$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.mft File: 1QwK07StgdVVlFzH8_HuHB-t5hc.mft (raw, json) Hash identifier: XTJ7gnqECd8HrQkIOo9+fk2M5pp8S7Bqh+txdBedJls= Subject key identifier: 6F:0B:14:84:46:84:31:0F:0F:67:8A:81:72:C3:EC:1D:BF:85:EF:C1 Authority key identifier: D5:0C:0A:D3:B4:AD:81:D5:55:94:5C:C7:F3:F1:EE:1C:1F:AD:E6:17 Certificate issuer: /CN=A91DB475/serialNumber=D50C0AD3B4AD81D555945CC7F3F1EE1C1FADE617 Certificate serial: 0A49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1QwK07StgdVVlFzH8_HuHB-t5hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.mft Manifest number: 0A44 Signing time: Mon 06 May 2024 20:32:14 +0000 Manifest this update: Mon 06 May 2024 20:32:14 +0000 Manifest next update: Mon 13 May 2024 20:32:14 +0000 Files and hashes: 1: 1QwK07StgdVVlFzH8_HuHB-t5hc.crl (hash: cSZwOEJd5SDz1xKH2j7TfDV6C3NNhxRn4zCjICjda7w=) 2: 1C49B43C419F11EA8B12587CC4F9AE02.roa (hash: Jgk8yuqCdN6EE4nL1jd3xhL23VBXzcAyNGtY9mrZLK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.crl rsync://rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1QwK07StgdVVlFzH8_HuHB-t5hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 20:32:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2633 (0xa49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DB475/serialNumber=D50C0AD3B4AD81D555945CC7F3F1EE1C1FADE617 Validity Not Before: May 6 20:32:14 2024 GMT Not After : May 13 20:32:14 2024 GMT Subject: CN=66393e4e-617a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:03:6e:8c:6a:24:f1:f2:95:a8:ca:f6:cf:f1: fd:cd:a9:8f:8a:7f:ce:c3:34:dc:67:e7:39:ed:c8: af:d8:53:42:48:bd:e4:b9:91:69:6a:59:f8:3f:fd: a4:c9:08:11:b1:cb:7b:50:cb:0a:3c:9b:20:9b:01: e6:3a:11:47:44:7b:0c:30:3f:2d:d0:fa:7b:e7:c5: 92:ef:37:6e:3e:d8:91:be:a5:14:98:8a:79:aa:9a: 3e:19:2e:8a:25:8c:9f:f3:70:0b:a7:73:53:af:c3: 58:3c:6e:25:a3:11:c2:e8:3e:bb:1b:26:40:24:55: 4b:ab:8b:34:a7:1f:86:1e:10:4c:ae:d4:ec:70:28: 87:7c:cf:ee:0e:9d:15:a9:b0:22:7c:d0:72:00:a9: 7c:32:dc:8f:70:06:52:eb:67:48:d3:72:bf:e6:8f: e5:dc:97:1f:47:93:33:b7:c7:f1:22:96:d3:0d:74: 27:3e:00:0d:4a:a8:e3:4d:84:f2:00:40:91:f5:27: 6e:82:36:6d:19:dc:d7:f1:a2:4b:ce:79:e0:af:55: 17:0c:73:e6:33:ec:80:5a:82:17:97:17:13:08:f1: 7b:2d:e3:31:e3:1c:04:31:50:27:9e:dc:2f:bb:ad: 7c:4b:9c:6b:2f:4a:bc:9c:5a:cd:93:32:86:99:1f: a0:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:0B:14:84:46:84:31:0F:0F:67:8A:81:72:C3:EC:1D:BF:85:EF:C1 X509v3 Authority Key Identifier: