$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft File: kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft (raw, json) Hash identifier: zR6dZO3Oa+fzM8RNQPRQSoomPZv/I2fC7EhDXMB4+Q0= Subject key identifier: 79:B3:48:6B:F6:12:0C:ED:7F:4D:E0:14:A1:E5:E8:2B:6F:C2:83:95 Authority key identifier: 91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 Certificate issuer: /CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Certificate serial: 0140 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft Manifest number: 013E Signing time: Sat 23 Nov 2024 02:39:39 +0000 Manifest this update: Sat 23 Nov 2024 02:39:38 +0000 Manifest next update: Sat 30 Nov 2024 02:39:38 +0000 Files and hashes: 1: kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl (hash: DZPh/PgpmM5eGIO6hdszFUB6IbSj4cunMQjUY0n0aqY=) 2: F96174ECC27D11EDB8226F2DC4F9AE02.roa (hash: vKghqf3uyMxq7W/BIeNuSu7Pchmx3WrkN5kA6uCQZ+w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:39:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 320 (0x140) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Validity Not Before: Nov 23 02:39:38 2024 GMT Not After : Nov 30 02:39:38 2024 GMT Subject: CN=6741406b-677d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:80:9c:22:3f:ef:61:6d:62:20:93:9b:dc:86: 9b:12:19:74:80:b2:2e:fd:dc:1f:93:6b:ee:3a:c3: fa:cf:83:f0:2f:fa:c5:5d:1b:03:6b:d0:03:1b:88: bc:9a:5a:e5:3c:ee:d4:5e:eb:d9:c5:82:f2:6a:09: 4d:de:98:3a:d9:fb:64:f9:61:5a:e5:eb:70:6d:f7: 88:1d:59:76:c0:1c:ab:f6:8b:23:0e:fe:87:84:c0: 4f:11:95:c6:d1:34:28:b8:4b:e6:01:31:f7:40:ec: 6e:0c:a2:f8:a5:22:fd:08:94:d8:91:89:ee:f2:b4: d1:ec:16:db:e2:99:d7:5b:f6:42:60:b0:90:df:cb: 81:92:bc:80:e9:cb:bf:67:db:0c:a6:1d:91:b7:c2: aa:e5:5e:cc:cc:22:5b:c4:37:87:a9:8f:44:2b:b2: 2c:7b:2b:96:22:8c:f6:ea:4b:37:9a:be:8c:cc:0e: 3a:3b:ca:ef:43:e9:9e:54:01:cc:94:83:76:a0:ea: 86:70:8b:2e:0b:b0:a2:c0:63:6c:6f:db:9f:6d:97: 8e:bb:47:4d:5f:37:f8:b6:b8:a7:f3:2e:3e:e1:84: f4:e7:f5:c1:6d:5f:0e:dc:3a:bc:ab:b9:09:01:12: a8:e4:62:ab:b2:8d:cd:63:b0:e6:4b:95:7c:cc:0a: 83:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:B3:48:6B:F6:12:0C:ED:7F:4D:E0:14:A1:E5:E8:2B:6F:C2:83:95 X509v3 Authority Key Identifier: keyid:91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:90:1a:73:ee:e8:16:d0:a7:32:1e:1b:f1:bc:63:43:31:c7: 4d:52:6b:ea:d2:b7:43:cd:f0:c1:1d:d2:2e:58:34:c3:4d:b5: d3:5d:01:0b:d9:35:ba:6a:8f:dd:89:8f:cf:41:48:64:85:27: 68:54:08:e8:ce:dc:18:ce:62:10:5c:f9:2e:6e:b5:d4:58:32: b0:94:3a:6c:93:02:44:55:3e:f2:0f:6c:38:48:95:37:a1:37: 55:37:d4:cc:da:c8:35:28:3a:d4:cb:66:55:79:8a:e0:65:10: b1:2e:fd:03:ed:f8:57:79:51:4f:c2:35:db:3b:6b:f9:e7:f2: 9d:7a:73:5c:d7:c0:56:f4:c4:e2:8b:d1:c6:7d:70:08:d0:65: 84:a7:84:8e:59:92:f7:27:bb:f0:d3:38:4c:1b:2d:30:b1:65: 9a:1a:2f:fc:7c:ba:07:1e:0a:33:4f:37:f1:88:39:96:c3:06: 1b:cd:2e:a0:e0:c8:ca:de:3f:c5:60:e9:10:e0:68:d1:72:25: 04:95:f0:29:90:f5:58:ae:60:cd:29:12:97:e5:bf:3f:6b:0c: 75:6a:34:64:58:47:51:ae:64:88:32:18:c9:86:51:66:60:0b: c4:1f:8d:58:cf:01:cd:7d:ed:23:97:86:20:fc:23:03:29:86: b0:3a:91:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI2RTMxMTAvBgNVBAUTKDkxOUZBODE5QjJGRkYxNDU1MjFBRjY2NDAzNTI3OEU3 RTc5MTRBNDkwHhcNMjQxMTIzMDIzOTM4WhcNMjQxMTMwMDIzOTM4WjAYMRYwFAYD VQQDEw02NzQxNDA2Yi02NzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvICcIj/vYW1iIJOb3IabEhl0gLIu/dwfk2vuOsP6z4PwL/rFXRsDa9ADG4i8 mlrlPO7UXuvZxYLyaglN3pg62ftk+WFa5etwbfeIHVl2wByr9osjDv6HhMBPEZXG 0TQouEvmATH3QOxuDKL4pSL9CJTYkYnu8rTR7Bbb4pnXW/ZCYLCQ38uBkryA6cu/ Z9sMph2Rt8Kq5V7MzCJbxDeHqY9EK7IseyuWIoz26ks3mr6MzA46O8rvQ+meVAHM lIN2oOqGcIsuC7CiwGNsb9ufbZeOu0dNXzf4trin8y4+4YT05/XBbV8O3Dq8q7kJ ARKo5GKrso3NY7DmS5V8zAqD/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHmzSGv2 Egztf03gFKHl6CtvwoOVMB8GA1UdIwQYMBaAFJGfqBmy//FFUhr2ZANSeOfnkUpJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZFMy9BMjJDODE0Q0My NzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhVVlNHdlprQTFKNDUtZVJT a2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2taLW9HYkxfOFVWU0d2WmtBMUo0NS1lUlNray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjZFMy9BMjJDODE0Q0MyNzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhV VlNHdlprQTFKNDUtZVJTa2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYkBpz7ugW0KcyHhvxvGNDMcdNUmvq0rdDzfDBHdIuWDTDTbXTXQEL 2TW6ao/diY/PQUhkhSdoVAjoztwYzmIQXPkubrXUWDKwlDpskwJEVT7yD2w4SJU3 oTdVN9TM2sg1KDrUy2ZVeYrgZRCxLv0D7fhXeVFPwjXbO2v55/KdenNc18BW9MTi i9HGfXAI0GWEp4SOWZL3J7vw0zhMGy0wsWWaGi/8fLoHHgozTzfxiDmWwwYbzS6g 4MjK3j/FYOkQ4GjRciUElfApkPVYrmDNKRKX5b8/awx1ajRkWEdRrmSIMhjJhlFm YAvEH41YzwHNfe0jl4Yg/CMDKYawOpEI -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:49 2024 by rpki-client on console-ams.rpki-client.org