$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.mft File: 1bm7ozBeiMAA9WKTnROLpQYieyo.mft (raw, json) Hash identifier: TnlqO4AddRgyCWP3WOQFVLiaNIaaHKOSJ7gqRamlvIU= Subject key identifier: 40:CC:3A:AB:86:0A:0A:53:2A:5C:92:F0:1E:47:8F:73:85:DD:B1:9B Authority key identifier: D5:B9:BB:A3:30:5E:88:C0:00:F5:62:93:9D:13:8B:A5:06:22:7B:2A Certificate issuer: /CN=A91EAF4B/serialNumber=D5B9BBA3305E88C000F562939D138BA506227B2A Certificate serial: 0A3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bm7ozBeiMAA9WKTnROLpQYieyo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.mft Manifest number: 0A35 Signing time: Mon 06 May 2024 20:39:36 +0000 Manifest this update: Mon 06 May 2024 20:39:35 +0000 Manifest next update: Mon 13 May 2024 20:39:35 +0000 Files and hashes: 1: 1bm7ozBeiMAA9WKTnROLpQYieyo.crl (hash: i9Fcs4GOl2p8wxDEMHyFELqUZEliyna+eaEb6P+Wldc=) 2: 0422C4EAB19E11EC86ADF246C4F9AE02.roa (hash: jvwMgY3Pl4Z5h1wjjreHgdLgcX+SH5NHc/xbxrSQFh0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.crl rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bm7ozBeiMAA9WKTnROLpQYieyo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 20:39:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2623 (0xa3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAF4B/serialNumber=D5B9BBA3305E88C000F562939D138BA506227B2A Validity Not Before: May 6 20:39:35 2024 GMT Not After : May 13 20:39:35 2024 GMT Subject: CN=66394007-178f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:5c:31:4e:77:37:3e:36:cc:55:08:d7:8a:20: 51:4e:1d:2a:74:fe:87:4b:44:b0:ba:9e:16:49:c3: cb:33:ae:71:d5:b9:6b:8f:ae:55:49:41:d8:97:81: 45:9a:ce:50:ac:38:5e:81:1f:51:1b:d0:ee:d4:d3: 9c:0c:62:06:19:eb:34:c4:29:5c:34:b9:a3:4a:d8: bb:fe:7c:90:ee:69:bd:62:d5:35:50:0e:de:59:3e: 25:bb:aa:93:a1:dd:01:d6:90:88:92:d7:66:3a:f6: 61:65:ed:16:a1:91:69:7e:03:17:18:00:ba:72:ce: ce:c3:17:16:8a:8e:b7:95:f2:97:36:c0:3f:fa:fa: 73:32:a7:1e:9e:3a:d9:b1:be:a5:c7:02:10:d1:c3: 6a:fa:f0:e7:38:d4:a9:f4:f8:9b:84:95:a9:a8:d3: 4f:00:9d:17:e9:b5:96:ec:b1:7b:b0:a1:02:21:0e: d8:a5:45:49:c4:85:0e:c9:53:5a:70:eb:1d:09:0c: 74:1f:3a:c9:ce:4d:2b:cf:9d:67:15:cf:1e:ce:4f: c3:e2:9d:35:7f:fc:33:a1:df:2a:48:10:44:2a:b0: da:ef:31:26:94:76:75:99:43:39:ab:84:39:08:9a: c5:c4:73:18:dd:f6:ff:c2:1e:ec:6e:a8:53:90:ca: 84:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:CC:3A:AB:86:0A:0A:53:2A:5C:92:F0:1E:47:8F:73:85:DD:B1:9B X509v3 Authority Key Identifier: