$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: RWY5pPWG9aAvWCj0fVygIdasTK/J5jS728wyd17f6/c= Subject key identifier: 5A:FF:99:0C:F1:47:27:0A:70:6F:E9:4D:9B:1C:0C:7B:14:E5:E3:D6 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0CDA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0CA4 Signing time: Wed 08 May 2024 18:59:29 +0000 Manifest this update: Wed 08 May 2024 18:59:28 +0000 Manifest next update: Wed 15 May 2024 18:59:28 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: 2s4ISIbsdidV2p9ZeHdLxZktoD+b+GH70C61CPO1uWY=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: 9t9GDp7ZqladtrdBUXmrc/NZZU8T2RDKfVbmG47fQD4=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: teS196GOIZT4ALLG0mGVFJBt9VHCuAp9QaaTbuShiyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3290 (0xcda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: May 8 18:59:28 2024 GMT Not After : May 15 18:59:28 2024 GMT Subject: CN=663bcb91-ed8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:be:40:eb:b3:e0:27:76:36:79:98:9f:d5:e3: 7d:8a:85:1a:f7:7e:f2:7a:c9:6f:0c:f5:e5:14:53: 8a:25:4a:8a:7c:71:c9:bf:45:81:51:96:c1:e6:43: 08:44:dd:d4:1f:de:57:29:ea:81:d7:ca:72:40:a9: d8:15:da:ea:b1:f7:cc:ca:c1:c7:43:dc:93:fb:35: 56:8e:0c:0e:89:b9:29:0a:87:26:56:a4:26:68:a5: 9c:b9:8f:58:c8:60:0d:0f:3f:f7:4c:59:df:8b:3e: 97:43:21:e2:88:e8:58:86:c7:97:d7:25:4c:18:2d: b7:b7:b4:14:88:e2:8c:a9:54:87:70:a1:cc:ac:45: 6c:98:b0:98:d0:21:5a:63:1b:f0:81:fa:c8:0d:1f: 14:6c:97:69:7d:e5:e2:0b:c3:ca:d0:64:d4:53:51: b9:88:a1:d5:39:c9:02:18:0c:ba:ae:4e:32:56:c1: b1:af:30:c9:b3:64:19:bf:72:63:d3:e7:b9:6f:26: 77:d7:e9:58:05:eb:0c:23:8f:da:50:88:5e:73:f9: 08:0b:2e:89:74:49:da:59:7b:52:2c:35:60:b7:7a: 24:9c:f5:d3:7e:d6:79:35:2e:87:d2:79:cb:33:fa: a6:12:bf:5d:f7:be:9e:f6:6b:2a:0e:e2:a4:87:00: 23:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:FF:99:0C:F1:47:27:0A:70:6F:E9:4D:9B:1C:0C:7B:14:E5:E3:D6 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:3c:ce:76:e7:e1:2b:0b:1b:15:16:14:65:c2:fd:a1:f6:d6: f8:44:53:4a:ca:b9:e6:6d:a9:04:41:c5:b3:e7:5f:57:0e:9e: 43:70:78:d7:d3:8e:a2:a5:68:de:6f:4e:33:b1:08:4d:73:82: 0b:29:17:12:39:2e:52:91:4a:0a:9e:2f:5e:af:26:6f:74:84: a2:b8:d8:41:7b:a0:5a:72:a7:8f:8f:b0:f0:78:e6:a2:d0:f0: 3e:6d:66:22:e0:01:84:c6:6a:b2:ce:41:b7:84:8f:99:41:2d: 4b:08:49:cb:92:70:0d:5e:24:db:d9:58:b6:bb:8a:3b:45:b1: 8b:a8:fc:8b:cd:1e:5c:6d:69:97:ef:88:5e:e2:dc:26:03:9e: a4:2d:12:c6:f3:72:9d:d7:42:7c:42:8e:f0:13:3d:ea:dd:e4: b0:be:a4:54:89:94:33:2d:12:c6:00:aa:cb:59:cc:99:85:3e: ae:e1:89:95:d8:7a:6b:1f:3f:21:00:60:28:5b:12:72:35:e5: 49:ca:b0:d2:cf:d5:ef:b7:b6:89:92:e5:43:c4:f0:c1:86:dc: a6:02:20:fc:49:e2:c3:b2:45:a7:92:6b:85:a8:04:c7:56:f0: bf:8b:3c:ee:bd:a9:6e:d3:40:f3:dd:3b:ab:f5:ca:96:d2:6a: 56:24:a5:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjQwNTA4MTg1OTI4WhcNMjQwNTE1MTg1OTI4WjAYMRYwFAYD VQQDEw02NjNiY2I5MS1lZDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4L5A67PgJ3Y2eZif1eN9ioUa937yeslvDPXlFFOKJUqKfHHJv0WBUZbB5kMI RN3UH95XKeqB18pyQKnYFdrqsffMysHHQ9yT+zVWjgwOibkpCocmVqQmaKWcuY9Y yGANDz/3TFnfiz6XQyHiiOhYhseX1yVMGC23t7QUiOKMqVSHcKHMrEVsmLCY0CFa YxvwgfrIDR8UbJdpfeXiC8PK0GTUU1G5iKHVOckCGAy6rk4yVsGxrzDJs2QZv3Jj 0+e5byZ31+lYBesMI4/aUIhec/kICy6JdEnaWXtSLDVgt3oknPXTftZ5NS6H0nnL M/qmEr9d976e9msqDuKkhwAjWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFr/mQzx RycKcG/pTZscDHsU5ePWMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNPM525+ErCxsVFhRlwv2h9tb4RFNKyrnmbakEQcWz519XDp5DcHjX 046ipWjeb04zsQhNc4ILKRcSOS5SkUoKni9eryZvdISiuNhBe6BacqePj7DweOai 0PA+bWYi4AGExmqyzkG3hI+ZQS1LCEnLknANXiTb2Vi2u4o7RbGLqPyLzR5cbWmX 74he4twmA56kLRLG83Kd10J8Qo7wEz3q3eSwvqRUiZQzLRLGAKrLWcyZhT6u4YmV 2HprHz8hAGAoWxJyNeVJyrDSz9Xvt7aJkuVDxPDBhtymAiD8SeLDskWnkmuFqATH VvC/izzuvalu00Dz3Tur9cqW0mpWJKWe -----END CERTIFICATE-----Generated at Wed May 8 21:04:05 2024 by rpki-client on console-fra.rpki-client.org