$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: kRQUYMnIMjDCdZrHt5UlVPbaZDVgvMaR2KSS/hXNHkk= Subject key identifier: C4:B9:55:66:39:1C:39:E7:40:7F:0D:A8:4E:B2:D1:F3:57:33:07:7F Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0376 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 0370 Signing time: Thu 01 Jun 2023 04:13:29 +0000 Manifest this update: Thu 01 Jun 2023 04:13:28 +0000 Manifest next update: Thu 08 Jun 2023 04:13:28 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: SjVHKkJ4u4a7ykhXKonq1GBIQpyPwwXtTvxBqlycSZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 Jun 2023 04:13:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 886 (0x376) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Jun 1 04:13:28 2023 GMT Not After : Jun 8 04:13:28 2023 GMT Subject: CN=64781ae8-7d51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:74:b6:24:99:78:85:75:dd:98:8c:0e:bf:ce: c9:5b:70:6d:26:80:b3:f9:91:fa:ee:24:98:43:da: d7:0e:bb:ad:6f:12:5c:63:7e:cc:09:9f:89:41:74: 36:23:47:da:63:43:92:24:d5:49:6e:63:92:f5:6d: ca:5a:ee:06:80:31:e6:4f:0b:0f:f7:1a:ab:b0:cd: 5a:15:7a:44:e4:6f:2e:62:f6:f9:26:13:08:2e:1a: 3a:f3:99:de:46:f0:c1:b4:ff:c7:f2:bd:00:9b:12: 16:cd:bb:5a:4a:ad:14:42:7d:fc:92:1b:6f:6e:95: c6:06:e2:72:3c:36:98:6c:37:53:54:a5:cc:ec:48: fd:f6:ce:65:30:17:06:b2:05:f9:ff:9c:a0:fa:f8: a6:49:5b:a1:03:a8:3e:57:dd:fb:3d:c3:28:2d:d5: 9b:5d:0a:d8:7e:3a:49:96:81:e6:21:69:a5:88:ff: b7:9c:d7:d5:1c:89:c1:aa:88:8a:aa:1d:1c:91:bf: cc:a3:b2:88:8f:96:1d:96:2f:2a:71:14:a9:ca:28: 7c:6d:f3:47:aa:fb:69:dc:c8:23:ae:65:e5:c2:eb: d8:1f:21:2d:f3:8c:2f:7e:a1:49:c4:0e:70:cd:60: b1:e8:25:41:a6:02:8a:36:db:70:37:5a:cf:93:dd: e1:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:B9:55:66:39:1C:39:E7:40:7F:0D:A8:4E:B2:D1:F3:57:33:07:7F X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:bb:32:e9:6e:f6:48:1d:f4:ab:6b:6b:46:ba:5e:a5:a3:07: f1:33:82:56:34:04:17:19:f5:92:9b:f1:9b:e7:a9:06:0f:57: 7b:e5:81:4e:aa:84:ea:fa:e8:a7:95:14:d7:c1:9d:1a:7e:4b: c5:1c:94:0a:9d:c8:49:8c:67:bd:83:39:7c:52:ac:80:3e:44: 71:9e:df:ae:7f:30:84:48:ca:4d:c8:cc:b0:43:d6:5c:cd:40: b0:b5:a3:a1:64:ff:dc:4f:f4:83:73:c8:90:55:17:b0:89:7a: 17:df:d1:d3:13:a7:2b:02:7e:1e:be:00:e4:70:1d:75:8a:10: 71:1d:11:7f:1b:e4:21:d6:b9:63:5f:2d:19:a5:dc:9b:78:73: ae:c1:28:89:d9:10:8a:1d:d6:03:90:9d:b6:23:62:7b:88:2f: f0:e1:d9:0d:64:98:9f:55:7d:4d:36:2d:d0:dc:c3:4b:2b:ab: 9b:39:3b:ef:07:51:8d:7d:f1:b1:12:e4:cf:30:af:66:9a:43: ea:fe:01:9c:01:88:97:fa:62:d4:81:0c:64:c5:75:c1:e4:99: cd:71:57:74:28:f3:28:45:dd:43:b0:58:5a:e2:01:96:cd:d7: 51:b9:9e:be:9b:c6:fc:18:cb:d5:32:2f:0f:05:67:c7:59:f3: ae:64:ae:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjMwNjAxMDQxMzI4WhcNMjMwNjA4MDQxMzI4WjAYMRYwFAYD VQQDEw02NDc4MWFlOC03ZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAonS2JJl4hXXdmIwOv87JW3BtJoCz+ZH67iSYQ9rXDrutbxJcY37MCZ+JQXQ2 I0faY0OSJNVJbmOS9W3KWu4GgDHmTwsP9xqrsM1aFXpE5G8uYvb5JhMILho685ne RvDBtP/H8r0AmxIWzbtaSq0UQn38khtvbpXGBuJyPDaYbDdTVKXM7Ej99s5lMBcG sgX5/5yg+vimSVuhA6g+V937PcMoLdWbXQrYfjpJloHmIWmliP+3nNfVHInBqoiK qh0ckb/Mo7KIj5Ydli8qcRSpyih8bfNHqvtp3MgjrmXlwuvYHyEt84wvfqFJxA5w zWCx6CVBpgKKNttwN1rPk93h8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMS5VWY5 HDnnQH8NqE6y0fNXMwd/MB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2uzLpbvZIHfSra2tGul6lowfxM4JWNAQXGfWSm/Gb56kGD1d75YFO qoTq+uinlRTXwZ0afkvFHJQKnchJjGe9gzl8UqyAPkRxnt+ufzCESMpNyMywQ9Zc zUCwtaOhZP/cT/SDc8iQVRewiXoX39HTE6crAn4evgDkcB11ihBxHRF/G+Qh1rlj Xy0ZpdybeHOuwSiJ2RCKHdYDkJ22I2J7iC/w4dkNZJifVX1NNi3Q3MNLK6ubOTvv B1GNffGxEuTPMK9mmkPq/gGcAYiX+mLUgQxkxXXB5JnNcVd0KPMoRd1DsFha4gGW zddRuZ6+m8b8GMvVMi8PBWfHWfOuZK5e -----END CERTIFICATE-----Generated at Thu Jun 1 04:48:51 2023 by rpki-client on console-fra.rpki-client.org