$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft File: ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft (raw, json) Hash identifier: p7eRQ10mbk6PmT14Or7xW2O22IBIgo4IHdK1F1pM3s0= Subject key identifier: B0:5C:E6:3A:A8:D8:08:70:F3:64:4F:8E:39:7B:35:DD:A6:08:2A:DC Authority key identifier: 66:84:53:FF:56:91:81:FE:1A:EA:A0:63:7E:48:27:74:20:11:2C:64 Certificate issuer: /CN=A91DDD23/serialNumber=668453FF569181FE1AEAA0637E48277420112C64 Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft Manifest number: 12 Signing time: Sat 23 Nov 2024 05:58:36 +0000 Manifest this update: Sat 23 Nov 2024 05:58:35 +0000 Manifest next update: Sat 30 Nov 2024 05:58:35 +0000 Files and hashes: 1: ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl (hash: CLBTphHN2x5Tui65YxqXcil+B/nZIV+7NtGmUkheg/8=) 2: 65F3496E910D11EF95FE5C28C4F9AE02.roa (hash: MwIpMdrSL2OUPZhkEFCHw46/9hdWF6RJ27rUbg8XQI8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDD23/serialNumber=668453FF569181FE1AEAA0637E48277420112C64 Validity Not Before: Nov 23 05:58:35 2024 GMT Not After : Nov 30 05:58:35 2024 GMT Subject: CN=67416f0c-d054 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:76:4c:a4:9d:8f:be:8c:ac:07:e8:60:1b:b2: ab:52:3d:16:b3:69:74:c5:cc:1f:9e:e4:16:10:4f: 79:fb:dc:8d:3c:27:83:64:ca:82:68:92:de:bb:c7: dc:90:c5:79:fe:e3:90:e4:34:7d:92:20:c5:79:25: 56:7f:80:4b:73:d4:72:4a:08:09:d9:5f:35:ef:77: c0:01:fc:7b:df:67:35:1d:1c:2f:ba:e4:47:1c:5f: 8c:fe:ef:df:e2:76:e2:d8:a1:ab:5b:8d:1f:10:d4: 64:a9:c8:c0:ff:24:e9:71:5b:1c:c1:2c:55:57:23: 2a:bc:72:5f:11:e7:92:27:8d:e9:1a:a5:8c:23:09: 49:6d:f9:08:f3:4c:ea:5d:f3:a0:31:7b:50:f5:45: 49:fe:88:40:fd:c5:03:18:65:b7:b7:98:93:a4:f5: 0e:f8:68:f6:39:4f:36:1e:5e:6c:1b:d0:0c:fc:90: 01:d5:74:62:16:16:d3:0f:7e:1a:cd:da:08:c9:81: ea:db:0d:a6:56:80:fb:c0:7d:14:e0:e9:0c:dd:0c: 16:66:e9:00:d8:2b:11:5a:99:cc:f1:9e:85:0b:93: 70:8c:b2:b4:bd:c0:92:df:4d:6b:a4:a6:82:56:c8: 9d:e9:cd:ab:ec:78:2a:cd:98:2f:9d:53:7c:77:0d: 49:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:5C:E6:3A:A8:D8:08:70:F3:64:4F:8E:39:7B:35:DD:A6:08:2A:DC X509v3 Authority Key Identifier: keyid:66:84:53:FF:56:91:81:FE:1A:EA:A0:63:7E:48:27:74:20:11:2C:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZoRT_1aRgf4a6qBjfkgndCARLGQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDD23/EA750BEC910C11EFA540FC0FC4F9AE02/ZoRT_1aRgf4a6qBjfkgndCARLGQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:29:79:5d:73:72:9f:be:43:60:0a:1e:ed:fc:8e:c1:78:1c: 