$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft File: l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft (raw, json) Hash identifier: cQcfAAiTpcQz5QLcppO9PpEcFklWLfro7ZLBXnkvxMs= Subject key identifier: 3D:16:BF:1C:AF:2C:46:AF:4F:CC:08:BE:C9:8D:58:E6:89:FB:D3:8F Authority key identifier: 97:D2:9B:0D:32:45:5B:B5:C6:F1:25:78:5F:40:F5:BC:27:09:F7:D4 Certificate issuer: /CN=A91DF8DB/serialNumber=97D29B0D32455BB5C6F125785F40F5BC2709F7D4 Certificate serial: 1327 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft Manifest number: 131F Signing time: Fri 22 Nov 2024 17:00:46 +0000 Manifest this update: Fri 22 Nov 2024 17:00:46 +0000 Manifest next update: Fri 29 Nov 2024 17:00:46 +0000 Files and hashes: 1: l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl (hash: U5ROKrwGGxwxLZr+0WKL6MNQrcnIAi+iC8Fb/0AN8f8=) 2: A6C9934CA74111E88B3EAB2BC4F9AE02.roa (hash: YR3r/r5s57l7vc1QAVpusxxc4M0J/72ZS6UJiTG3pTc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4903 (0x1327) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF8DB/serialNumber=97D29B0D32455BB5C6F125785F40F5BC2709F7D4 Validity Not Before: Nov 22 17:00:46 2024 GMT Not After : Nov 29 17:00:46 2024 GMT Subject: CN=6740b8be-3145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c3:a9:9f:86:a2:e5:21:ea:6b:05:da:4b:29: 8f:8c:21:25:e2:92:86:a5:c3:a8:26:43:c6:31:e7: b4:0a:5f:1e:fe:a4:f6:6f:b9:6e:50:95:65:b8:2e: 36:32:bd:11:35:08:a6:f5:6b:f4:63:ba:b1:e6:2f: 67:24:87:68:4d:8d:00:a3:44:8c:08:51:e4:9a:41: c7:14:74:83:b2:3c:9d:12:22:7f:05:8b:45:88:9a: 8a:34:2c:b1:43:06:0c:db:38:28:eb:28:bf:a0:05: cb:54:07:00:b7:2f:f0:9e:ad:d6:82:e7:b1:86:46: 88:f3:b7:a7:b3:17:06:18:40:92:32:1b:46:b3:8d: 2a:de:7d:68:65:07:65:94:2d:35:12:1b:9d:96:59: fa:82:89:f6:33:a6:17:50:06:21:da:43:80:15:e1: 43:9c:cf:59:7c:93:0c:5e:cc:88:b7:b6:80:ec:e3: 42:ed:ed:dd:67:f8:5e:e3:38:93:0a:80:af:b3:13: 30:d9:4d:b6:d3:9a:3c:1e:9b:91:8e:2b:14:d1:48: fd:ff:77:25:bd:0c:bc:fe:5b:d4:67:8e:6f:71:47: 04:b7:3c:f8:37:93:b0:e9:04:da:13:54:bd:ff:b0: cc:65:33:03:ac:a5:30:a9:6d:49:f2:ba:b4:a6:24: 35:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:16:BF:1C:AF:2C:46:AF:4F:CC:08:BE:C9:8D:58:E6:89:FB:D3:8F X509v3 Authority Key Identifier: keyid:97:D2:9B:0D:32:45:5B:B5:C6:F1:25:78:5F:40:F5:BC:27:09:F7:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:4d:c8:ea:9d:dc:1b:ba:b3:42:e8:b7:60:8a:f8:50:46:b3: 