$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: ROWDB2pCOA2bP6hrc2lQXV6l5aMYy6h3HoSgQ2MUGEE= Subject key identifier: 87:58:30:24:42:2C:10:1C:C4:4C:01:4E:F7:00:0A:B0:4D:AF:16:FA Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 0326 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 0321 Signing time: Sat 23 Nov 2024 00:44:25 +0000 Manifest this update: Sat 23 Nov 2024 00:44:25 +0000 Manifest next update: Sat 30 Nov 2024 00:44:25 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: xYFSNcYPQiXvra7A5RPHNLYwcvJGddYF7T0BrWvdUCI=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: xmdlJLhBfyeauv2Ft4ug73ckVk3r1dVH2Fa5m4Eb/po=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 806 (0x326) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: Nov 23 00:44:25 2024 GMT Not After : Nov 30 00:44:25 2024 GMT Subject: CN=67412569-7f3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6b:92:1e:0e:da:2c:78:a7:67:a4:ef:fb:2c: 91:fd:95:67:c3:f8:62:e4:91:81:b4:8d:30:39:8f: d6:94:b3:f4:d5:3d:59:7b:e8:6e:a2:20:b6:ed:11: 92:48:d5:a5:85:64:08:0b:a3:e9:61:e6:5d:bd:2d: c4:d1:f3:72:76:75:a9:84:85:51:dd:85:28:4e:d1: 82:48:1e:6d:ba:5b:62:9a:29:cb:54:e8:47:df:b4: c0:2d:56:3e:c0:31:d1:be:5a:2e:43:49:f8:55:34: 1d:9a:e7:80:2d:56:83:cf:d5:a6:2d:db:a1:4b:85: 27:cb:05:45:5e:cc:bd:63:da:3b:2c:d9:d8:50:19: 06:0d:f5:96:2a:46:b2:c0:72:25:76:67:b7:eb:81: 15:81:c9:56:b2:8e:0b:64:13:d0:c0:0a:89:ee:6f: a5:f8:8c:56:37:9a:d4:12:71:f6:39:34:9d:de:3d: 08:5f:53:0a:bc:a0:3e:5f:79:da:e3:36:94:7f:48: 29:2e:ed:ee:4e:08:86:63:e6:f3:98:01:35:bd:d5: bb:a8:cd:ca:f5:96:5c:00:28:bf:b5:c7:9a:d5:ce: 3f:00:38:27:4c:5c:ee:a4:86:03:43:57:ae:85:44: 4f:66:9a:fd:de:00:18:e3:2b:ef:f5:9e:7f:3b:3b: 70:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:58:30:24:42:2C:10:1C:C4:4C:01:4E:F7:00:0A:B0:4D:AF:16:FA X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e1:fa:84:11:5f:0d:a6:46:7e:48:86:76:ee:13:0f:20:11:e8: fd:21:14:10:9f:29:c6:0c:02:a7:05:f9:42:fa:63:1a:24:ac: 07:75:2f:05:c3:36:d7:22:63:09:7b:90:58:6c:13:6a:95:2a: 14:88:6a:a2:cc:69:ea:da:3f:7c:de:21:f8:ee:28:94:96:cf: f0:42:b5:54:34:ae:e2:e4:a1:b7:a8:b1:f1:30:80:59:4e:92: 0e:e7:fd:96:e6:63:a7:0e:45:4c:f1:84:67:e7:ad:e6:31:97: 1a:8d:1e:e0:76:ac:cf:c3:dd:71:83:82:95:a0:e3:16:ba:ec: 12:70:f5:9f:fa:cd:05:45:03:36:4b:c3:8a:a6:d2:0e:df:e0: 59:48:88:ae:26:93:c1:48:21:f4:9b:df:5f:6f:27:9a:9a:42: f4:6b:6b:d4:c0:ca:46:db:d5:0f:99:45:60:51:cc:66:1a:3f: e1:19:ae:c6:0c:f0:cf:7b:9c:fb:8a:8d:d2:0c:ba:c8:55:2c: 67:44:ce:e1:6e:02:db:6f:d5:a8:cf:8f:c6:68:b7:41:84:54: 57:94:ad:8a:25:79:59:d4:81:95:b3:61:76:fc:85:9f:bf:35: 7a:84:13:a1:90:f0:d7:67:35:aa:f4:41:51:ed:d0:0c:6a:41: ac:82:90:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAyYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjQxMTIzMDA0NDI1WhcNMjQxMTMwMDA0NDI1WjAYMRYwFAYD VQQDEw02NzQxMjU2OS03ZjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArWuSHg7aLHinZ6Tv+yyR/ZVnw/hi5JGBtI0wOY/WlLP01T1Ze+huoiC27RGS SNWlhWQIC6PpYeZdvS3E0fNydnWphIVR3YUoTtGCSB5tultiminLVOhH37TALVY+ wDHRvlouQ0n4VTQdmueALVaDz9WmLduhS4UnywVFXsy9Y9o7LNnYUBkGDfWWKkay wHIldme364EVgclWso4LZBPQwAqJ7m+l+IxWN5rUEnH2OTSd3j0IX1MKvKA+X3na 4zaUf0gpLu3uTgiGY+bzmAE1vdW7qM3K9ZZcACi/tcea1c4/ADgnTFzupIYDQ1eu hURPZpr93gAY4yvv9Z5/OztwzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIdYMCRC LBAcxEwBTvcACrBNrxb6MB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDh+oQRXw2mRn5IhnbuEw8gEej9IRQQnynGDAKnBflC+mMaJKwHdS8F wzbXImMJe5BYbBNqlSoUiGqizGnq2j983iH47iiUls/wQrVUNK7i5KG3qLHxMIBZ TpIO5/2W5mOnDkVM8YRn563mMZcajR7gdqzPw91xg4KVoOMWuuwScPWf+s0FRQM2 S8OKptIO3+BZSIiuJpPBSCH0m99fbyeamkL0a2vUwMpG29UPmUVgUcxmGj/hGa7G DPDPe5z7io3SDLrIVSxnRM7hbgLbb9Woz4/GaLdBhFRXlK2KJXlZ1IGVs2F2/IWf vzV6hBOhkPDXZzWq9EFR7dAMakGsgpCx -----END CERTIFICATE-----Generated at Sat Nov 23 02:33:30 2024 by rpki-client on console-fra.rpki-client.org