$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft File: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft (raw, json) Hash identifier: OfKRnCChzjYmfA6bRf6bqjzC35Bo0pHGaOjsMn9nleE= Subject key identifier: 0D:3F:00:61:B4:F3:2A:EB:2D:8B:6F:4A:CB:05:F6:2F:AA:77:7D:22 Authority key identifier: C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 Certificate issuer: /CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Certificate serial: 01E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft Manifest number: 01E5 Signing time: Wed 01 May 2024 04:34:29 +0000 Manifest this update: Wed 01 May 2024 04:34:28 +0000 Manifest next update: Wed 08 May 2024 04:34:28 +0000 Files and hashes: 1: xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl (hash: KEI7N42jEIh3i3tvkcRizQIuvcixN/YYJRXB5E6IPl4=) 2: 6B7C33C8F6C811ECBDF7DD40C4F9AE02.roa (hash: kFKJqLQA8zC2Qc1Fc/Trg+ITcJC5T2EwVFP8GCs9t+o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 03:45:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 489 (0x1e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BF2/serialNumber=C471A56EE94F05B437C09EEE0F44203FA4592736 Validity Not Before: May 1 04:34:28 2024 GMT Not After : May 8 04:34:28 2024 GMT Subject: CN=6631c654-081c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:5e:ba:f9:c8:b1:45:c5:cc:af:37:27:5a:92: 36:9d:ca:81:80:1f:81:f6:ba:a6:c4:56:43:4b:0a: be:e7:61:db:b6:b6:6b:a1:c2:7f:78:e6:11:cc:05: 36:3c:9a:ab:be:d5:df:c7:51:b2:bb:87:21:14:06: 59:74:7a:f8:09:b3:e9:08:64:6e:4c:eb:15:f8:5c: 7e:d1:8e:e9:b1:e8:0a:17:64:e2:c8:40:2a:54:cd: a1:32:1d:5f:14:5e:ee:25:46:50:75:04:d9:1e:7f: 9d:6d:29:8e:3a:32:7b:5d:69:ab:d3:46:a3:07:c5: a7:c4:b6:4d:ac:cf:78:c0:f7:ed:fe:10:f2:55:99: 8c:d8:e4:20:c5:a1:f7:bb:7f:84:45:a6:ab:65:f5: eb:12:d1:6a:df:4b:7c:19:7f:71:89:fe:8b:28:14: 1a:1a:15:9c:2d:fe:5c:d4:6e:2d:6d:e8:60:1f:b6: 99:12:12:57:41:b4:04:cb:f5:3a:03:09:0c:0f:7e: ce:6e:06:24:d8:93:81:4e:a4:19:b7:8d:75:43:43: 18:ff:db:22:f7:e7:1a:1b:9f:5f:4a:8d:de:2b:96: 8d:5c:df:af:4c:28:64:7c:f4:a4:16:00:71:8b:cb: 29:1a:f9:1c:1f:ab:b8:f7:54:71:31:5a:fa:49:5d: 07:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:3F:00:61:B4:F3:2A:EB:2D:8B:6F:4A:CB:05:F6:2F:AA:77:7D:22 X509v3 Authority Key Identifier: keyid:C4:71:A5:6E:E9:4F:05:B4:37:C0:9E:EE:0F:44:20:3F:A4:59:27:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BF2/509096A8F6C311EC833AEF39C4F9AE02/xHGlbulPBbQ3wJ7uD0QgP6RZJzY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:a5:16:91:8a:0c:28:65:38:84:fe:89:da:43:cb:d0:ed:af: 