$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft File: KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft (raw, json) Hash identifier: 5mWSu7HoEn53xD2Zt346Qpd0x7NEVlvueRD8qgy4zww= Subject key identifier: 1F:55:55:03:E3:81:5D:5C:2B:15:BA:5C:F7:92:5E:DA:B2:C5:D2:68 Authority key identifier: 2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58 Certificate issuer: /CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958 Certificate serial: 1AFE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft Manifest number: 1AF6 Signing time: Tue 30 Apr 2024 16:47:20 +0000 Manifest this update: Tue 30 Apr 2024 16:47:19 +0000 Manifest next update: Tue 07 May 2024 16:47:19 +0000 Files and hashes: 1: KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl (hash: wbsETk+yr6lI/Jw1X3V47xgURoB1ZAL1eUO0yB6551E=) 2: A3436BD6FA5D11E6AA12A219C4F9AE02.roa (hash: AEkbhlHCZoSAdf5bTxzBqec94+uTUsF0jdM0DiiwKmA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 16:47:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6910 (0x1afe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE1FB/serialNumber=2AE63331F7199A55A2BAD9CB14F83FAB5066E958 Validity Not Before: Apr 30 16:47:19 2024 GMT Not After : May 7 16:47:19 2024 GMT Subject: CN=66312098-e57b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:51:ac:6f:51:f5:35:fe:10:2c:b7:50:a4:07: f6:5c:73:86:be:e4:f0:20:7c:cb:f9:44:91:c3:f6: 5b:1a:82:ae:97:ee:b0:86:e9:53:9f:d4:b5:5b:e1: 0e:07:03:38:93:e1:f8:0d:a8:01:fd:cb:c1:d3:35: f6:cd:bd:93:42:3b:ac:a0:17:c0:ad:4d:44:0c:cf: c4:bf:05:a2:49:c6:47:3e:8c:76:f6:64:68:fd:5f: 43:3b:d3:59:8a:a2:4c:0c:6e:da:8d:cb:0d:0f:f8: ea:1a:79:cb:6d:bf:0a:09:e0:e1:36:10:ec:f3:f1: 84:77:18:de:34:b6:7e:35:20:f3:49:1e:4a:08:34: e9:22:ee:15:6e:61:12:9e:b6:33:cd:77:c2:9d:e3: f1:8c:e3:5a:1c:3c:cb:d5:b8:85:14:9e:c7:0c:83: 7f:b9:a6:95:55:f7:0f:1d:0a:7c:6e:16:cc:3f:02: af:ef:4e:7c:92:2e:16:b6:6d:82:94:22:3a:9e:bf: 81:84:d8:45:54:66:6e:e0:ee:7a:54:1f:9f:34:26: 11:4b:ba:68:f5:be:70:c7:50:90:e5:35:c3:8f:0a: 63:94:d8:40:32:0b:85:29:49:ed:56:e6:c9:80:c6: 7e:a5:96:c9:e4:f6:32:37:87:f1:06:aa:51:da:e8: df:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:55:55:03:E3:81:5D:5C:2B:15:BA:5C:F7:92:5E:DA:B2:C5:D2:68 X509v3 Authority Key Identifier: keyid:2A:E6:33:31:F7:19:9A:55:A2:BA:D9:CB:14:F8:3F:AB:50:66:E9:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE1FB/4584C148FA5D11E6B8814F19C4F9AE02/KuYzMfcZmlWiutnLFPg_q1Bm6Vg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:09:34:97:97:b9:48:2d:12:37:02:b2:43:e6:98:81:c0:53: 