$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: fqbFStRMkl6qsfeF66YpzD6cVce2QowI3J7yqqLKQYs= Subject key identifier: 39:28:BF:D9:0A:6E:98:4A:B0:3B:EC:36:A7:46:F0:78:17:0E:2D:00 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 33C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 33BD Signing time: Tue 30 Apr 2024 15:00:27 +0000 Manifest this update: Tue 30 Apr 2024 15:00:27 +0000 Manifest next update: Tue 07 May 2024 15:00:27 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: 2V25oGcuTox5ngNQ9X1L1uJoUFUnknkT86Ca9VmPnXw=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: gBhtfDqbYf+6FfnwqEokkFBRyUrjeS3Q2Oprg2azRMM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 15:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13249 (0x33c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Apr 30 15:00:27 2024 GMT Not After : May 7 15:00:27 2024 GMT Subject: CN=6631078b-6e81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:bc:4a:70:8d:cf:09:81:f2:fb:1e:6b:35:fb: e0:40:ee:17:e6:92:24:84:5f:83:11:3b:3f:5d:3c: 16:24:6f:53:e7:d1:d6:a1:c6:cd:ad:6d:1e:3e:1e: 6c:2c:7d:e6:07:f0:f2:12:ad:1f:89:69:17:75:d1: 2a:49:bd:c8:aa:e4:a9:c2:1e:e6:85:c4:ef:56:c1: 71:53:39:d1:3b:44:d8:dc:51:3b:b2:4b:69:9d:c6: 18:43:1b:33:93:8f:66:0a:fe:31:41:30:09:49:3d: 5f:7c:64:ae:43:99:cc:b6:b1:72:9f:d9:45:0f:93: 54:ef:8c:c8:42:d0:52:75:04:64:b5:81:bb:f8:b5: 4f:ed:63:7d:2b:ca:32:51:43:17:04:8a:88:55:10: 3d:aa:a5:3e:d7:fa:a3:15:76:ee:ff:b0:4e:d1:6d: bd:0e:be:8b:21:5c:ec:2a:4d:c6:3d:c3:61:80:5b: 4c:32:ac:b4:c7:58:2b:5a:8c:bd:2f:e4:0a:34:da: 10:38:7c:f6:7a:e9:e1:c0:18:ff:95:5b:b7:43:cd: a9:8e:37:15:c0:d3:fe:2e:10:b7:77:90:63:07:89: f3:f2:e3:75:09:ca:e9:b3:cd:37:df:2e:9e:f1:90: ea:74:02:1f:fe:97:f9:06:03:67:80:58:2d:09:84: b8:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:28:BF:D9:0A:6E:98:4A:B0:3B:EC:36:A7:46:F0:78:17:0E:2D:00 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:0e:ce:4e:fe:e6:d5:15:02:2a:9b:fd:86:72:16:61:24:6a: 2d:6b:8e:b9:19:35:41:85:4a:48:31:1f:6a:83:b7:26:64:74: bc:4d:54:be:21:ae:f7:f0:a3:e9:7f:a8:39:a5:50:c0:ac:6f: 48:fe:72:69:7a:24:35:c2:55:8e:75:2c:ae:7c:0e:2b:8e:42: 2f:77:3d:ff:88:18:dd:58:c2:7b:41:79:df:5c:5c:30:64:6c: dc:d7:2e:02:44:fe:ea:71:8a:9e:ba:87:2f:18:ce:c1:97:a0: f9:ac:63:8e:6c:f6:82:6c:c3:23:4e:07:41:82:2c:48:b4:a2: 04:71:95:c4:8e:d7:98:4b:00:cb:10:37:36:fa:0a:45:aa:ab: 5c:3b:1d:be:e7:d2:ce:80:0b:24:41:c1:dc:15:17:4b:29:c7: 9c:9d:68:c0:ed:14:4d:56:ac:f9:9d:6e:d6:f2:05:41:4a:ba: 88:bb:83:02:fa:0e:d7:1f:79:ab:d1:f7:65:02:56:5d:54:fe: 7a:83:81:c0:29:41:8a:90:87:61:7c:f4:7a:be:52:64:99:ff: 0b:34:44:de:09:9c:38:c9:d7:b4:6c:df:ad:aa:81:54:f0:dd: 56:2e:93:f4:a7:95:f5:2f:e4:c3:c1:d0:ae:29:d6:40:e0:99: 50:a2:b6:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICM8EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjQwNDMwMTUwMDI3WhcNMjQwNTA3MTUwMDI3WjAYMRYwFAYD VQQDEw02NjMxMDc4Yi02ZTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5LxKcI3PCYHy+x5rNfvgQO4X5pIkhF+DETs/XTwWJG9T59HWocbNrW0ePh5s LH3mB/DyEq0fiWkXddEqSb3IquSpwh7mhcTvVsFxUznRO0TY3FE7sktpncYYQxsz k49mCv4xQTAJST1ffGSuQ5nMtrFyn9lFD5NU74zIQtBSdQRktYG7+LVP7WN9K8oy UUMXBIqIVRA9qqU+1/qjFXbu/7BO0W29Dr6LIVzsKk3GPcNhgFtMMqy0x1grWoy9 L+QKNNoQOHz2eunhwBj/lVu3Q82pjjcVwNP+LhC3d5BjB4nz8uN1Ccrps8033y6e 8ZDqdAIf/pf5BgNngFgtCYS40wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDkov9kK bphKsDvsNqdG8HgXDi0AMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAlDs5O/ubVFQIqm/2GchZhJGota465GTVBhUpIMR9qg7cmZHS8TVS+ Ia738KPpf6g5pVDArG9I/nJpeiQ1wlWOdSyufA4rjkIvdz3/iBjdWMJ7QXnfXFww ZGzc1y4CRP7qcYqeuocvGM7Bl6D5rGOObPaCbMMjTgdBgixItKIEcZXEjteYSwDL EDc2+gpFqqtcOx2+59LOgAskQcHcFRdLKcecnWjA7RRNVqz5nW7W8gVBSrqIu4MC +g7XH3mr0fdlAlZdVP56g4HAKUGKkIdhfPR6vlJkmf8LNETeCZw4yde0bN+tqoFU 8N1WLpP0p5X1L+TDwdCuKdZA4JlQorbb -----END CERTIFICATE-----Generated at Tue Apr 30 19:22:59 2024 by rpki-client on console-ams.rpki-client.org