$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft File: iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft (raw, json) Hash identifier: ii04q9jIsgRTOZ5KeYjVSu0LZsChxlRq8SFHepO6xBk= Subject key identifier: 1F:35:D8:E3:34:1B:51:24:F8:45:A6:64:C2:10:F5:AB:C6:CB:21:45 Authority key identifier: 89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 Certificate issuer: /CN=A91ECE62/serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Certificate serial: 98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft Manifest number: 95 Signing time: Wed 15 May 2024 07:03:13 +0000 Manifest this update: Wed 15 May 2024 07:03:13 +0000 Manifest next update: Wed 22 May 2024 07:03:13 +0000 Files and hashes: 1: iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl (hash: 3vpavsW762Zc2Lz6VL9LCgUzri1sU5U12d/xmkVYjsU=) 2: 047E1E9C341C11EE84F4D52CC4F9AE02.roa (hash: wc/nP/I02P9mYhl99EomTi2ak69YgtTLrrtatE7njg0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 07:03:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 152 (0x98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ECE62/serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Validity Not Before: May 15 07:03:13 2024 GMT Not After : May 22 07:03:13 2024 GMT Subject: CN=66445e31-595d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:70:f0:97:5c:59:ef:50:0b:8c:e3:d7:5c:dd: 52:cb:da:39:75:d7:2f:4f:74:f9:17:c7:53:d9:2e: b8:1d:c4:90:51:5b:95:d0:5c:a1:24:56:95:16:fc: df:04:bb:9e:16:9d:e7:f2:a2:23:33:88:7d:a0:6b: 04:b1:eb:e7:28:bc:1c:48:69:34:07:cd:d0:f7:80: 15:39:fe:f6:a6:71:b5:bd:fc:cf:7d:fa:e2:39:b7: f0:9b:7f:23:93:4f:f7:8b:d2:c7:36:e5:23:6a:a0: 34:08:bf:76:fb:82:f7:d0:59:ed:fe:ed:b6:58:88: ad:bd:8c:b0:68:d7:7c:72:dc:cf:7b:9f:92:d3:0b: 46:0f:1a:1f:52:3d:a3:9a:49:7e:1f:26:6c:bf:71: f2:aa:35:20:3f:1d:67:b7:22:13:4a:5d:32:81:d7: fc:7f:5a:52:eb:fc:f9:89:47:df:56:88:7b:77:99: ab:ab:b4:5b:e4:02:50:05:cd:0c:8f:65:23:4a:1d: b4:38:38:a4:e3:1f:7c:f4:ff:ac:23:af:22:52:69: 53:21:74:08:57:65:e6:6b:3b:3c:5d:ef:04:04:ef: 29:e9:69:f0:16:d4:e8:e7:75:c2:f8:73:fc:43:ca: 6a:9a:9b:f6:9c:95:5c:cb:ee:b3:89:d2:1b:e8:59: 70:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:35:D8:E3:34:1B:51:24:F8:45:A6:64:C2:10:F5:AB:C6:CB:21:45 X509v3 Authority Key Identifier: keyid:89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:b9:97:63:d5:14:d6:f2:94:b1:ae:db:e9:17:c8:9f:db:9d: 9a:0d:ab:1f:71:5a:b4:0a:c8:0a:9b:ed:b9:f2:3e:67:c0:eb: ee:33:fc:46:c3:1a:a1:2b:39:94:27:03:a6:11:38:7d:3e:38: 73:9b:a3:4b:9f:18:c5:f6:a8:1d:2e:0d:73:96:da:6a:03:68: 01:22:b4:01:b9:fb:39:1f:f2:ba:81:ca:d7:fe:68:f1:c0:17: 90:75:f6:8a:bd:21:97:e1:0b:e3:0d:e6:4d:e5:09:4a:7e:a1: d4:73:a0:21:c0:49:61:d1:69:2e:a7:2e:e8:9c:a7:48:70:20: 51:44:8c:5c:33:6c:bc:25:99:f1:70:20:8f:7b:7f:01:90:51: 02:d0:97:6c:3c:b9:0b:c1:ab:5a:e1:0e:dc:11:e8:bd:17:84: 10:5a:bb:25:89:96:f5:da:e0:1e:eb:5f:92:62:91:db:b2:32: eb:78:e1:78:8f:74:1d:59:d7:8a:b3:f0:85:04:8d:59:28:6e: 9f:ef:81:8d:0c:fd:87:1e:52:33:87:fe:d6:2b:ea:2d:54:aa: cc:9d:1b:9c:02:3b:e5:23:41:6d:ac:6e:ba:83:14:61:6f:3c: 2a:21:af:a3:fc:99:40:40:cf:7f:20:48:99:13:63:37:44:04: cd:07:bf:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUNFNjIxMTAvBgNVBAUTKDg5MDI3ODkwMDMzRDVENjIzQkQ0RTQzOTg2RTg4MEY2 QUIxMzg0OTQwHhcNMjQwNTE1MDcwMzEzWhcNMjQwNTIyMDcwMzEzWjAYMRYwFAYD VQQDEw02NjQ0NWUzMS01OTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAynDwl1xZ71ALjOPXXN1Sy9o5ddcvT3T5F8dT2S64HcSQUVuV0FyhJFaVFvzf BLueFp3n8qIjM4h9oGsEsevnKLwcSGk0B83Q94AVOf72pnG1vfzPffriObfwm38j k0/3i9LHNuUjaqA0CL92+4L30Fnt/u22WIitvYywaNd8ctzPe5+S0wtGDxofUj2j mkl+HyZsv3HyqjUgPx1ntyITSl0ygdf8f1pS6/z5iUffVoh7d5mrq7Rb5AJQBc0M j2UjSh20ODik4x989P+sI68iUmlTIXQIV2Xmazs8Xe8EBO8p6WnwFtTo53XC+HP8 Q8pqmpv2nJVcy+6zidIb6FlwXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB812OM0 G1Ek+EWmZMIQ9avGyyFFMB8GA1UdIwQYMBaAFIkCeJADPV1iO9TkOYbogParE4SU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0U2Mi8yMUQ1Q0NERTM0 MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhXSTcxT1E1aHVpQTlxc1Ro SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lRSjRrQU05WFdJNzFPUTVodWlBOXFzVGhKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Q0U2Mi8yMUQ1Q0NERTM0MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhX STcxT1E1aHVpQTlxc1RoSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8uZdj1RTW8pSxrtvpF8if252aDasfcVq0CsgKm+258j5nwOvuM/xG wxqhKzmUJwOmETh9Pjhzm6NLnxjF9qgdLg1zltpqA2gBIrQBufs5H/K6gcrX/mjx wBeQdfaKvSGX4QvjDeZN5QlKfqHUc6AhwElh0Wkupy7onKdIcCBRRIxcM2y8JZnx cCCPe38BkFEC0JdsPLkLwata4Q7cEei9F4QQWrsliZb12uAe61+SYpHbsjLreOF4 j3QdWdeKs/CFBI1ZKG6f74GNDP2HHlIzh/7WK+otVKrMnRucAjvlI0FtrG66gxRh bzwqIa+j/JlAQM9/IEiZE2M3RATNB7/Q -----END CERTIFICATE-----Generated at Wed May 15 09:28:18 2024 by rpki-client on console-fra.rpki-client.org