$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft File: KUHHFh7UouCbuRyrxEPIzLwDLtg.mft (raw, json) Hash identifier: yVw8bQwQVilFLcPv+2YCQQEkhVoGDiyoB6URNoLnyW8= Subject key identifier: 8D:9D:11:B2:FE:BF:AD:3E:F0:03:35:EF:1E:CB:43:2B:63:F1:1B:65 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 342A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft Manifest number: 3426 Signing time: Fri 22 Nov 2024 14:53:38 +0000 Manifest this update: Fri 22 Nov 2024 14:53:38 +0000 Manifest next update: Fri 29 Nov 2024 14:53:38 +0000 Files and hashes: 1: KUHHFh7UouCbuRyrxEPIzLwDLtg.crl (hash: XjPx6HX6O1Ugzz+K7FwIrocCHW0WQ3xwvK2xzsOnm7g=) 2: 59ADACFCD16A11EE99648C6FC4F9AE02.roa (hash: gBhtfDqbYf+6FfnwqEokkFBRyUrjeS3Q2Oprg2azRMM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:53:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13354 (0x342a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Nov 22 14:53:38 2024 GMT Not After : Nov 29 14:53:38 2024 GMT Subject: CN=67409af2-ba29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a7:90:21:47:27:72:46:bd:2d:f9:18:f1:a5: 44:7f:78:33:89:d6:69:8e:24:f8:49:e8:2c:b7:13: 12:25:dc:9c:d8:69:1c:4e:57:58:6c:e6:37:2e:9d: d1:0d:fb:79:99:9f:d9:a2:b0:54:bb:34:41:00:dc: cb:e5:82:0c:90:8c:dd:d5:3d:e3:94:08:f3:40:70: f7:17:22:ae:77:5e:01:b2:36:c6:d3:8e:00:52:9a: 3f:90:ac:6e:6c:67:2d:e4:0e:62:1d:03:49:8c:e2: a0:bd:a3:fc:ac:0b:f8:62:f1:32:4d:df:18:a0:55: 7d:0a:69:f3:45:51:7f:68:46:63:ff:b3:bf:8f:7d: cd:3a:b6:5b:65:09:4f:f2:30:b2:40:69:51:6b:e6: ac:0f:c2:c8:ab:ba:ec:91:43:ba:53:99:f9:1b:d0: 71:49:cb:be:aa:bc:8e:8e:f4:65:7a:10:a5:13:af: d3:97:c4:da:7b:0b:f3:b7:de:4d:7c:a5:f9:14:21: 79:ca:01:fd:71:ac:65:d3:02:32:29:bd:39:26:d9: c2:18:df:45:78:81:60:66:66:12:03:6b:92:5e:c2: bd:44:45:e1:6d:65:2f:e4:17:6c:df:14:26:da:16: d1:58:eb:6a:98:ae:d1:ee:07:7d:e2:bb:f6:1c:b4: cc:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:9D:11:B2:FE:BF:AD:3E:F0:03:35:EF:1E:CB:43:2B:63:F1:1B:65 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:64:b8:ad:af:14:a2:79:5f:5d:27:74:90:f4:45:fd:1d:84: 40:ed:32:88:53:03:95:d1:9c:31:9b:51:86:e8:35:3a:5d:1f: 21:fc:3d:b2:e4:14:17:98:c5:96:83:a3:63:96:c3:d2:71:e8: 80:77:09:8a:fa:7f:3e:6a:46:1e:90:76:f1:10:c6:b6:eb:d7: 88:94:02:1c:50:e1:c8:74:f3:be:99:68:39:c5:d7:44:08:28: 24:6d:63:af:bf:01:47:49:e9:29:a1:5d:72:a1:aa:75:74:2d: 85:08:ac:56:e1:5b:44:80:e3:a1:00:0a:62:a1:81:f3:d0:c8: 13:8d:60:c0:47:5d:9c:ba:b6:49:1a:2d:8c:f0:6f:91:b8:a3: 40:fc:28:83:38:05:d3:da:e6:57:6e:af:55:a4:2c:91:0a:d2: 14:02:46:6a:2f:ef:92:8f:88:bb:1d:b6:e5:ec:49:0a:7e:be: f3:94:82:d4:7a:53:41:1c:57:03:95:6f:ec:75:4f:1b:90:f6: 9a:1d:97:ec:e7:58:a5:ca:b1:55:14:4f:ff:05:4c:aa:52:8d: 6b:5c:3d:68:2c:3b:04:4d:fd:e7:03:dd:a9:0d:d6:1e:b2:8e: 2f:61:1f:80:c1:e1:7e:3f:a9:da:7a:ec:a4:00:79:f6:ab:ca: a6:ed:5d:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjQxMTIyMTQ1MzM4WhcNMjQxMTI5MTQ1MzM4WjAYMRYwFAYD VQQDEw02NzQwOWFmMi1iYTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvKeQIUcncka9LfkY8aVEf3gzidZpjiT4SegstxMSJdyc2GkcTldYbOY3Lp3R Dft5mZ/ZorBUuzRBANzL5YIMkIzd1T3jlAjzQHD3FyKud14BsjbG044AUpo/kKxu bGct5A5iHQNJjOKgvaP8rAv4YvEyTd8YoFV9CmnzRVF/aEZj/7O/j33NOrZbZQlP 8jCyQGlRa+asD8LIq7rskUO6U5n5G9BxScu+qryOjvRlehClE6/Tl8Taewvzt95N fKX5FCF5ygH9caxl0wIyKb05JtnCGN9FeIFgZmYSA2uSXsK9REXhbWUv5Bds3xQm 2hbRWOtqmK7R7gd94rv2HLTMiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI2dEbL+ v60+8AM17x7LQytj8RtlMB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RUVBOS9DRUQwQTlFNjFEOTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91 Q2J1UnlyeEVQSXpMd0RMdGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoZLitrxSieV9dJ3SQ9EX9HYRA7TKIUwOV0Zwxm1GG6DU6XR8h/D2y 5BQXmMWWg6NjlsPSceiAdwmK+n8+akYekHbxEMa269eIlAIcUOHIdPO+mWg5xddE CCgkbWOvvwFHSekpoV1yoap1dC2FCKxW4VtEgOOhAApioYHz0MgTjWDAR12curZJ Gi2M8G+RuKNA/CiDOAXT2uZXbq9VpCyRCtIUAkZqL++Sj4i7Hbbl7EkKfr7zlILU elNBHFcDlW/sdU8bkPaaHZfs51ilyrFVFE//BUyqUo1rXD1oLDsETf3nA92pDdYe so4vYR+AweF+P6naeuykAHn2q8qm7V1O -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:06 2024 by rpki-client on console-ams.rpki-client.org