$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft File: mke_QL1Ih-IkFTMnnn8dfypfb7s.mft (raw, json) Hash identifier: R1uev/CpRvFlEg0KZLYn0CJdcg0sDCDnXW5Z9gd3rGM= Subject key identifier: FF:24:48:14:0A:37:B6:5C:2D:08:4B:2D:F5:C0:79:54:DA:DF:8B:26 Authority key identifier: 9A:47:BF:40:BD:48:87:E2:24:15:33:27:9E:7F:1D:7F:2A:5F:6F:BB Certificate issuer: /CN=A91F3989/serialNumber=9A47BF40BD4887E2241533279E7F1D7F2A5F6FBB Certificate serial: 1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft Manifest number: 1A Signing time: Fri 17 May 2024 08:50:15 +0000 Manifest this update: Fri 17 May 2024 08:50:14 +0000 Manifest next update: Fri 24 May 2024 08:50:14 +0000 Files and hashes: 1: mke_QL1Ih-IkFTMnnn8dfypfb7s.crl (hash: 83Eqk2aO8zG48xrYPoDrGMMGPF+xKN9Iz/5ePDDsrc4=) 2: A146F2C2ECD011EE8891034AC4F9AE02.roa (hash: FmKOoIy9+bgPVPKgarvTsauo+TWTKJRdnaWb6dHntdQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.crl rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27 (0x1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3989/serialNumber=9A47BF40BD4887E2241533279E7F1D7F2A5F6FBB Validity Not Before: May 17 08:50:14 2024 GMT Not After : May 24 08:50:14 2024 GMT Subject: CN=66471a46-00b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c8:6b:8e:4a:0d:14:9a:52:f8:e2:81:24:43: b4:c0:b0:35:e6:72:c0:cb:50:90:c9:c0:bc:d1:e8: 35:de:34:89:f4:2b:aa:6d:45:8b:ba:b0:04:dc:be: ff:87:f8:e9:25:9e:01:0c:9f:5d:ea:ea:6b:b5:a2: e3:44:27:3c:8a:bd:b3:77:ad:af:7a:2a:86:f3:67: 8c:c1:34:c0:fc:0f:eb:48:ab:ad:aa:60:9c:bf:65: 52:76:aa:0f:0c:09:81:93:ef:f3:1c:74:73:ff:ad: e6:43:f6:b0:05:b7:4e:38:95:ba:fb:2d:74:cf:29: 4c:18:20:1f:6a:41:0a:21:60:49:3a:bc:c5:f3:0f: 6a:4d:0c:eb:f8:f1:55:bf:76:c2:28:fc:37:aa:d3: 10:11:bc:88:3e:54:9d:75:9a:ba:cf:95:f5:24:99: d4:78:63:5c:4d:67:d0:41:00:9b:d5:34:47:da:02: a5:6a:c3:52:17:19:e6:b6:42:cb:99:6c:c7:60:54: 9a:49:1d:16:79:e8:6a:81:f7:94:30:80:49:92:7c: 69:e8:5d:b9:5c:c7:3e:89:31:f4:25:3a:b5:9e:6d: fc:4a:b0:0b:fa:78:01:1b:9d:80:e8:b4:5e:15:1b: e3:1f:37:56:fd:9b:26:5a:32:23:35:32:b6:8e:3a: 40:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:24:48:14:0A:37:B6:5C:2D:08:4B:2D:F5:C0:79:54:DA:DF:8B:26 X509v3 Authority Key Identifier: keyid:9A:47:BF:40:BD:48:87:E2:24:15:33:27:9E:7F:1D:7F:2A:5F:6F:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mke_QL1Ih-IkFTMnnn8dfypfb7s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3989/3161C37EECD011EE8A224D49C4F9AE02/mke_QL1Ih-IkFTMnnn8dfypfb7s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:c9:9d:d1:64:dc:07:ad:5e:c2:fc:5b:18:f3:3b:6f:55:f0: