVOFtix NYtoE7rjZL8JXl0/GeJPZAOZKjcGr5h4w4IdgVPypwiw8Fn8WtdOdxXkh/AgDTg3 mv6EJT7SvkkcWMIN/QhKzpeYyYSaSBLR -----END CERTIFICATE-----Generated at Sat May 4 15:45:50 2024 by rpki-client on console-fra.rpki-client.org