$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: u0GVIEZAvM98zmhKgrSvqIetgRE3+HHTjmXR3qINTxw= Subject key identifier: F4:2A:BC:7E:D2:71:8A:AA:9D:4C:E4:90:BF:14:DF:7D:9C:AB:AE:C2 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 12C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 12BE Signing time: Sun 24 Nov 2024 16:55:42 +0000 Manifest this update: Sun 24 Nov 2024 16:55:41 +0000 Manifest next update: Sun 01 Dec 2024 16:55:41 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: bHFt03Vzp/mbZeaPsdJsGJPVbyZlP+toXdd/NbCcDiE=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: Uautv1XlrGIKG3uUq9YoWLtURxeqWmVrl93Jj3fy9ko=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4806 (0x12c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: Nov 24 16:55:41 2024 GMT Not After : Dec 1 16:55:41 2024 GMT Subject: CN=67435a8e-df89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a2:2f:dd:b7:69:ba:69:d1:28:c4:a0:2f:02: d4:0c:64:21:08:1a:1a:cc:5e:f6:9f:7a:2f:8e:cb: a6:38:25:f8:b5:47:d9:eb:cf:46:81:f9:40:3c:ec: 07:e8:22:a7:d4:62:6d:14:da:7d:c2:54:e7:8b:f8: b4:20:e7:22:38:ee:d0:93:a6:2f:88:97:1a:bf:21: ed:db:d9:8a:c6:a4:4c:5f:6e:d3:bb:87:07:ff:16: 9b:44:6f:e2:83:7f:57:43:9a:00:d0:fe:87:79:df: 4a:30:91:6a:a3:c7:42:19:54:30:59:15:d3:86:a8: 56:f0:ff:d5:e2:e7:cd:83:18:69:88:98:ec:b9:64: 33:30:71:23:50:9c:b0:e0:ce:fd:f9:14:56:8f:ca: 2f:2a:b8:e7:99:f2:ee:f5:4d:b1:bf:7b:7f:de:ca: 30:43:f5:83:c9:08:41:33:ae:e5:5a:3b:1c:b0:48: 37:e7:48:3e:bc:f2:b8:e7:b3:c1:15:ba:c5:fb:cc: 6b:89:6c:77:91:08:b6:6f:44:ae:79:15:1d:a1:1f: 76:c6:cc:f7:86:91:e8:be:21:f7:8c:c5:68:63:ad: 10:f3:c8:ae:ca:4e:cd:d1:94:d6:1d:22:93:28:21: 53:1f:07:33:80:dd:c8:e0:a2:3b:61:5a:f1:8b:b1: 30:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:2A:BC:7E:D2:71:8A:AA:9D:4C:E4:90:BF:14:DF:7D:9C:AB:AE:C2 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:6c:79:b7:06:4b:e7:90:33:1d:7a:06:71:a9:52:bd:82:cb: 8b:86:05:9e:4f:c6:5e:bb:84:0a:39:38:81:6f:03:d3:d8:9d: fa:e6:bd:34:b2:eb:b6:ca:d2:e9:7f:05:84:d3:d2:e0:e6:b3: 92:cd:d6:22:d0:70:0b:56:46:b6:9e:d0:d5:7f:df:0c:65:d1: 7b:6b:81:c4:14:a0:ca:1e:f1:98:bb:30:dc:db:be:7c:f8:a8: 59:4e:9c:7c:94:15:2d:96:d1:87:de:cb:b2:10:d7:79:e9:96: b4:6e:6b:e1:e3:f8:7e:ff:62:47:ba:54:99:f1:7d:56:6d:aa: d8:f5:d7:31:86:50:49:b4:6a:3b:0d:df:7b:61:c4:24:a6:87: b7:d0:85:ee:61:1d:9d:a4:dc:7c:ec:9e:8b:ce:4d:55:0e:9a: f7:a9:41:9b:83:13:01:2a:a0:a2:7b:5c:d3:d6:6f:e7:8b:81: 76:5c:ac:59:01:6e:ac:39:35:60:f2:2d:5c:a5:b1:e5:0f:93: 53:79:e8:9f:95:03:2b:6f:66:84:03:4f:bb:36:d4:c4:b5:2c: 76:f4:d1:eb:47:70:dd:03:b4:5c:54:43:02:db:7b:b3:bb:47: df:f2:40:bd:56:e3:58:6e:ae:90:c3:3f:b3:b8:e2:09:b9:27: 1f:15:34:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjQxMTI0MTY1NTQxWhcNMjQxMjAxMTY1NTQxWjAYMRYwFAYD VQQDEw02NzQzNWE4ZS1kZjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy6Iv3bdpumnRKMSgLwLUDGQhCBoazF72n3ovjsumOCX4tUfZ689GgflAPOwH 6CKn1GJtFNp9wlTni/i0IOciOO7Qk6YviJcavyHt29mKxqRMX27Tu4cH/xabRG/i g39XQ5oA0P6Hed9KMJFqo8dCGVQwWRXThqhW8P/V4ufNgxhpiJjsuWQzMHEjUJyw 4M79+RRWj8ovKrjnmfLu9U2xv3t/3sowQ/WDyQhBM67lWjscsEg350g+vPK457PB FbrF+8xriWx3kQi2b0SueRUdoR92xsz3hpHoviH3jMVoY60Q88iuyk7N0ZTWHSKT KCFTHwczgN3I4KI7YVrxi7EwlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPQqvH7S cYqqnUzkkL8U332cq67CMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAbHm3BkvnkDMdegZxqVK9gsuLhgWeT8Zeu4QKOTiBbwPT2J365r00 suu2ytLpfwWE09Lg5rOSzdYi0HALVka2ntDVf98MZdF7a4HEFKDKHvGYuzDc2758 +KhZTpx8lBUtltGH3suyENd56Za0bmvh4/h+/2JHulSZ8X1WbarY9dcxhlBJtGo7 Dd97YcQkpoe30IXuYR2dpNx87J6Lzk1VDpr3qUGbgxMBKqCie1zT1m/ni4F2XKxZ AW6sOTVg8i1cpbHlD5NTeeiflQMrb2aEA0+7NtTEtSx29NHrR3DdA7RcVEMC23uz u0ff8kC9VuNYbq6Qwz+zuOIJuScfFTSC -----END CERTIFICATE-----Generated at Sun Nov 24 18:36:19 2024 by rpki-client on console-fra.rpki-client.org