$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: NW8ltuY9Mxy6OGOmrPe8ZeQCiVH/hQiNJSChkeGkeRM= Subject key identifier: 5B:6F:00:39:26:18:08:F5:CF:ED:C8:FD:83:E1:50:52:F5:82:90:FB Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: D3 Signing time: Fri 03 May 2024 06:14:25 +0000 Manifest this update: Fri 03 May 2024 06:14:24 +0000 Manifest next update: Fri 10 May 2024 06:14:24 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: oCwH3/Bp94Cxx5yYeWZGP+nR3lWrmU3hmKzq1Tgjwms=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: pmN2o1KlR6jFa7dEFJRKKcKXmZNwlv1ahG+zaZBhy/8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 06:14:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: May 3 06:14:24 2024 GMT Not After : May 10 06:14:24 2024 GMT Subject: CN=663480c0-2fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:90:37:0e:be:cd:a9:04:9c:20:6a:6e:28:82: aa:7c:3d:a1:25:95:96:fd:1a:d7:11:8c:50:85:1f: ba:5a:fd:92:c0:87:43:36:cf:a7:68:4f:56:45:22: f1:83:82:dd:dd:fc:b8:75:7f:7d:b2:2c:69:7d:9c: 2e:da:b1:3d:8d:40:72:0f:aa:ba:e6:f4:54:48:fc: ca:c8:c6:59:33:2d:a4:95:20:82:81:af:c7:72:bf: 60:86:20:44:80:84:84:03:dd:43:a8:83:cd:79:46: c7:39:d1:0a:43:63:a3:86:63:97:c9:92:2b:fe:31: 7d:ce:24:43:09:17:a4:0d:24:7f:e1:94:46:3b:c6: 45:7a:8c:eb:e1:c5:b7:05:55:8b:a0:16:d2:ad:09: 47:2e:97:1f:4d:cd:df:bd:a7:e2:00:96:b3:14:06: 27:8a:d4:fc:b5:d1:73:28:ef:72:c5:d1:52:9d:a6: 22:64:0b:fc:9a:6e:59:c0:47:dc:5e:95:de:de:db: ff:2a:cd:1f:13:d3:a8:9e:8c:a8:a0:55:85:ff:6d: a4:9e:b7:14:76:90:b7:fe:aa:87:19:3d:85:67:dd: c8:b5:a5:57:a4:b9:29:ed:16:0b:16:f2:45:67:e6: ec:d5:8a:7c:53:bd:3d:1c:2e:3d:22:39:06:d2:4c: eb:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:6F:00:39:26:18:08:F5:CF:ED:C8:FD:83:E1:50:52:F5:82:90:FB X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:4a:9e:06:be:31:dd:f6:e2:75:9f:d5:2e:64:e0:34:0d:0f: 2d:41:7b:99:a1:50:0b:13:62:f3:09:d3:10:8b:53:4d:ba:4a: fd:a9:f1:4d:de:e7:b1:f1:d2:6e:e6:32:67:2d:71:01:79:e6: 98:03:4f:40:b4:3e:25:9a:18:f2:2f:5a:5a:c9:c9:67:f1:98: f9:58:f1:03:62:73:8c:7f:90:77:41:5e:dd:13:16:9b:30:01: fe:16:e6:ff:dc:88:12:1e:25:a0:b6:79:82:1a:ad:43:91:80: 67:5c:9a:f6:d5:6c:ea:8f:ce:3b:96:bf:d9:2b:55:4a:37:23: cd:dc:b5:7f:ff:67:82:9c:87:af:1f:03:f1:ec:e7:4c:01:62: 30:7b:d4:c9:f1:58:c3:4b:e8:3b:0f:58:be:63:69:b4:90:bc: 87:59:69:45:36:ac:a4:7d:7c:dd:cc:78:7a:1b:ab:90:80:3a: cf:d1:85:c0:13:07:d4:66:06:24:67:78:de:86:3c:6a:d4:b0: 1f:4b:9f:64:63:f5:5c:4c:7c:5d:42:2e:77:a7:e0:f6:cb:55: 19:48:cf:74:3d:df:9d:57:ce:09:a9:53:96:e5:65:f3:5e:79: 3f:b4:70:7e:88:f5:d8:22:74:c7:66:2f:81:1c:d4:ea:d8:bf: aa:f5:9b:ed -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjQwNTAzMDYxNDI0WhcNMjQwNTEwMDYxNDI0WjAYMRYwFAYD VQQDEw02NjM0ODBjMC0yZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3pA3Dr7NqQScIGpuKIKqfD2hJZWW/RrXEYxQhR+6Wv2SwIdDNs+naE9WRSLx g4Ld3fy4dX99sixpfZwu2rE9jUByD6q65vRUSPzKyMZZMy2klSCCga/Hcr9ghiBE gISEA91DqIPNeUbHOdEKQ2OjhmOXyZIr/jF9ziRDCRekDSR/4ZRGO8ZFeozr4cW3 BVWLoBbSrQlHLpcfTc3fvafiAJazFAYnitT8tdFzKO9yxdFSnaYiZAv8mm5ZwEfc XpXe3tv/Ks0fE9OonoyooFWF/22knrcUdpC3/qqHGT2FZ93ItaVXpLkp7RYLFvJF Z+bs1Yp8U709HC49IjkG0kzrlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFtvADkm GAj1z+3I/YPhUFL1gpD7MB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBySp4GvjHd9uJ1n9UuZOA0DQ8tQXuZoVALE2LzCdMQi1NNukr9qfFN 3uex8dJu5jJnLXEBeeaYA09AtD4lmhjyL1paycln8Zj5WPEDYnOMf5B3QV7dExab MAH+Fub/3IgSHiWgtnmCGq1DkYBnXJr21Wzqj847lr/ZK1VKNyPN3LV//2eCnIev HwPx7OdMAWIwe9TJ8VjDS+g7D1i+Y2m0kLyHWWlFNqykfXzdzHh6G6uQgDrP0YXA EwfUZgYkZ3jehjxq1LAfS59kY/VcTHxdQi53p+D2y1UZSM90Pd+dV84JqVOW5WXz Xnk/tHB+iPXYInTHZi+BHNTq2L+q9Zvt -----END CERTIFICATE-----Generated at Fri May 3 08:21:40 2024 by rpki-client on console-ams.rpki-client.org