48:eb:c1:4b:40:08:d6:3f:1e:49:36:7e:54:c4:45:82:9d:7c: 42:90:52:09:1c:2c:38:60:e1:97:78:5a:62:f6:ef:be:80:89: b8:13:5c:13:d7:1f:fe:7d:fa:c3:25:9f:6a:e0:53:56:35:37: 67:76:16:3f:4f:9f:55:f0:f4:dc:14:96:2a:eb:a5:70:4f:31: da:44:cc:2f:25:02:92:22:0d:b2:29:ca:7f:76:8e:f3:31:0b: 16:82:d8:1d:ae:c1:77:59:0b:6d:ef:af:ea:44:09:cf:aa:9b: e1:33:d6:17:db:05:a8:58:0d:16:75:08:c8:49:3c:4c:7a:05: 83:53:a1:f7:c6:17:1b:86:94:18:62:75:18:53:72:61:bf:a1: b4:53:6d:a4:43:5e:e6:b1:08:90:8c:7f:df:00:ab:d6:71:76: 94:cb:7e:b6:d2:11:2b:4d:6f:7e:b7:97:a6:20:bf:22:58:1c: 60:85:84:bf:9d:77:de:6b:83:1f:09:80:8e:de:96:07:f8:5e: a4:0a:aa:78:6c:ac:53:a7:69:58:9d:6e:d0:34:bf:60:b5:70: 28:96:54:51:7b:cc:3a:7a:c0:ac:51:9a:67:d8:c5:27:04:c9: 9f:2e:fd:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEycwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY4REIxMTAvBgNVBAUTKDk3RDI5QjBEMzI0NTVCQjVDNkYxMjU3ODVGNDBGNUJD MjcwOUY3RDQwHhcNMjQxMTIyMTcwMDQ2WhcNMjQxMTI5MTcwMDQ2WjAYMRYwFAYD VQQDEw02NzQwYjhiZS0zMTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAycOpn4ai5SHqawXaSymPjCEl4pKGpcOoJkPGMee0Cl8e/qT2b7luUJVluC42 Mr0RNQim9Wv0Y7qx5i9nJIdoTY0Ao0SMCFHkmkHHFHSDsjydEiJ/BYtFiJqKNCyx QwYM2zgo6yi/oAXLVAcAty/wnq3WguexhkaI87ensxcGGECSMhtGs40q3n1oZQdl lC01Ehudlln6gon2M6YXUAYh2kOAFeFDnM9ZfJMMXsyIt7aA7ONC7e3dZ/he4ziT CoCvsxMw2U2205o8HpuRjisU0Uj9/3clvQy8/lvUZ45vcUcEtzz4N5Ow6QTaE1S9 /7DMZTMDrKUwqW1J8rq0piQ1iwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD0Wvxyv LEavT8wIvsmNWOaJ+9OPMB8GA1UdIwQYMBaAFJfSmw0yRVu1xvEleF9A9bwnCffU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjhEQi82NTc5Mzc4Qzk5 MzQxMUU4QTAzNzM3MjRDNEY5QUUwMi9sOUtiRFRKRlc3WEc4U1Y0WDBEMXZDY0o5 OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w5S2JEVEpGVzdYRzhTVjRYMEQxdkNjSjk5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjhEQi82NTc5Mzc4Qzk5MzQxMUU4QTAzNzM3MjRDNEY5QUUwMi9sOUtiRFRKRlc3 WEc4U1Y0WDBEMXZDY0o5OVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmTcjqndwburNC6LdgivhQRrNI68FLQAjWPx5JNn5UxEWCnXxCkFIJ HCw4YOGXeFpi9u++gIm4E1wT1x/+ffrDJZ9q4FNWNTdndhY/T59V8PTcFJYq66Vw TzHaRMwvJQKSIg2yKcp/do7zMQsWgtgdrsF3WQtt76/qRAnPqpvhM9YX2wWoWA0W dQjISTxMegWDU6H3xhcbhpQYYnUYU3Jhv6G0U22kQ17msQiQjH/fAKvWcXaUy362 0hErTW9+t5emIL8iWBxghYS/nXfea4MfCYCO3pYH+F6kCqp4bKxTp2lYnW7QNL9g tXAollRRe8w6esCsUZpn2MUnBMmfLv2S -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:21 2024 by rpki-client on console-fra.rpki-client.org