7a:65:eb:e9:aa:49:1a:9b:37:2f:43:ce:fc:2d:78:eb:33:63: d6:ec:3b:cc:7c:f1:39:07:be:ce:9d:5f:28:ce:6e:c5:cf:6e: 9e:0e:1b:3a:d7:34:72:ad:27:a2:22:c5:0e:82:2c:90:44:8b: 69:40:94:30:95:21:0b:4b:3a:4d:aa:29:4e:02:2d:17:0b:2e: 81:b3:77:98:90:77:3c:46:8e:5d:ce:c1:0e:66:6d:a5:4d:5f: d5:ab:71:c7:93:4e:ee:e4:2a:14:49:f2:d4:57:e6:d4:9c:de: dd:44:76:1b:64:1f:2c:59:4a:6c:95:e9:e5:75:94:cf:08:3d: 85:d7:62:be:94:f9:da:f9:b7:b5:bb:4d:bd:e6:1c:62:cc:04: 5c:ec:39:97:e4:dc:75:2c:4b:f1:b0:f2:71:e4:f6:61:56:0b: 7a:9d:2d:76:bf:9c:8c:1a:9f:8d:97:52:1d:b3:54:09:80:6c: 9e:5d:b1:eb:cf:d3:35:0c:f8:66:d6:21:4a:0c:36:fc:79:b6: 83:fa:bc:b8:28:26:28:b0:d4:bf:b2:f8:b4:b9:8f:d4:41:62: d9:56:43:ae:60:af:28:ac:85:c7:4a:99:45:e1:d1:95:d3:98: 9f:2a:fa:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGv4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUxRkIxMTAvBgNVBAUTKDJBRTYzMzMxRjcxOTlBNTVBMkJBRDlDQjE0RjgzRkFC NTA2NkU5NTgwHhcNMjQwNDMwMTY0NzE5WhcNMjQwNTA3MTY0NzE5WjAYMRYwFAYD VQQDEw02NjMxMjA5OC1lNTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzFGsb1H1Nf4QLLdQpAf2XHOGvuTwIHzL+USRw/ZbGoKul+6whulTn9S1W+EO BwM4k+H4DagB/cvB0zX2zb2TQjusoBfArU1EDM/EvwWiScZHPox29mRo/V9DO9NZ iqJMDG7ajcsND/jqGnnLbb8KCeDhNhDs8/GEdxjeNLZ+NSDzSR5KCDTpIu4VbmES nrYzzXfCnePxjONaHDzL1biFFJ7HDIN/uaaVVfcPHQp8bhbMPwKv7058ki4Wtm2C lCI6nr+BhNhFVGZu4O56VB+fNCYRS7po9b5wx1CQ5TXDjwpjlNhAMguFKUntVubJ gMZ+pZbJ5PYyN4fxBqpR2ujfHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB9VVQPj gV1cKxW6XPeSXtqyxdJoMB8GA1UdIwQYMBaAFCrmMzH3GZpVorrZyxT4P6tQZulY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTFGQi80NTg0QzE0OEZB NUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZjWm1sV2l1dG5MRlBnX3ExQm02 VmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t1WXpNZmNabWxXaXV0bkxGUGdfcTFCbTZWZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RTFGQi80NTg0QzE0OEZBNUQxMUU2Qjg4MTRGMTlDNEY5QUUwMi9LdVl6TWZjWm1s V2l1dG5MRlBnX3ExQm02VmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxCTSXl7lILRI3ArJD5piBwFN6ZevpqkkamzcvQ878LXjrM2PW7DvM fPE5B77OnV8ozm7Fz26eDhs61zRyrSeiIsUOgiyQRItpQJQwlSELSzpNqilOAi0X Cy6Bs3eYkHc8Ro5dzsEOZm2lTV/Vq3HHk07u5CoUSfLUV+bUnN7dRHYbZB8sWUps lenldZTPCD2F12K+lPna+be1u0295hxizARc7DmX5Nx1LEvxsPJx5PZhVgt6nS12 v5yMGp+Nl1Ids1QJgGyeXbHrz9M1DPhm1iFKDDb8ebaD+ry4KCYosNS/svi0uY/U QWLZVkOuYK8orIXHSplF4dGV05ifKvq7 -----END CERTIFICATE-----Generated at Tue Apr 30 19:22:56 2024 by rpki-client on console-ams.rpki-client.org