$ rpki-client -vvf rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft File: A4zy4oB33yytpFdW-12ZpuJA_Qk.mft (raw, json) Hash identifier: bVooORge6N4ixmDo8gt6YCH44whWXL06bOk7nQlJQh4= Subject key identifier: B3:9C:75:03:01:2A:5E:BD:64:EC:26:45:F2:E8:F5:18:DF:13:86:75 Authority key identifier: 03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 Certificate issuer: /CN=A9112CEC/serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Certificate serial: 3432 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft Manifest number: 3428 Signing time: Fri 22 Nov 2024 15:11:15 +0000 Manifest this update: Fri 22 Nov 2024 15:11:15 +0000 Manifest next update: Fri 29 Nov 2024 15:11:15 +0000 Files and hashes: 1: A4zy4oB33yytpFdW-12ZpuJA_Qk.crl (hash: x1P8BgK/DFhPQvKmUwfReAeiKD6fqp7jgfSeuP5uhXM=) 2: 55A4C5C004AA11E8935B7021C4F9AE02.roa (hash: Hux71er2Qs5CKXElMxsIIOBK+KutGucMBDid93LFsCU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:11:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13362 (0x3432) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9112CEC/serialNumber=038CF2E28077DF2CADA45756FB5D99A6E240FD09 Validity Not Before: Nov 22 15:11:15 2024 GMT Not After : Nov 29 15:11:15 2024 GMT Subject: CN=67409f13-f2e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:04:8d:d4:1a:08:d2:8f:0f:62:d5:97:0a:63: df:bd:96:57:2b:b0:a0:3f:66:1d:ed:74:d4:07:54: 6d:82:ba:83:9f:17:74:d1:b7:57:d1:b4:a5:f6:db: cd:bd:a0:5c:ae:15:0e:ba:89:eb:4c:8f:f7:58:e2: 6f:a9:01:08:bc:c2:5b:28:7d:e3:79:30:ba:09:6e: e3:ce:09:68:9d:a5:99:b8:64:0c:27:f2:6d:7c:bb: 7e:3e:ec:bc:8b:1d:f7:ce:ce:3c:69:ba:64:f9:51: 03:de:eb:39:7f:e4:17:fd:58:db:b8:87:e2:a6:c2: a4:54:96:5b:d5:62:91:56:f3:73:fe:e2:32:f0:e6: 3b:83:a1:73:43:18:51:3d:ed:38:18:94:0c:fb:2d: e5:a1:01:e9:a4:a1:46:85:f9:46:0c:85:9e:f7:cf: 4c:3e:c3:60:2e:52:76:60:21:6d:94:d7:20:69:cc: 79:fd:ce:72:ce:a4:58:2e:09:01:05:84:9d:93:4e: f5:4d:82:6f:54:76:b9:53:d9:0c:87:0e:58:71:df: 97:26:50:d8:96:b3:67:f8:68:6f:b8:e7:19:7d:13: c0:cf:f4:d5:f6:e3:dd:b7:c9:be:e9:c8:44:c3:f0: 9f:91:2b:a0:87:20:47:71:2b:ae:46:61:08:60:37: 5a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:9C:75:03:01:2A:5E:BD:64:EC:26:45:F2:E8:F5:18:DF:13:86:75 X509v3 Authority Key Identifier: keyid:03:8C:F2:E2:80:77:DF:2C:AD:A4:57:56:FB:5D:99:A6:E2:40:FD:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A4zy4oB33yytpFdW-12ZpuJA_Qk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112CEC/B8B0C7881DA411E28C93E79A08B02CD2/A4zy4oB33yytpFdW-12ZpuJA_Qk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:29:41:e4:3e:39:31:4c:c5:e3:7a:ed:52:a9:60:db:66:a5: 