$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.mft File: PusZaI0z1iGZTls9nkbsqqUJ9CM.mft (raw, json) Hash identifier: 6a+l9hNIOCtSHppJaCQQaZno9h/jWykJ23ezyPwZF8I= Subject key identifier: B3:42:5D:D4:CF:2B:48:00:96:80:6B:4A:BD:FC:E5:30:E1:29:30:73 Authority key identifier: 3E:EB:19:68:8D:33:D6:21:99:4E:5B:3D:9E:46:EC:AA:A5:09:F4:23 Certificate issuer: /CN=A91DE4AC/serialNumber=3EEB19688D33D621994E5B3D9E46ECAAA509F423 Certificate serial: 034D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PusZaI0z1iGZTls9nkbsqqUJ9CM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.mft Manifest number: 034A Signing time: Fri 03 May 2024 03:01:23 +0000 Manifest this update: Fri 03 May 2024 03:01:22 +0000 Manifest next update: Fri 10 May 2024 03:01:22 +0000 Files and hashes: 1: PusZaI0z1iGZTls9nkbsqqUJ9CM.crl (hash: XKbA1TXSMKq4u1gTernfTlVrhpuzU1daHtV8mk1rDKU=) 2: 0716B2646C7111EC8C5E6967C4F9AE02.roa (hash: KmVrkzGGgoECvjd3YrTWzHyML72Oq980lXI0J//0brU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.crl rsync://rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PusZaI0z1iGZTls9nkbsqqUJ9CM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 03:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 845 (0x34d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE4AC/serialNumber=3EEB19688D33D621994E5B3D9E46ECAAA509F423 Validity Not Before: May 3 03:01:22 2024 GMT Not After : May 10 03:01:22 2024 GMT Subject: CN=66345382-b8fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:eb:85:f6:9a:5b:12:d5:c9:0c:39:f2:6d:61: 5a:69:06:9c:52:80:db:a7:d3:fa:bf:36:77:5f:13: 11:58:71:e1:19:b5:9c:0e:6d:3c:ea:31:99:6d:d8: 4a:96:05:4d:85:cf:1c:a2:a5:e1:76:00:91:20:76: 79:28:b6:a8:7f:7b:c1:65:62:7d:0a:6e:ed:2c:4b: e2:b2:5a:70:23:f3:43:cf:9e:bf:b3:8c:07:e6:9f: 4e:dd:bf:b7:3c:e2:f2:d6:fb:71:e2:2a:16:4a:e6: 45:bf:df:42:46:eb:49:b5:74:63:57:50:f3:36:22: d7:22:bc:f5:54:ab:69:38:aa:72:e2:d4:a1:3e:f6: 7b:20:6a:7f:1f:67:67:c4:1e:1c:c8:0e:3a:2b:f6: 81:e9:46:74:c3:d6:57:7b:5d:60:b7:ea:54:14:fb: a2:2e:14:f7:96:1f:8b:ad:71:01:05:5b:42:3a:29: 8b:8a:c6:70:8a:fc:cf:29:4e:6c:74:68:de:14:d6: de:76:6a:13:ca:3e:96:12:6d:27:c2:9c:68:bc:0f: 32:9e:6d:cc:e8:32:6d:ab:99:af:31:c5:82:c7:3f: f9:d6:6d:48:c7:4a:ac:f5:b3:18:db:ba:9b:05:50: 94:1b:9c:06:b2:60:7e:d9:8e:5c:13:7a:84:d9:76: 6b:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:42:5D:D4:CF:2B:48:00:96:80:6B:4A:BD:FC:E5:30:E1:29:30:73 X509v3 Authority Key Identifier: