$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: BK1mgxtapHfRWuLf3x2fV8DB5uHZK1OCSmu3ikZtf/U= Subject key identifier: 3B:A5:49:0C:0B:BC:EA:44:72:9E:D9:55:5E:A6:B8:58:89:3D:1A:AA Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: B0 Signing time: Sun 05 May 2024 06:38:09 +0000 Manifest this update: Sun 05 May 2024 06:38:08 +0000 Manifest next update: Sun 12 May 2024 06:38:08 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: dwe7arP86srnEJKVZhUsxoZiog/MMMXtt77JVkq67Pk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 06:34:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 176 (0xb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: May 5 06:38:08 2024 GMT Not After : May 12 06:38:08 2024 GMT Subject: CN=66372951-6b3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:23:31:4c:99:62:bb:a2:09:23:8b:fb:1b:04: 73:b3:a2:49:3a:61:09:73:47:99:c2:4b:d0:95:0f: 41:80:90:d2:1c:48:45:df:2d:54:f3:21:b4:a8:89: ab:c1:8a:80:cf:ab:94:30:80:45:bf:2c:05:73:cd: f0:86:38:c3:3d:7b:95:c6:59:0e:3d:78:c4:87:c3: 53:fd:dd:f1:e0:97:2b:de:b8:4a:d2:fe:34:74:9e: 10:c6:e0:65:33:26:22:b5:13:c3:f9:40:bb:09:a8: 9d:2b:e1:c2:eb:bc:a7:de:fa:a5:86:db:f5:cd:63: 1c:77:50:f3:94:1e:8c:f9:d9:32:2a:4f:98:55:37: 1f:d1:4b:db:ad:25:1d:0d:c0:29:5a:3d:26:85:63: 31:d0:66:10:f5:36:26:d0:d6:c8:6f:0a:ba:0b:f2: 72:cc:73:68:62:dd:03:c9:60:cb:3a:f7:9f:84:2f: 7a:89:3b:0e:68:90:de:e0:b8:76:20:bd:d3:0a:3b: ea:e3:4b:ff:49:cc:d7:52:fa:99:8c:6a:7d:a1:77: 87:76:37:0a:a1:49:78:d8:50:cd:6f:d7:89:1d:16: f8:43:25:35:b3:5d:49:f5:9c:1c:8b:7a:fd:ba:cf: e9:26:28:e0:1a:bd:44:e2:2c:bc:d5:c2:29:9c:d7: 34:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:A5:49:0C:0B:BC:EA:44:72:9E:D9:55:5E:A6:B8:58:89:3D:1A:AA X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:7b:94:62:6b:56:64:01:10:5c:4d:f5:5c:df:85:b4:87:8a: 97:21:35:37:86:6c:ab:e6:82:b2:1b:c0:67:27:75:ec:c7:46: 9f:09:de:49:ed:39:35:8b:dd:c2:8e:fc:f4:43:9d:23:f5:b2: 14:87:5c:ae:0c:e7:ea:16:e5:70:5e:d5:8c:a6:ee:16:d5:4d: 1a:3f:ba:89:74:e2:cd:83:79:dd:fb:b8:73:0c:7e:00:7f:60: 5e:c8:f7:ad:6c:1e:89:3d:2c:3b:a1:b7:36:47:a7:07:28:71: c2:e3:70:7e:09:14:4d:da:fb:d3:8f:6e:fa:44:6a:5a:ab:9e: 50:7c:40:6b:d8:7e:b3:d1:55:c2:70:e2:8b:a8:ed:f4:5e:5f: 27:87:55:ed:91:41:e2:08:00:79:7e:fc:b5:ab:b4:13:06:00: 86:57:52:61:19:1c:10:9c:7e:98:90:e0:22:11:22:dd:2d:a0: b1:7b:a5:83:7e:ea:4d:9a:ce:b8:95:3e:15:70:71:73:30:30: be:c4:ee:0f:85:08:c5:6e:ca:31:6d:52:3d:b3:56:9d:41:88: 31:68:4d:7a:bb:12:85:db:a0:fd:3b:ab:91:b8:f2:7d:a6:55: 45:77:b7:c0:b4:56:a6:e9:94:d2:46:06:6b:ca:a4:ed:6e:b7: 9c:91:18:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjQwNTA1MDYzODA4WhcNMjQwNTEyMDYzODA4WjAYMRYwFAYD VQQDEw02NjM3Mjk1MS02YjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlCMxTJliu6IJI4v7GwRzs6JJOmEJc0eZwkvQlQ9BgJDSHEhF3y1U8yG0qImr wYqAz6uUMIBFvywFc83whjjDPXuVxlkOPXjEh8NT/d3x4Jcr3rhK0v40dJ4QxuBl MyYitRPD+UC7CaidK+HC67yn3vqlhtv1zWMcd1DzlB6M+dkyKk+YVTcf0UvbrSUd DcApWj0mhWMx0GYQ9TYm0NbIbwq6C/JyzHNoYt0DyWDLOvefhC96iTsOaJDe4Lh2 IL3TCjvq40v/SczXUvqZjGp9oXeHdjcKoUl42FDNb9eJHRb4QyU1s11J9Zwci3r9 us/pJijgGr1E4iy81cIpnNc0owIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDulSQwL vOpEcp7ZVV6muFiJPRqqMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCle5Ria1ZkARBcTfVc34W0h4qXITU3hmyr5oKyG8BnJ3Xsx0afCd5J 7Tk1i93Cjvz0Q50j9bIUh1yuDOfqFuVwXtWMpu4W1U0aP7qJdOLNg3nd+7hzDH4A f2BeyPetbB6JPSw7obc2R6cHKHHC43B+CRRN2vvTj276RGpaq55QfEBr2H6z0VXC cOKLqO30Xl8nh1XtkUHiCAB5fvy1q7QTBgCGV1JhGRwQnH6YkOAiESLdLaCxe6WD fupNms64lT4VcHFzMDC+xO4PhQjFbsoxbVI9s1adQYgxaE16uxKF26D9O6uRuPJ9 plVFd7fAtFam6ZTSRgZryqTtbreckRgD -----END CERTIFICATE-----Generated at Sun May 5 08:21:13 2024 by rpki-client on console-ams.rpki-client.org