93:6d:46:3e:48:d7:d8:64:50:e5:21:63:f7:d6:18:93:76:57: c2:67:ff:67:d9:eb:1c:2e:cf:e5:8b:1b:91:61:a3:7f:8b:ca: 41:36:88:d9:c0:6a:df:64:b3:07:e3:4f:94:b8:84:e7:38:99: 5f:7c:29:1f:14:6e:6e:03:34:2d:45:dd:fc:28:7c:d2:7d:3d: 95:ce:f0:cb:20:6f:09:7b:80:98:45:f6:c7:2e:5f:a6:09:6d: 87:6f:21:84:2a:24:e0:55:e3:62:14:5b:26:18:ae:5d:d4:c9: f7:87:ee:42:de:5b:54:7a:4a:38:3b:00:9b:94:e8:82:4a:86: 23:b8:40:44:5d:2e:8d:b2:ab:5c:f5:32:db:57:0e:cc:62:54: 6f:3e:74:74:23:28:14:05:f3:a9:56:73:15:b7:44:4f:09:aa: 27:26:05:a6:9d:97:d9:6b:14:9c:d8:c3:10:5f:c8:76:a4:6e: a0:1f:ae:81:8e:83:35:a1:39:86:0d:7d:90:c1:9e:ef:7c:b4: ba:32:ce:a0:64:a4:93:91:45:20:88:f8:fe:d6:36:9f:67:36: 6a:17:91:d9:9d:76:b7:17:ee:74:ff:11:0d:32:4c:a7:27:10: 03:83:a8:c5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE REQyMzExMC8GA1UEBRMoNjY4NDUzRkY1NjkxODFGRTFBRUFBMDYzN0U0ODI3NzQy MDExMkM2NDAeFw0yNDExMjMwNTU4MzVaFw0yNDExMzAwNTU4MzVaMBgxFjAUBgNV BAMTDTY3NDE2ZjBjLWQwNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgdkyknY++jKwH6GAbsqtSPRazaXTFzB+e5BYQT3n73I08J4NkyoJokt67x9yQ xXn+45DkNH2SIMV5JVZ/gEtz1HJKCAnZXzXvd8AB/HvfZzUdHC+65EccX4z+79/i duLYoatbjR8Q1GSpyMD/JOlxWxzBLFVXIyq8cl8R55InjekapYwjCUlt+QjzTOpd 86Axe1D1RUn+iED9xQMYZbe3mJOk9Q74aPY5TzYeXmwb0Az8kAHVdGIWFtMPfhrN 2gjJgerbDaZWgPvAfRTg6QzdDBZm6QDYKxFamczxnoULk3CMsrS9wJLfTWukpoJW yJ3pzavseCrNmC+dU3x3DUkVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsFzmOqjY CHDzZE+OOXs13aYIKtwwHwYDVR0jBBgwFoAUZoRT/1aRgf4a6qBjfkgndCARLGQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURERDIzL0VBNzUwQkVDOTEw QzExRUZBNTQwRkMwRkM0RjlBRTAyL1pvUlRfMWFSZ2Y0YTZxQmpma2duZENBUkxH US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWm9SVF8xYVJnZjRhNnFCamZrZ25kQ0FSTEdRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURE RDIzL0VBNzUwQkVDOTEwQzExRUZBNTQwRkMwRkM0RjlBRTAyL1pvUlRfMWFSZ2Y0 YTZxQmpma2duZENBUkxHUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB4peV1zcp++Q2AKHu38jsF4HJNtRj5I19hkUOUhY/fWGJN2V8Jn/2fZ 6xwuz+WLG5Fho3+LykE2iNnAat9kswfjT5S4hOc4mV98KR8Ubm4DNC1F3fwofNJ9 PZXO8Msgbwl7gJhF9scuX6YJbYdvIYQqJOBV42IUWyYYrl3UyfeH7kLeW1R6Sjg7 AJuU6IJKhiO4QERdLo2yq1z1MttXDsxiVG8+dHQjKBQF86lWcxW3RE8JqicmBaad l9lrFJzYwxBfyHakbqAfroGOgzWhOYYNfZDBnu98tLoyzqBkpJORRSCI+P7WNp9n NmoXkdmddrcX7nT/EQ0yTKcnEAODqMU= -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:05 2024 by rpki-client on console-ams.rpki-client.org