$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: Q9oMDSXaIZ0ZAzGv7ydUQAs+hoDju3tc7V+3lKWq8E0= Subject key identifier: 5C:A5:FC:9C:A8:F6:4A:B5:3B:FE:8D:1A:AF:F3:D0:D8:6B:41:0E:EB Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0DB4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0D76 Signing time: Fri 26 Apr 2024 18:38:37 +0000 Manifest this update: Fri 26 Apr 2024 18:38:37 +0000 Manifest next update: Fri 03 May 2024 18:38:37 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: ghqn/luQKcDDDrtQqfLdyf69K87A9abGqlMU0U7LEio=) 2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: iCk6VUHMVH5gHtg/PREmheSPvw2aWyW21P7KHrsfjDI=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: vrkSfrIO1esiQb62oklUF19uRzO1YJ77hK8qAtotf54=) 4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: MSLBrmZhOVTKN/R6HTT7BdBFhHLlDs6tCvAZclp5GvU=) 5: 427DCF0C3D8211EEA0E4DD46C4F9AE02.roa (hash: ovSA2wmqnVri8Bae8yZNqfuQWsSrO5RS1cz+upo4tCM=) 6: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: HtFhpWD7ofpi/nRu+ku3OEZsNHklE9FGBRQ+B81U48w=) 7: 3FE88D863D8211EEA0E4DD46C4F9AE02.roa (hash: 5YAK6oFx/wOmrdb3rL8SmMD+EJ6DNVcJg0NK4N3BzGI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 18:38:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3508 (0xdb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Apr 26 18:38:37 2024 GMT Not After : May 3 18:38:37 2024 GMT Subject: CN=662bf4ad-5fd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d3:28:d1:ad:b3:c1:6f:84:50:1e:e8:bb:56: 0f:03:bc:79:86:f8:50:8a:c4:da:15:9d:80:ac:07: 7e:43:88:80:78:c6:b3:a2:f8:17:e7:32:c5:9a:57: 11:a4:70:ed:cf:aa:ae:6e:14:29:80:6f:31:46:43: 34:0c:93:3b:c1:81:0f:59:9e:e4:10:f6:6a:6e:53: 2e:7a:62:2b:06:3a:c4:ef:9a:53:5d:9f:cd:d5:a1: 06:41:03:14:f2:85:50:06:f6:e8:2e:9b:e4:4a:e1: f2:d9:bc:b9:9e:bb:07:56:4d:f0:ec:44:25:75:46: ab:e2:04:dd:3c:71:8a:7f:98:6c:c4:77:b7:a0:d3: c9:23:b1:7d:ad:3e:4f:a6:88:bb:34:e7:95:59:df: 6c:81:69:2e:46:ad:48:d8:42:02:a6:68:60:bd:9e: 86:e0:ba:31:ca:ca:f3:8e:44:db:4f:25:09:e7:aa: 1d:7b:a0:7d:c3:19:5a:86:dd:cf:7e:7c:3c:42:65: 8d:15:7d:a4:f3:1f:ed:0d:4f:ef:3f:16:ff:14:1e: f9:30:76:66:ea:bc:f1:92:63:80:02:2b:94:5a:ae: 14:af:4f:04:55:9c:96:d9:31:fb:b1:e9:59:22:36: 4e:35:f0:97:aa:8d:63:ca:e1:ce:b1:ca:19:9e:b2: 8d:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A5:FC:9C:A8:F6:4A:B5:3B:FE:8D:1A:AF:F3:D0:D8:6B:41:0E:EB X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:dc:bb:73:fb:90:20:6d:55:34:ec:f4:82:00:10:cd:93:8a: 8c:8a:c3:79:a7:b3:88:5e:e4:55:8f:b8:04:f9:36:53:91:8a: 13:0a:ff:1a:cc:89:50:81:74:20:c6:79:8e:61:37:f8:df:ba: fa:59:a4:4f:b2:72:ee:7a:f1:17:c8:a8:97:0f:cb:49:a7:7c: e4:db:e5:6d:ca:27:de:dd:8b:b8:bb:38:81:fd:0c:37:bd:64: 9b:b7:a8:60:88:f7:e5:1c:c7:01:dc:bb:0f:e9:ea:1c:25:93: 45:dc:2c:8d:5f:d8:46:30:ad:8c:fa:4e:29:05:10:32:8f:80: a9:ec:d8:25:fe:48:94:85:d6:6c:96:e7:fc:99:a5:7b:6b:08: fe:cb:23:19:61:19:e5:09:53:d2:af:5a:85:cf:50:11:89:6f: e4:35:f7:5c:d0:12:b2:9e:eb:d7:c0:4f:ad:75:91:1f:1e:b2: a6:59:54:bb:32:43:f5:14:29:f5:02:1e:2d:f2:d0:4a:5f:49: f4:80:55:5f:06:4e:17:d8:1c:11:70:66:a6:1d:d9:ab:aa:d2: 63:90:5d:88:36:1f:46:ce:1f:8d:41:27:83:40:02:e8:2f:6e: 37:36:6d:e1:5f:ba:19:13:9e:ea:6b:4f:96:9c:f5:16:46:b2: a9:81:6a:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjQwNDI2MTgzODM3WhcNMjQwNTAzMTgzODM3WjAYMRYwFAYD VQQDEw02NjJiZjRhZC01ZmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAutMo0a2zwW+EUB7ou1YPA7x5hvhQisTaFZ2ArAd+Q4iAeMazovgX5zLFmlcR pHDtz6qubhQpgG8xRkM0DJM7wYEPWZ7kEPZqblMuemIrBjrE75pTXZ/N1aEGQQMU 8oVQBvboLpvkSuHy2by5nrsHVk3w7EQldUar4gTdPHGKf5hsxHe3oNPJI7F9rT5P poi7NOeVWd9sgWkuRq1I2EICpmhgvZ6G4LoxysrzjkTbTyUJ56ode6B9wxlaht3P fnw8QmWNFX2k8x/tDU/vPxb/FB75MHZm6rzxkmOAAiuUWq4Ur08EVZyW2TH7selZ IjZONfCXqo1jyuHOscoZnrKNIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFyl/Jyo 9kq1O/6NGq/z0NhrQQ7rMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCD3Ltz+5AgbVU07PSCABDNk4qMisN5p7OIXuRVj7gE+TZTkYoTCv8a zIlQgXQgxnmOYTf437r6WaRPsnLuevEXyKiXD8tJp3zk2+Vtyife3Yu4uziB/Qw3 vWSbt6hgiPflHMcB3LsP6eocJZNF3CyNX9hGMK2M+k4pBRAyj4Cp7Ngl/kiUhdZs luf8maV7awj+yyMZYRnlCVPSr1qFz1ARiW/kNfdc0BKynuvXwE+tdZEfHrKmWVS7 MkP1FCn1Ah4t8tBKX0n0gFVfBk4X2BwRcGamHdmrqtJjkF2INh9Gzh+NQSeDQALo L243Nm3hX7oZE57qa0+WnPUWRrKpgWpK -----END CERTIFICATE-----Generated at Sat Apr 27 10:20:50 2024 by rpki-client on console-ams.rpki-client.org