keyid:D5:0C:0A:D3:B4:AD:81:D5:55:94:5C:C7:F3:F1:EE:1C:1F:AD:E6:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1QwK07StgdVVlFzH8_HuHB-t5hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB475/208FB730417211EA98A3686DC4F9AE02/1QwK07StgdVVlFzH8_HuHB-t5hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:b0:81:d3:60:25:94:45:16:b2:1d:0f:40:99:8f:39:6d:4e: 8e:63:0d:1c:37:d6:81:05:e1:20:3e:a8:02:2e:5e:14:b2:a2: e8:19:7f:11:b5:c4:34:aa:92:9b:57:52:13:1b:97:5e:1c:d0: a8:7a:77:ab:3a:64:4b:44:d6:16:41:c1:9c:c5:9a:75:a1:e2: 42:8b:86:26:82:47:d8:8a:63:8c:be:da:f1:a6:0c:8f:b5:82: e5:a5:6b:9c:f1:6e:00:f1:b7:bd:53:ea:40:58:f0:b8:be:6d: 48:80:82:d0:0d:5d:90:65:25:e7:86:cf:a3:64:c7:4b:c8:8c: 48:5f:2d:eb:85:cb:91:f7:b4:46:42:cd:6c:3a:43:54:96:52: 9a:a5:78:04:9c:7b:9d:2b:ad:2c:d4:e3:f6:25:98:e8:2a:16: 8f:5a:7b:9c:46:ff:f3:5e:1e:94:3b:52:86:e6:54:69:1e:60: 2b:70:2a:7f:00:51:1b:d4:e4:49:d9:a9:d6:80:30:44:2d:38: d9:33:77:c5:df:e9:23:68:ef:20:87:e8:bb:a8:0f:97:64:d9: e4:8a:4b:2e:0d:e7:b7:d9:9d:33:07:24:6c:27:ab:2b:5f:37: bd:1f:e1:1f:78:9d:e3:0a:2a:66:ce:05:c6:a4:0e:2f:a0:79: 0b:5a:82:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REI0NzUxMTAvBgNVBAUTKEQ1MEMwQUQzQjRBRDgxRDU1NTk0NUNDN0YzRjFFRTFD MUZBREU2MTcwHhcNMjQwNTA2MjAzMjE0WhcNMjQwNTEzMjAzMjE0WjAYMRYwFAYD VQQDEw02NjM5M2U0ZS02MTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuQNujGok8fKVqMr2z/H9zamPin/OwzTcZ+c57civ2FNCSL3kuZFpaln4P/2k yQgRsct7UMsKPJsgmwHmOhFHRHsMMD8t0Pp758WS7zduPtiRvqUUmIp5qpo+GS6K JYyf83ALp3NTr8NYPG4loxHC6D67GyZAJFVLq4s0px+GHhBMrtTscCiHfM/uDp0V qbAifNByAKl8MtyPcAZS62dI03K/5o/l3JcfR5Mzt8fxIpbTDXQnPgANSqjjTYTy AECR9SdugjZtGdzX8aJLznngr1UXDHPmM+yAWoIXlxcTCPF7LeMx4xwEMVAnntwv u618S5xrL0q8nFrNkzKGmR+gRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG8LFIRG hDEPD2eKgXLD7B2/he/BMB8GA1UdIwQYMBaAFNUMCtO0rYHVVZRcx/Px7hwfreYX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjQ3NS8yMDhGQjczMDQx NzIxMUVBOThBMzY4NkRDNEY5QUUwMi8xUXdLMDdTdGdkVlZsRnpIOF9IdUhCLXQ1 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFRd0swN1N0Z2RWVmxGekg4X0h1SEItdDVoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QjQ3NS8yMDhGQjczMDQxNzIxMUVBOThBMzY4NkRDNEY5QUUwMi8xUXdLMDdTdGdk VlZsRnpIOF9IdUhCLXQ1aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAusIHTYCWURRayHQ9AmY85bU6OYw0cN9aBBeEgPqgCLl4UsqLoGX8R tcQ0qpKbV1ITG5deHNCoenerOmRLRNYWQcGcxZp1oeJCi4YmgkfYimOMvtrxpgyP tYLlpWuc8W4A8be9U+pAWPC4vm1IgILQDV2QZSXnhs+jZMdLyIxIXy3rhcuR97RG Qs1sOkNUllKapXgEnHudK60s1OP2JZjoKhaPWnucRv/zXh6UO1KG5lRpHmArcCp/ AFEb1ORJ2anWgDBELTjZM3fF3+kjaO8gh+i7qA+XZNnkiksuDee32Z0zByRsJ6sr Xze9H+EfeJ3jCipmzgXGpA4voHkLWoLy -----END CERTIFICATE-----Generated at Mon May 6 22:41:03 2024 by rpki-client on console-ams.rpki-client.org