$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft File: yoXhM8HiOWFMnFd4ARi9swlSjnY.mft (raw, json) Hash identifier: GcdUelZgCkCeTmSyPYymDKF7YPTideOz++u0nftHgZM= Subject key identifier: 16:43:6C:A7:8E:5A:09:38:57:6E:A2:04:DF:80:A7:15:02:77:9A:AD Authority key identifier: CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 Certificate issuer: /CN=A91DC42E/serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Certificate serial: 06C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft Manifest number: 06C4 Signing time: Thu 02 May 2024 23:09:50 +0000 Manifest this update: Thu 02 May 2024 23:09:50 +0000 Manifest next update: Thu 09 May 2024 23:09:50 +0000 Files and hashes: 1: yoXhM8HiOWFMnFd4ARi9swlSjnY.crl (hash: kydTcDXQnpK+2Qz0H7r1Qiu5udE5jkeISIrmqj+1vME=) 2: 4AAD8CFE0D1E11EB83C9B637C4F9AE02.roa (hash: h5Bc7ok0+dP+vOastBo5oVqCpp7yxaCP5+ItJwQcSQk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 22:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1737 (0x6c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC42E/serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Validity Not Before: May 2 23:09:50 2024 GMT Not After : May 9 23:09:50 2024 GMT Subject: CN=66341d3e-8128 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3c:d5:c0:95:fc:a3:a0:69:eb:a5:27:e4:99: 60:f2:11:09:4e:c3:4c:4f:f2:7a:8d:18:75:f7:ca: 03:37:55:ca:ce:92:06:54:b4:3d:91:12:a9:6d:37: ae:6c:c6:eb:4c:24:65:7f:3a:91:8a:79:2f:c1:b0: 8b:95:78:c7:c6:bd:5e:0d:8a:f4:83:65:ab:c6:2f: 91:4d:50:50:4a:80:4c:2c:f2:e3:78:2f:39:19:4d: 92:6f:2c:79:6d:ef:bf:2f:b1:25:59:cb:e4:82:9f: e0:61:18:af:f4:cb:10:dd:d7:d5:7b:ed:03:e0:fb: 7e:b9:51:2f:cc:2f:d8:71:9d:8f:43:d3:c9:bd:b5: 68:7d:d7:13:8f:e2:18:69:df:3d:49:b3:08:ad:64: ce:4f:b8:61:02:e0:59:74:51:f2:46:77:1d:54:7b: db:3e:e1:88:97:84:26:e2:1d:54:2c:59:59:f9:47: e0:fd:c6:de:98:55:16:30:b6:f4:60:cf:dc:68:51: 55:5d:f1:5d:05:e3:e1:fb:59:33:43:45:5f:eb:29: 0a:7b:62:f9:1f:1b:ec:13:fa:79:c7:5e:55:fd:b0: 4b:c2:e5:ee:29:6e:39:a4:0c:77:2b:b9:90:a5:a4: 87:5a:1e:f7:82:b5:b8:de:56:1d:4e:ce:8b:af:19: 66:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:43:6C:A7:8E:5A:09:38:57:6E:A2:04:DF:80:A7:15:02:77:9A:AD X509v3 Authority Key Identifier: keyid:CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:5e:65:9c:f8:c5:ae:bc:4a:8d:32:b2:4f:cc:2a:e9:12:bc: 10:45:41:c3:07:b6:c2:c3:30:48:9e:a5:52:11:5c:73:c5:9a: 1c:3a:63:4e:f0:2f:3b:39:5c:78:fe:0d:2e:29:c6:41:b2:1b: a0:f8:80:e6:e1:9d:a2:3f:ce:b7:5c:1a:70:67:1a:c3:e4:eb: ad:6f:87:8b:79:f5:28:d7:30:ea:22:ef:b4:83:d5:15:e6:ca: 10:8b:39:e3:69:89:fc:d9:d4:38:38:ca:07:56:87:2a:69:d9: b8:69:ac:46:58:e3:c6:ae:42:e0:7e:0a:75:65:e5:8b:55:e9: c2:35:ae:7b:d5:d2:56:fd:9c:28:de:27:26:8c:78:34:28:92: 67:2e:e6:b3:c6:76:d3:17:f0:57:29:96:4c:c1:83:9f:77:89: 86:51:5d:d4:8b:df:5b:74:58:0c:af:35:d7:4f:cf:3f:fb:6f: 71:25:c7:1f:c0:78:a8:28:42:68:72:8e:fc:08:33:0a:82:49: c2:b0:33:10:f6:82:46:a8:30:50:cb:a4:36:02:fa:d8:c2:73: b4:d7:4a:40:7b:80:95:9e:f5:df:ad:68:81:b1:38:41:e6:4a: 56:5f:af:6e:42:5b:a4:4b:c7:ff:03:30:f7:1b:01:88:ed:62: 5b:d0:8f:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0MkUxMTAvBgNVBAUTKENBODVFMTMzQzFFMjM5NjE0QzlDNTc3ODAxMThCREIz MDk1MjhFNzYwHhcNMjQwNTAyMjMwOTUwWhcNMjQwNTA5MjMwOTUwWjAYMRYwFAYD VQQDEw02NjM0MWQzZS04MTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzzVwJX8o6Bp66Un5Jlg8hEJTsNMT/J6jRh198oDN1XKzpIGVLQ9kRKpbTeu bMbrTCRlfzqRinkvwbCLlXjHxr1eDYr0g2Wrxi+RTVBQSoBMLPLjeC85GU2Sbyx5 be+/L7ElWcvkgp/gYRiv9MsQ3dfVe+0D4Pt+uVEvzC/YcZ2PQ9PJvbVofdcTj+IY ad89SbMIrWTOT7hhAuBZdFHyRncdVHvbPuGIl4Qm4h1ULFlZ+Ufg/cbemFUWMLb0 YM/caFFVXfFdBePh+1kzQ0Vf6ykKe2L5HxvsE/p5x15V/bBLwuXuKW45pAx3K7mQ paSHWh73grW43lYdTs6LrxlmGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBZDbKeO Wgk4V26iBN+ApxUCd5qtMB8GA1UdIwQYMBaAFMqF4TPB4jlhTJxXeAEYvbMJUo52 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQyRS9ENkE3RkY0ODBE MTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9XRk1uRmQ0QVJpOXN3bFNq blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvWGhNOEhpT1dGTW5GZDRBUmk5c3dsU2puWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzQyRS9ENkE3RkY0ODBEMTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9X Rk1uRmQ0QVJpOXN3bFNqblkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqXmWc+MWuvEqNMrJPzCrpErwQRUHDB7bCwzBInqVSEVxzxZocOmNO 8C87OVx4/g0uKcZBshug+IDm4Z2iP863XBpwZxrD5Outb4eLefUo1zDqIu+0g9UV 5soQiznjaYn82dQ4OMoHVocqadm4aaxGWOPGrkLgfgp1ZeWLVenCNa571dJW/Zwo 3icmjHg0KJJnLuazxnbTF/BXKZZMwYOfd4mGUV3Ui99bdFgMrzXXT88/+29xJccf wHioKEJoco78CDMKgknCsDMQ9oJGqDBQy6Q2AvrYwnO010pAe4CVnvXfrWiBsThB 5kpWX69uQlukS8f/AzD3GwGI7WJb0I8+ -----END CERTIFICATE-----Generated at Fri May 3 00:07:14 2024 by rpki-client on console-ams.rpki-client.org