2b:4a:09:5a:f6:3a:b3:79:be:09:47:c2:e1:87:05:26:0c:21: 6f:d4:76:dc:48:01:d7:31:f1:5d:4d:da:54:10:fc:d0:ad:63: cf:3c:05:6d:11:26:67:6e:a7:21:59:95:44:29:df:0b:17:8f: a0:2f:6a:ef:7d:6d:3c:2f:be:a3:6c:84:f7:4c:a6:f1:b4:81: 9d:f5:1b:56:bc:28:eb:67:8a:e5:f6:31:10:7f:b7:60:82:dc: 24:6a:2e:c0:e3:39:c2:9c:c3:b2:3a:e1:dd:8a:d9:2b:05:6c: d8:05:c9:35:dc:b6:54:d7:97:54:87:ab:36:33:5c:37:2c:f4: 56:88:79:85:cf:3f:26:b3:3c:e5:4b:bf:6c:23:df:a6:4e:53: fa:10:5c:13:2a:66:a0:6d:5e:eb:f8:0d:af:6f:be:24:ea:89: 56:bf:c1:4a:ea:1d:bf:8b:09:07:01:25:ee:cb:18:ab:de:f3: 64:41:88:4b:11:21:58:7f:51:37:81:31:8b:c4:9d:7b:5e:7f: a4:fd:04:de:42:02:1c:27:59:0c:a0:06:02:9e:57:99:8e:cc: 07:6e:9c:f8:7e:14:aa:da:c6:71:66:db:58:43:a8:36:82:97: ee:36:4b:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCRjIxMTAvBgNVBAUTKEM0NzFBNTZFRTk0RjA1QjQzN0MwOUVFRTBGNDQyMDNG QTQ1OTI3MzYwHhcNMjQwNTAxMDQzNDI4WhcNMjQwNTA4MDQzNDI4WjAYMRYwFAYD VQQDEw02NjMxYzY1NC0wODFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9l66+cixRcXMrzcnWpI2ncqBgB+B9rqmxFZDSwq+52HbtrZrocJ/eOYRzAU2 PJqrvtXfx1Gyu4chFAZZdHr4CbPpCGRuTOsV+Fx+0Y7psegKF2TiyEAqVM2hMh1f FF7uJUZQdQTZHn+dbSmOOjJ7XWmr00ajB8WnxLZNrM94wPft/hDyVZmM2OQgxaH3 u3+ERaarZfXrEtFq30t8GX9xif6LKBQaGhWcLf5c1G4tbehgH7aZEhJXQbQEy/U6 AwkMD37ObgYk2JOBTqQZt411Q0MY/9si9+caG59fSo3eK5aNXN+vTChkfPSkFgBx i8spGvkcH6u491RxMVr6SV0HmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0/AGG0 8yrrLYtvSssF9i+qd30iMB8GA1UdIwQYMBaAFMRxpW7pTwW0N8Ce7g9EID+kWSc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JGMi81MDkwOTZBOEY2 QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJiUTN3Sjd1RDBRZ1A2UlpK elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hIR2xidWxQQmJRM3dKN3VEMFFnUDZSWkp6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JGMi81MDkwOTZBOEY2QzMxMUVDODMzQUVGMzlDNEY5QUUwMi94SEdsYnVsUEJi UTN3Sjd1RDBRZ1A2UlpKelkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOpRaRigwoZTiE/onaQ8vQ7a8rSgla9jqzeb4JR8LhhwUmDCFv1Hbc SAHXMfFdTdpUEPzQrWPPPAVtESZnbqchWZVEKd8LF4+gL2rvfW08L76jbIT3TKbx tIGd9RtWvCjrZ4rl9jEQf7dggtwkai7A4znCnMOyOuHditkrBWzYBck13LZU15dU h6s2M1w3LPRWiHmFzz8mszzlS79sI9+mTlP6EFwTKmagbV7r+A2vb74k6olWv8FK 6h2/iwkHASXuyxir3vNkQYhLESFYf1E3gTGLxJ17Xn+k/QTeQgIcJ1kMoAYCnleZ jswHbpz4fhSq2sZxZttYQ6g2gpfuNkt/ -----END CERTIFICATE-----Generated at Wed May 1 05:59:13 2024 by rpki-client on console-fra.rpki-client.org