keyid:3E:EB:19:68:8D:33:D6:21:99:4E:5B:3D:9E:46:EC:AA:A5:09:F4:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PusZaI0z1iGZTls9nkbsqqUJ9CM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE4AC/3441D2D06C6E11ECB233FB61C4F9AE02/PusZaI0z1iGZTls9nkbsqqUJ9CM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:bf:50:c7:8d:62:10:8a:e6:6f:84:4c:db:e3:d1:2d:ec:90: 31:bd:53:89:24:e1:6f:a2:93:18:ad:69:ee:a6:a1:46:d9:bc: 4a:b1:6c:2d:8a:5a:4c:5b:57:3d:25:47:a5:32:7b:65:80:8a: 54:63:af:65:ae:4a:d5:fd:83:dc:53:0b:ba:c3:c7:57:f0:1b: 2d:23:69:1c:66:1c:04:5b:f2:30:ae:41:95:10:22:4d:5a:c7: c9:58:ff:c7:6c:bf:6f:d6:0b:c3:b4:f9:d7:d7:54:da:63:99: f3:d8:dd:cb:0c:c1:fa:b3:31:50:49:6e:dc:8a:ed:0a:b5:d9: 70:17:51:b9:2b:91:93:31:8a:7c:df:52:15:1f:aa:51:f6:c3: c6:df:27:26:e3:39:8a:a8:50:dd:09:15:8c:17:e5:d8:ba:c2: 87:5f:66:59:62:9e:02:c2:2b:53:18:69:c6:dc:f6:53:6f:aa: 27:04:0a:7b:0e:c1:95:80:ed:3a:e6:26:b2:a5:34:bc:06:5d: 5e:81:ab:85:f8:5c:61:a8:da:2b:90:55:56:a8:0c:b3:6e:2b: db:36:96:d6:5f:f9:60:f4:08:30:ff:a9:4e:13:9b:d4:65:59: f1:46:c3:72:aa:7b:98:ad:c9:b5:55:41:2b:14:d3:79:7b:94: 65:f8:76:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU0QUMxMTAvBgNVBAUTKDNFRUIxOTY4OEQzM0Q2MjE5OTRFNUIzRDlFNDZFQ0FB QTUwOUY0MjMwHhcNMjQwNTAzMDMwMTIyWhcNMjQwNTEwMDMwMTIyWjAYMRYwFAYD VQQDEw02NjM0NTM4Mi1iOGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2OuF9ppbEtXJDDnybWFaaQacUoDbp9P6vzZ3XxMRWHHhGbWcDm086jGZbdhK lgVNhc8coqXhdgCRIHZ5KLaof3vBZWJ9Cm7tLEvislpwI/NDz56/s4wH5p9O3b+3 POLy1vtx4ioWSuZFv99CRutJtXRjV1DzNiLXIrz1VKtpOKpy4tShPvZ7IGp/H2dn xB4cyA46K/aB6UZ0w9ZXe11gt+pUFPuiLhT3lh+LrXEBBVtCOimLisZwivzPKU5s dGjeFNbedmoTyj6WEm0nwpxovA8ynm3M6DJtq5mvMcWCxz/51m1Ix0qs9bMY27qb BVCUG5wGsmB+2Y5cE3qE2XZrxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLNCXdTP K0gAloBrSr385TDhKTBzMB8GA1UdIwQYMBaAFD7rGWiNM9YhmU5bPZ5G7KqlCfQj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTRBQy8zNDQxRDJEMDZD NkUxMUVDQjIzM0ZCNjFDNEY5QUUwMi9QdXNaYUkwejFpR1pUbHM5bmtic3FxVUo5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1B1c1phSTB6MWlHWlRsczlua2JzcXFVSjlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTRBQy8zNDQxRDJEMDZDNkUxMUVDQjIzM0ZCNjFDNEY5QUUwMi9QdXNaYUkwejFp R1pUbHM5bmtic3FxVUo5Q00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJv1DHjWIQiuZvhEzb49Et7JAxvVOJJOFvopMYrWnupqFG2bxKsWwt ilpMW1c9JUelMntlgIpUY69lrkrV/YPcUwu6w8dX8BstI2kcZhwEW/IwrkGVECJN WsfJWP/HbL9v1gvDtPnX11TaY5nz2N3LDMH6szFQSW7ciu0KtdlwF1G5K5GTMYp8 31IVH6pR9sPG3ycm4zmKqFDdCRWMF+XYusKHX2ZZYp4CwitTGGnG3PZTb6onBAp7 DsGVgO065iaypTS8Bl1egauF+FxhqNorkFVWqAyzbivbNpbWX/lg9Agw/6lOE5vU ZVnxRsNyqnuYrcm1VUErFNN5e5Rl+HaJ -----END CERTIFICATE-----Generated at Fri May 3 04:36:54 2024 by rpki-client on console-ams.rpki-client.org