$ rpki-client -vvf rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft File: VTcR8u_pSETEP3dtRRAYwGSXLJo.mft (raw, json) Hash identifier: hJJlcEYYJ5W/jqM63PKTxd6vMwqzQgpv0xZR67y5Drg= Subject key identifier: 5E:4D:02:E9:BD:D5:3F:D1:F8:CD:0D:52:31:CE:4B:05:2A:59:9C:2C Authority key identifier: 55:37:11:F2:EF:E9:48:44:C4:3F:77:6D:45:10:18:C0:64:97:2C:9A Certificate issuer: /CN=A911AAB5/serialNumber=553711F2EFE94844C43F776D451018C064972C9A Certificate serial: 0B5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft Manifest number: 0B53 Signing time: Fri 31 May 2024 20:20:41 +0000 Manifest this update: Fri 31 May 2024 20:20:40 +0000 Manifest next update: Fri 07 Jun 2024 20:20:40 +0000 Files and hashes: 1: VTcR8u_pSETEP3dtRRAYwGSXLJo.crl (hash: M/FlQYbXvvYc7hfRoMHxrAZOSQAumdRcq+oe+qt8Nk4=) 2: 65EE26547A8711ECBA5D244DC4F9AE02.roa (hash: Rf0IxEkwLDNapXsuJXAuul060sZSSoGxkC1k36Bzzhw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.crl rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:20:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2909 (0xb5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AAB5/serialNumber=553711F2EFE94844C43F776D451018C064972C9A Validity Not Before: May 31 20:20:40 2024 GMT Not After : Jun 7 20:20:40 2024 GMT Subject: CN=665a3119-67af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f3:47:ab:47:e9:55:0a:5b:5c:13:43:c5:ba: 4b:63:96:3b:ac:a8:f0:ec:d5:48:dc:0b:2b:85:01: 7d:89:4f:cf:dd:ae:9f:5d:30:f0:71:01:9e:2b:b9: f3:52:9a:4d:d7:46:a6:40:ef:01:9d:bf:7b:74:0d: 8e:15:72:24:58:d0:c7:e4:11:07:6e:a4:b5:0d:1c: 85:67:49:15:5c:aa:6c:d8:e7:d1:ee:3e:38:43:83: 8f:95:ce:b2:37:8a:40:b0:31:9b:f7:07:9b:bc:66: 0e:25:a9:88:74:46:50:56:8b:ce:a3:ad:01:78:d7: 9c:a0:16:53:3a:8c:ff:97:f6:f4:f9:a2:64:92:fa: 0f:31:b9:98:d1:80:34:22:68:b9:1e:d4:63:46:cc: 28:bb:45:01:b4:10:00:1a:e4:5a:a4:34:61:18:5b: 22:75:c3:30:5b:54:e7:79:67:73:f8:a9:80:28:79: 43:e2:9c:2f:43:0d:31:71:f6:7d:4b:e3:22:03:81: 29:aa:de:bf:32:9a:54:a1:6d:41:36:d4:be:dd:9f: c0:88:fe:35:5a:60:4b:2d:fa:2f:cd:63:14:04:63: b2:16:d2:8b:fd:b1:28:04:d9:21:6c:69:2c:9f:8d: 6a:e1:52:2c:6a:42:7f:90:b9:d4:5a:4a:1e:59:ac: b7:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:4D:02:E9:BD:D5:3F:D1:F8:CD:0D:52:31:CE:4B:05:2A:59:9C:2C X509v3 Authority Key Identifier: keyid:55:37:11:F2:EF:E9:48:44:C4:3F:77:6D:45:10:18:C0:64:97:2C:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTcR8u_pSETEP3dtRRAYwGSXLJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AAB5/A3BDE7A010F611EA9103B61BC4F9AE02/VTcR8u_pSETEP3dtRRAYwGSXLJo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:f6:54:01:bd:77:cc:b2:01:1d:d6:a5:9d:67:07:f9:09:88: 