c6:a4:66:0d:ce:0b:f5:d4:4e:f5:b0:67:b9:86:9e:bd:dd:50: b4:3e:1f:fd:48:62:91:3b:54:bf:9d:31:76:1b:0a:49:c5:b0: 23:11:fd:4a:fa:a7:0f:c7:db:2d:54:34:b9:0b:a0:d6:71:66: 10:71:4a:aa:be:ab:e7:de:4d:e1:0b:46:3a:83:8e:96:6f:7c: ed:3e:54:ba:e4:0a:0a:8c:a3:74:f5:0c:03:73:ac:b3:bb:9f: 5d:cd:68:cc:8c:62:2e:45:75:50:d2:30:d1:4c:d6:d0:e4:f2: b7:f7:6d:cc:b0:f3:cf:4a:48:2f:d7:1f:dd:3e:55:eb:ea:5d: 8d:a7:5b:a2:8e:44:5b:bc:43:55:a0:f8:d4:46:78:a9:d3:10: a2:1e:bc:e9:04:5e:5f:9c:ee:22:c7:0a:5c:23:8f:9c:9a:b3: d5:f5:db:68:9d:24:11:d2:40:83:ae:d4:48:78:90:91:89:03: 6c:f9:04:7e:07:83:df:dc:7c:5d:48:6f:39:74:5b:ff:b3:38: ee:98:ea:e9:cf:0f:eb:8d:f4:22:3f:ae:8a:60:30:fe:16:13: 0d:ac:cc:99:85:0b:87:93:4b:91:e7:d8:24:28:a5:e5:af:cd: 72:fc:35:3b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Mzk4OTExMC8GA1UEBRMoOUE0N0JGNDBCRDQ4ODdFMjI0MTUzMzI3OUU3RjFEN0Yy QTVGNkZCQjAeFw0yNDA1MTcwODUwMTRaFw0yNDA1MjQwODUwMTRaMBgxFjAUBgNV BAMTDTY2NDcxYTQ2LTAwYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4yGuOSg0UmlL44oEkQ7TAsDXmcsDLUJDJwLzR6DXeNIn0K6ptRYu6sATcvv+H +OklngEMn13q6mu1ouNEJzyKvbN3ra96KobzZ4zBNMD8D+tIq62qYJy/ZVJ2qg8M CYGT7/McdHP/reZD9rAFt044lbr7LXTPKUwYIB9qQQohYEk6vMXzD2pNDOv48VW/ dsIo/Deq0xARvIg+VJ11mrrPlfUkmdR4Y1xNZ9BBAJvVNEfaAqVqw1IXGea2QsuZ bMdgVJpJHRZ56GqB95QwgEmSfGnoXblcxz6JMfQlOrWebfxKsAv6eAEbnYDotF4V G+MfN1b9myZaMiM1MraOOkBXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/yRIFAo3 tlwtCEst9cB5VNrfiyYwHwYDVR0jBBgwFoAUmke/QL1Ih+IkFTMnnn8dfypfb7sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzOTg5LzMxNjFDMzdFRUNE MDExRUU4QTIyNEQ0OUM0RjlBRTAyL21rZV9RTDFJaC1Ja0ZUTW5ubjhkZnlwZmI3 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbWtlX1FMMUloLUlrRlRNbm5uOGRmeXBmYjdzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYz OTg5LzMxNjFDMzdFRUNEMDExRUU4QTIyNEQ0OUM0RjlBRTAyL21rZV9RTDFJaC1J a0ZUTW5ubjhkZnlwZmI3cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAETJndFk3AetXsL8WxjzO29V8MakZg3OC/XUTvWwZ7mGnr3dULQ+H/1I YpE7VL+dMXYbCknFsCMR/Ur6pw/H2y1UNLkLoNZxZhBxSqq+q+feTeELRjqDjpZv fO0+VLrkCgqMo3T1DANzrLO7n13NaMyMYi5FdVDSMNFM1tDk8rf3bcyw889KSC/X H90+VevqXY2nW6KORFu8Q1Wg+NRGeKnTEKIevOkEXl+c7iLHClwjj5yas9X122id JBHSQIOu1Eh4kJGJA2z5BH4Hg9/cfF1Ibzl0W/+zOO6Y6unPD+uN9CI/ropgMP4W Ew2szJmFC4eTS5Hn2CQopeWvzXL8NTs= -----END CERTIFICATE-----Generated at Fri May 17 10:10:53 2024 by rpki-client on console-fra.rpki-client.org