20:09:d5:f7:7b:59:bd:79:04:86:64:21:96:74:17:60:ea:49: e3:ca:79:03:df:8c:29:f8:ff:93:63:a0:66:59:9f:a1:52:ed: 70:0c:d9:a2:f0:ae:a6:a9:2b:50:11:06:56:c0:52:9f:38:26: 38:8d:10:74:5d:b1:3b:3e:e3:f3:cb:be:03:44:cd:73:34:69: 0c:df:af:ae:05:c8:0a:78:ae:63:46:d0:88:38:0b:86:96:37: 3a:fb:78:29:1b:48:c2:93:8b:c0:71:a6:14:89:5e:b9:00:b7: 5b:0f:c9:e9:73:60:9d:6e:2b:c6:90:df:fd:91:82:08:68:36: 10:2e:43:fe:47:99:e9:69:66:de:13:a1:d8:a8:ef:01:ee:ef: 3e:a3:75:16:78:a2:dd:01:3d:e4:06:b4:61:0a:60:94:a8:3b: c2:8d:13:ff:d7:d6:f5:9c:bb:ee:f1:84:38:bc:79:f4:f5:65: 25:fc:ea:9f:47:67:9c:87:b1:95:93:ec:cc:cf:68:45:3f:cf: 78:41:6e:66:e5:f6:fa:a0:84:ac:47:70:c7:cf:2b:20:e4:1e: 0a:4b:57:25:93:c4:93:c6:d8:d5:6e:08:a0:29:35:a2:ad:06: d9:9f:ad:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTJDRUMxMTAvBgNVBAUTKDAzOENGMkUyODA3N0RGMkNBREE0NTc1NkZCNUQ5OUE2 RTI0MEZEMDkwHhcNMjQxMTIyMTUxMTE1WhcNMjQxMTI5MTUxMTE1WjAYMRYwFAYD VQQDEw02NzQwOWYxMy1mMmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3wSN1BoI0o8PYtWXCmPfvZZXK7CgP2Yd7XTUB1RtgrqDnxd00bdX0bSl9tvN vaBcrhUOuonrTI/3WOJvqQEIvMJbKH3jeTC6CW7jzglonaWZuGQMJ/JtfLt+Puy8 ix33zs48abpk+VED3us5f+QX/VjbuIfipsKkVJZb1WKRVvNz/uIy8OY7g6FzQxhR Pe04GJQM+y3loQHppKFGhflGDIWe989MPsNgLlJ2YCFtlNcgacx5/c5yzqRYLgkB BYSdk071TYJvVHa5U9kMhw5Ycd+XJlDYlrNn+GhvuOcZfRPAz/TV9uPdt8m+6chE w/CfkSughyBHcSuuRmEIYDdaRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLOcdQMB Kl69ZOwmRfLo9RjfE4Z1MB8GA1UdIwQYMBaAFAOM8uKAd98sraRXVvtdmabiQP0J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMkNFQy9COEIwQzc4ODFE QTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5eXRwRmRXLTEyWnB1SkFf UWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E0enk0b0IzM3l5dHBGZFctMTJacHVKQV9Ray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MkNFQy9COEIwQzc4ODFEQTQxMUUyOEM5M0U3OUEwOEIwMkNEMi9BNHp5NG9CMzN5 eXRwRmRXLTEyWnB1SkFfUWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1KUHkPjkxTMXjeu1SqWDbZqUgCdX3e1m9eQSGZCGWdBdg6knjynkD 34wp+P+TY6BmWZ+hUu1wDNmi8K6mqStQEQZWwFKfOCY4jRB0XbE7PuPzy74DRM1z NGkM36+uBcgKeK5jRtCIOAuGljc6+3gpG0jCk4vAcaYUiV65ALdbD8npc2CdbivG kN/9kYIIaDYQLkP+R5npaWbeE6HYqO8B7u8+o3UWeKLdAT3kBrRhCmCUqDvCjRP/ 19b1nLvu8YQ4vHn09WUl/OqfR2ech7GVk+zMz2hFP894QW5m5fb6oISsR3DHzysg 5B4KS1clk8STxtjVbgigKTWirQbZn61J -----END CERTIFICATE-----Generated at Fri Nov 22 16:49:12 2024 by rpki-client on console-ams.rpki-client.org