83:b7:15:60:ba:81:9c:56:15:11:aa:5e:c7:a1:72:70:ae:ec: 68:c6:c2:51:59:a4:b6:67:d1:1b:f7:56:45:7d:5d:5d:13:0d: 7e:8f:76:62:de:27:0f:8b:c0:94:71:52:d8:9c:4c:65:65:1e: 76:e9:d1:e3:e8:d9:b2:ab:a1:7e:f0:ec:ff:a5:28:62:f9:df: e4:9c:db:32:df:40:ac:3b:30:e1:a8:69:13:11:c4:f3:58:7a: 3e:c1:9e:75:ff:45:3b:0e:1e:fa:b0:8f:cb:75:0d:83:fc:50: b7:80:ec:a2:67:d9:07:b2:67:a4:e3:bd:2d:41:bd:05:8e:2d: 46:74:fb:62:75:ee:86:5a:ee:f4:bd:de:ec:ed:f1:2e:98:23: 80:1e:db:e0:1b:fe:d4:36:17:6f:49:34:16:67:aa:ca:12:f0: 43:fb:f6:bf:c3:d6:81:62:2a:9a:d3:29:0d:a3:e6:fc:14:68: 2e:2a:0f:95:5e:43:4d:12:eb:40:5d:21:6f:fb:90:86:f9:05: 86:d5:2f:aa:e4:10:22:78:8e:8f:f4:aa:c4:2f:24:ee:9d:35: f6:1d:9d:f0:e4:da:19:43:c2:66:30:8b:b2:7f:3d:d0:81:f1: 95:e6:4a:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC10wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFBQjUxMTAvBgNVBAUTKDU1MzcxMUYyRUZFOTQ4NDRDNDNGNzc2RDQ1MTAxOEMw NjQ5NzJDOUEwHhcNMjQwNTMxMjAyMDQwWhcNMjQwNjA3MjAyMDQwWjAYMRYwFAYD VQQDEw02NjVhMzExOS02N2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2vNHq0fpVQpbXBNDxbpLY5Y7rKjw7NVI3AsrhQF9iU/P3a6fXTDwcQGeK7nz UppN10amQO8Bnb97dA2OFXIkWNDH5BEHbqS1DRyFZ0kVXKps2OfR7j44Q4OPlc6y N4pAsDGb9webvGYOJamIdEZQVovOo60BeNecoBZTOoz/l/b0+aJkkvoPMbmY0YA0 Imi5HtRjRswou0UBtBAAGuRapDRhGFsidcMwW1TneWdz+KmAKHlD4pwvQw0xcfZ9 S+MiA4Epqt6/MppUoW1BNtS+3Z/AiP41WmBLLfovzWMUBGOyFtKL/bEoBNkhbGks n41q4VIsakJ/kLnUWkoeWay3bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF5NAum9 1T/R+M0NUjHOSwUqWZwsMB8GA1UdIwQYMBaAFFU3EfLv6UhExD93bUUQGMBklyya MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUFCNS9BM0JERTdBMDEw RjYxMUVBOTEwM0I2MUJDNEY5QUUwMi9WVGNSOHVfcFNFVEVQM2R0UlJBWXdHU1hM Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZUY1I4dV9wU0VURVAzZHRSUkFZd0dTWExKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QUFCNS9BM0JERTdBMDEwRjYxMUVBOTEwM0I2MUJDNEY5QUUwMi9WVGNSOHVfcFNF VEVQM2R0UlJBWXdHU1hMSm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAU9lQBvXfMsgEd1qWdZwf5CYiDtxVguoGcVhURql7HoXJwruxoxsJR WaS2Z9Eb91ZFfV1dEw1+j3Zi3icPi8CUcVLYnExlZR526dHj6Nmyq6F+8Oz/pShi +d/knNsy30CsOzDhqGkTEcTzWHo+wZ51/0U7Dh76sI/LdQ2D/FC3gOyiZ9kHsmek 470tQb0Fji1GdPtide6GWu70vd7s7fEumCOAHtvgG/7UNhdvSTQWZ6rKEvBD+/a/ w9aBYiqa0ykNo+b8FGguKg+VXkNNEutAXSFv+5CG+QWG1S+q5BAieI6P9KrELyTu nTX2HZ3w5NoZQ8JmMIuyfz3QgfGV5kpR -----END CERTIFICATE-----Generated at Fri May 31 22:13:01 2024 by rpki-client on console-fra.rpki-client.org