$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft File: XmtaBob1a6DA93-zvzGzhWMiCCQ.mft (raw, json) Hash identifier: EyHuSngXbjYeQYB1e3CyuJfCFIGtRDFjPdB00/EyrKM= Subject key identifier: 34:E1:21:E0:01:42:4C:94:74:28:B0:68:37:68:76:68:49:CB:AE:95 Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Certificate serial: 2212 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft Manifest number: 21FD Signing time: Mon 06 May 2024 16:17:02 +0000 Manifest this update: Mon 06 May 2024 16:17:01 +0000 Manifest next update: Mon 13 May 2024 16:17:01 +0000 Files and hashes: 1: XmtaBob1a6DA93-zvzGzhWMiCCQ.crl (hash: DMTvW9996LScNE/0e+N4HpUOkhcf7lInZcDGNpKre+s=) 2: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (hash: yS4hjD1K8PDIQgrwqb69ifH0Xd3CZgdct8yqms8epVM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 16:15:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8722 (0x2212) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824 Validity Not Before: May 6 16:17:01 2024 GMT Not After : May 13 16:17:01 2024 GMT Subject: CN=6639027e-6b73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:57:4a:65:17:63:ce:b3:1d:c9:89:bd:5b:0b: 15:bb:ad:66:e3:a2:3f:82:f7:89:ac:49:db:18:a8: e0:f1:ad:55:4c:dc:81:3f:dd:78:22:d3:70:ae:25: be:10:f0:24:4e:1a:0c:7e:c7:41:61:b8:fa:ef:bb: a8:49:68:0c:2b:21:f7:a8:79:8b:e7:b1:63:53:c5: db:2a:d5:39:fa:c1:c5:87:94:0f:fb:ab:92:ee:7d: a0:d5:5e:4b:6d:d5:6c:a7:cc:0f:ff:c3:6a:4f:cf: cf:e3:2b:47:c4:3b:c8:b6:85:04:43:e1:d6:eb:1b: 2c:00:a0:39:30:63:49:1d:12:62:c7:ad:62:3f:13: 08:7d:f6:94:05:de:2e:90:74:4e:64:71:65:76:b3: 18:1c:5b:c1:71:93:74:17:23:02:e2:41:d3:48:9b: 2b:2d:9d:a7:2e:55:e8:b4:4b:0a:b7:6c:3b:8c:91: e9:08:fc:e1:ee:ce:b9:b9:01:b8:fd:71:42:e4:da: f3:c2:6a:d1:bf:0a:b1:3f:b0:ba:30:7c:b1:e0:3e: 8e:ff:8a:a0:be:ee:c4:16:48:d5:af:7b:5d:20:fe: 79:9e:d6:d6:86:80:f6:ea:8d:9e:5d:62:65:96:a8: d1:a2:28:e3:58:28:be:97:e6:ae:63:62:01:35:a7: 8b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:E1:21:E0:01:42:4C:94:74:28:B0:68:37:68:76:68:49:CB:AE:95 X509v3 Authority Key Identifier: keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:96:88:c7:63:98:20:fd:a4:12:d2:09:ce:90:00:57:2f:58: 73:a6:7f:2c:76:13:1c:53:b7:34:03:05:9a:4e:b5:df:9c:71: a6:2a:28:91:f1:9d:b5:95:d8:fd:8e:c7:bc:7b:ef:33:16:2c: ff:b8:ad:24:e5:cd:69:fb:e8:77:4b:ab:f8:27:3b:84:03:96: fe:7c:26:66:0c:0e:90:98:ad:7a:bd:5e:cd:b6:52:9c:bf:ec: 2b:0d:7c:1b:6b:66:28:75:ed:5b:24:db:1b:cd:74:92:3f:05: 63:58:31:88:e2:a5:78:91:86:e7:a5:69:60:55:ed:78:ad:2c: 0a:ba:1a:6e:a5:2b:89:4d:b4:7e:50:ff:d2:fe:2a:c5:db:ad: a5:39:b5:86:1e:0c:82:5b:b0:67:d8:ca:4f:33:4b:19:c7:0e: ae:35:7d:60:0e:35:25:77:4e:af:a4:04:fe:52:37:11:ca:b9: d0:36:71:df:62:5c:dd:65:6b:0d:6f:29:fc:c2:b1:24:a7:80: 5d:e1:61:7d:ac:f5:25:3f:32:3c:8e:d1:9a:0f:71:32:30:0f: e0:f0:52:45:59:70:6c:75:36:bb:a7:51:e1:07:a8:24:75:9e: ae:5a:bd:76:90:51:23:25:fd:ea:98:89:d6:a0:10:77:7f:17: 51:02:05:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIhIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1 NjMyMjA4MjQwHhcNMjQwNTA2MTYxNzAxWhcNMjQwNTEzMTYxNzAxWjAYMRYwFAYD VQQDEw02NjM5MDI3ZS02YjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVdKZRdjzrMdyYm9WwsVu61m46I/gveJrEnbGKjg8a1VTNyBP914ItNwriW+ EPAkThoMfsdBYbj677uoSWgMKyH3qHmL57FjU8XbKtU5+sHFh5QP+6uS7n2g1V5L bdVsp8wP/8NqT8/P4ytHxDvItoUEQ+HW6xssAKA5MGNJHRJix61iPxMIffaUBd4u kHROZHFldrMYHFvBcZN0FyMC4kHTSJsrLZ2nLlXotEsKt2w7jJHpCPzh7s65uQG4 /XFC5NrzwmrRvwqxP7C6MHyx4D6O/4qgvu7EFkjVr3tdIP55ntbWhoD26o2eXWJl lqjRoijjWCi+l+auY2IBNaeLRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDThIeAB QkyUdCiwaDdodmhJy66VMB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RTEwNy9FRTM1QzQ0NjlFNjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2 REE5My16dnpHemhXTWlDQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCglojHY5gg/aQS0gnOkABXL1hzpn8sdhMcU7c0AwWaTrXfnHGmKiiR 8Z21ldj9jse8e+8zFiz/uK0k5c1p++h3S6v4JzuEA5b+fCZmDA6QmK16vV7NtlKc v+wrDXwba2Yode1bJNsbzXSSPwVjWDGI4qV4kYbnpWlgVe14rSwKuhpupSuJTbR+ UP/S/irF262lObWGHgyCW7Bn2MpPM0sZxw6uNX1gDjUld06vpAT+UjcRyrnQNnHf YlzdZWsNbyn8wrEkp4Bd4WF9rPUlPzI8jtGaD3EyMA/g8FJFWXBsdTa7p1HhB6gk dZ6uWr12kFEjJf3qmInWoBB3fxdRAgU0 -----END CERTIFICATE-----Generated at Mon May 6 17:43:32 2024 by rpki-client on console-ams.rpki-client.org