keyid:D5:B9:BB:A3:30:5E:88:C0:00:F5:62:93:9D:13:8B:A5:06:22:7B:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bm7ozBeiMAA9WKTnROLpQYieyo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/1bm7ozBeiMAA9WKTnROLpQYieyo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:94:6d:da:99:1d:37:99:8e:a9:6e:73:d1:5b:b3:38:f5:01: 78:d2:28:8e:02:a1:b0:6b:a9:b4:d0:bb:11:57:3d:d0:be:6f: f0:53:5c:68:1d:d9:b5:f1:bd:2b:0c:bf:a9:2e:8a:b4:44:ab: 0d:15:e3:47:8f:50:91:e9:5f:4c:0b:1f:e4:8b:ce:b9:0a:13: dd:e7:7a:c1:76:14:35:5e:d7:92:96:8e:d3:f4:f5:db:17:4b: 39:ee:14:db:aa:e7:95:a1:04:85:89:8e:45:6e:b7:cb:4e:45: 61:23:16:23:d6:e6:b1:43:89:98:26:52:3c:f8:51:e3:ee:67: 01:79:a8:1e:44:84:00:92:50:78:6d:3b:3a:60:df:3f:12:2a: fc:4d:a3:b2:5a:1a:13:99:91:07:03:05:7e:5f:58:c2:c6:94: 0a:77:dd:61:c5:ff:a5:33:87:2b:d6:81:13:2b:ca:a1:23:fb: 52:84:90:2a:ce:0f:d8:99:af:54:29:08:ff:76:26:a3:f7:87: df:e9:90:cc:ea:42:30:9a:13:e6:d7:b9:80:84:84:7e:ca:ed: 8c:01:7c:8c:04:4c:90:18:69:9d:d7:6d:0f:ab:2a:28:e5:21: 1a:e1:42:f0:28:90:2b:95:73:9d:3c:21:d7:f1:6f:eb:60:5e: 4b:aa:e2:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFGNEIxMTAvBgNVBAUTKEQ1QjlCQkEzMzA1RTg4QzAwMEY1NjI5MzlEMTM4QkE1 MDYyMjdCMkEwHhcNMjQwNTA2MjAzOTM1WhcNMjQwNTEzMjAzOTM1WjAYMRYwFAYD VQQDEw02NjM5NDAwNy0xNzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqFwxTnc3PjbMVQjXiiBRTh0qdP6HS0Swup4WScPLM65x1blrj65VSUHYl4FF ms5QrDhegR9RG9Du1NOcDGIGGes0xClcNLmjSti7/nyQ7mm9YtU1UA7eWT4lu6qT od0B1pCIktdmOvZhZe0WoZFpfgMXGAC6cs7OwxcWio63lfKXNsA/+vpzMqcenjrZ sb6lxwIQ0cNq+vDnONSp9PibhJWpqNNPAJ0X6bWW7LF7sKECIQ7YpUVJxIUOyVNa cOsdCQx0HzrJzk0rz51nFc8ezk/D4p01f/wzod8qSBBEKrDa7zEmlHZ1mUM5q4Q5 CJrFxHMY3fb/wh7sbqhTkMqEGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEDMOquG CgpTKlyS8B5Hj3OF3bGbMB8GA1UdIwQYMBaAFNW5u6MwXojAAPVik50Ti6UGInsq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUY0Qi84NDg1OEY2QTQ3 MTkxMUVBOTA4NjMwNzJDNEY5QUUwMi8xYm03b3pCZWlNQUE5V0tUblJPTHBRWWll eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFibTdvekJlaU1BQTlXS1RuUk9McFFZaWV5by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUY0Qi84NDg1OEY2QTQ3MTkxMUVBOTA4NjMwNzJDNEY5QUUwMi8xYm03b3pCZWlN QUE5V0tUblJPTHBRWWlleW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAglG3amR03mY6pbnPRW7M49QF40iiOAqGwa6m00LsRVz3Qvm/wU1xo Hdm18b0rDL+pLoq0RKsNFeNHj1CR6V9MCx/ki865ChPd53rBdhQ1XteSlo7T9PXb F0s57hTbqueVoQSFiY5FbrfLTkVhIxYj1uaxQ4mYJlI8+FHj7mcBeageRIQAklB4 bTs6YN8/Eir8TaOyWhoTmZEHAwV+X1jCxpQKd91hxf+lM4cr1oETK8qhI/tShJAq zg/Yma9UKQj/diaj94ff6ZDM6kIwmhPm17mAhIR+yu2MAXyMBEyQGGmd120Pqyoo 5SEa4ULwKJArlXOdPCHX8W/rYF5LquJo -----END CERTIFICATE-----Generated at Mon May 6 23:05:52 2024 by rpki-client on console-fra.rpki-client.org