$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft File: MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json) Hash identifier: gXqzE+FXiUmK2AH8UubVbhNCL8gNW0AXsyEwBmsxiuA= Subject key identifier: 64:6B:4B:13:B4:03:A1:58:34:C8:D6:8D:20:8F:EB:95:7C:E1:45:C1 Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 Certificate issuer: /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Certificate serial: 3420 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft Manifest number: 3420 Signing time: Fri 22 Nov 2024 15:05:28 +0000 Manifest this update: Fri 22 Nov 2024 15:05:27 +0000 Manifest next update: Fri 29 Nov 2024 15:05:27 +0000 Files and hashes: 1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: Dbl2eKc1Z8+gKlooadQurTVB1YPHCU5R+y2XbCIclrg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:05:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13344 (0x3420) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Validity Not Before: Nov 22 15:05:27 2024 GMT Not After : Nov 29 15:05:27 2024 GMT Subject: CN=67409db8-c82a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a3:09:5c:bf:09:58:46:bb:9b:ce:39:d7:cf: b7:a2:3c:a3:74:68:78:da:54:03:11:d5:e0:91:63: 81:bc:79:d2:86:ac:69:c9:38:d5:0a:66:ea:be:a4: 94:0d:7f:5d:98:88:01:ca:75:f5:e9:f2:5a:92:0a: 25:fe:63:3d:bc:76:f7:19:36:c9:65:55:56:18:69: 6b:18:66:3f:7b:ba:64:32:95:5e:b7:07:27:cf:90: 79:0b:1a:bc:6a:4f:a9:51:50:b3:db:5f:61:5d:5b: e2:63:4e:be:d1:e2:40:69:d7:3c:8f:95:57:90:55: c1:25:c9:4c:26:31:39:fb:9a:c6:1c:4c:fb:47:7d: d8:d5:72:c0:b9:b8:46:45:9a:16:e0:ef:39:0c:3a: d9:6b:bd:67:cd:43:cf:07:ec:8d:f9:37:cc:bd:de: d5:08:11:df:1d:9c:fc:45:2c:c9:67:57:6f:cc:5e: 96:bc:f5:aa:9c:52:0c:23:70:c5:a0:e8:e2:c7:21: e4:b7:ad:a5:a1:8b:b7:d4:83:4e:d9:bb:70:7d:3d: 8c:97:fa:40:7c:fd:15:b5:0f:77:bd:27:e0:03:0c: c7:15:6e:62:01:9a:eb:b8:41:af:50:9e:ab:32:34: aa:73:c2:b4:84:2c:d2:a2:10:5c:87:cc:23:f1:56: c0:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:6B:4B:13:B4:03:A1:58:34:C8:D6:8D:20:8F:EB:95:7C:E1:45:C1 X509v3 Authority Key Identifier: keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:32:50:ce:61:ad:b4:6c:c7:68:b4:28:a6:ce:55:72:96:b5: ea:e0:d1:ad:72:62:64:05:aa:42:95:3a:c6:f4:5e:c0:b5:f1: c9:f0:72:96:35:0b:5b:94:c5:e0:29:e4:f3:a4:17:d2:bf:00: 9a:ae:ca:a6:4d:dd:ee:bf:28:e8:1a:5e:1f:aa:81:68:c0:ae: 10:32:6b:8b:8a:9f:41:91:53:61:9a:e6:10:51:7d:85:ef:89: 7f:dd:66:d2:f8:19:90:b9:b7:a0:ce:43:49:5b:e4:f8:25:8f: 69:90:93:fd:17:4a:bf:57:29:0e:a2:b6:1d:38:52:d9:0c:53: 15:d0:2f:e6:b0:15:74:69:b3:12:34:9c:b3:6e:52:b5:e5:56: 14:de:35:2b:7b:9b:e2:b7:3a:c4:31:62:e0:97:5c:ac:59:d0: 5b:c3:57:7c:c3:89:45:11:ab:cd:c4:ba:3d:fe:27:5f:97:39: 9f:f2:eb:67:73:25:76:95:08:0e:2f:66:df:63:20:1e:ad:fb: dd:a1:59:82:1c:0a:d5:75:dd:ed:3f:2d:e1:1a:b0:3e:b9:01: d5:a4:74:80:4c:90:4a:c8:fb:89:86:d7:1c:e4:b0:d2:53:cf: b1:36:e6:b9:ab:00:c2:d3:8f:4c:63:f0:34:25:70:45:54:40: 5f:51:b5:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy MkE1MDNDRjgwHhcNMjQxMTIyMTUwNTI3WhcNMjQxMTI5MTUwNTI3WjAYMRYwFAYD VQQDEw02NzQwOWRiOC1jODJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwKMJXL8JWEa7m84518+3ojyjdGh42lQDEdXgkWOBvHnShqxpyTjVCmbqvqSU DX9dmIgBynX16fJakgol/mM9vHb3GTbJZVVWGGlrGGY/e7pkMpVetwcnz5B5Cxq8 ak+pUVCz219hXVviY06+0eJAadc8j5VXkFXBJclMJjE5+5rGHEz7R33Y1XLAubhG RZoW4O85DDrZa71nzUPPB+yN+TfMvd7VCBHfHZz8RSzJZ1dvzF6WvPWqnFIMI3DF oOjixyHkt62loYu31INO2btwfT2Ml/pAfP0VtQ93vSfgAwzHFW5iAZrruEGvUJ6r MjSqc8K0hCzSohBch8wj8VbAAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGRrSxO0 A6FYNMjWjSCP65V84UXBMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0 LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNMlDOYa20bMdotCimzlVylrXq4NGtcmJkBapClTrG9F7AtfHJ8HKW NQtblMXgKeTzpBfSvwCarsqmTd3uvyjoGl4fqoFowK4QMmuLip9BkVNhmuYQUX2F 74l/3WbS+BmQubegzkNJW+T4JY9pkJP9F0q/VykOorYdOFLZDFMV0C/msBV0abMS NJyzblK15VYU3jUre5vitzrEMWLgl1ysWdBbw1d8w4lFEavNxLo9/idflzmf8utn cyV2lQgOL2bfYyAerfvdoVmCHArVdd3tPy3hGrA+uQHVpHSATJBKyPuJhtcc5LDS U8+xNua5qwDC049MY/A0JXBFVEBfUbWD -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:04 2024 by rpki-client on console-ams.rpki-client.org