$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft File: 5A19D2FDC8392727696F70449B8B32AF772091A8.mft (raw, json) Hash identifier: cfNL4XoVuhhyxKoY9tAd+FLGEmh1IuunrftDlr16gX4= Subject key identifier: 5A:12:51:22:18:73:E0:10:D3:9E:AA:42:72:8C:B6:BF:53:82:F5:1B Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 22CF48D2C5DB0C0D69EE2ADBF2456607D26C2C0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft Manifest number: 0442 Signing time: Sat 11 May 2024 04:18:04 +0000 Manifest this update: Sat 11 May 2024 04:13:04 +0000 Manifest next update: Sun 12 May 2024 07:11:04 +0000 Files and hashes: 1: 5A19D2FDC8392727696F70449B8B32AF772091A8.crl (hash: az8ljL3UBjxIB2wQi5zLnO9k5CSGGOUJfOVo584FzU8=) 2: 34352e3131372e3130332e302f32342d3234203d3e2034373835.roa (hash: w0ZW+ur9gCqMNGLzY+RcRrOtIlw2CqouK0RF1NyZ6pM=) 3: 3130332e35372e3136352e302f32342d3234203d3e203336333531.roa (hash: hnUP+LSfwbmaYV0QaPQzfeAsGBB7AaX+gU94pB3RBgU=) 4: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (hash: Tv+usmJkd+KBVQeWPzc1a5l+SPvARVHVI+nlIdoKQ7A=) 5: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (hash: tZTBEgBUAkeRkAOgam+T7tIP/mnZd+9ceBVwTojVScc=) 6: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (hash: /+UUdPDLGPPAYRS/LchURT4xIfaw54NUklO2/rVraKY=) 7: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (hash: CUxRC/iG4psqYdK+jG5CiVuAkoD6KYjpO6XMnKxpOpU=) 8: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (hash: iTa3BK0ve/O/SJR9CzCWGZeYkBAlje1b84uMruy/6Zo=) 9: 3130332e35372e3136342e302f32322d3234203d3e2038383838.roa (hash: /r3PDU5/NkARrZpeUUbfGB+uzXBpHyMoyEGZ8FyzbN8=) 10: 323430333a326538303a3a2f33322d3438203d3e2038383838.roa (hash: hX05wYKbUhf64T+4LRMGom288yjb9hQWUYVLA7svb0k=) 11: 3130332e35372e3136342e302f32322d3234203d3e203233383538.roa (hash: 6iTwh29asALa186GLrdEOEQQQ3xtqz0IpxBTyYIZUyo=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 07:11:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:cf:48:d2:c5:db:0c:0d:69:ee:2a:db:f2:45:66:07:d2:6c:2c:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: May 11 04:13:04 2024 GMT Not After : May 12 07:11:04 2024 GMT Subject: CN=5A1251221873E010D39EAA42728CB6BF5382F51B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a4:16:4c:4e:50:17:c7:53:82:61:9c:f4:24: 77:ac:83:5b:8f:14:a7:93:c5:40:1f:08:02:ea:0f: 49:4e:52:fd:ac:78:f6:d4:c8:8e:ec:18:ae:f1:bb: 0d:2a:09:2d:f1:d9:f6:5d:a2:a6:c1:85:49:78:59: 18:11:11:3c:63:81:8c:35:99:03:ec:96:31:f1:e1: 93:7d:49:18:ea:e4:1c:a1:58:b4:bf:3a:c6:8f:e0: be:43:b3:a3:51:3e:3b:b2:ff:aa:c4:c1:e6:b0:54: 15:8f:f4:9b:b0:bb:d3:a5:3b:22:92:b4:3c:4a:3e: a3:b1:68:d4:2f:4d:14:72:c1:36:13:5f:3d:06:32: cd:3f:83:89:a6:f4:9d:4a:03:b7:43:88:e5:15:41: 57:bb:c3:64:fa:95:8b:fd:9b:1b:05:91:c0:8c:cd: bc:4b:f6:f9:4a:19:72:1d:d1:63:57:d9:a6:a1:b9: 88:03:96:a5:0d:d0:08:0f:9a:62:ae:20:f2:f1:16: 0d:1b:ff:3b:a3:fa:b2:19:21:f9:19:2a:07:18:3d: fa:f5:e0:5b:16:64:8c:16:09:79:64:ca:cc:22:d4: ac:27:1f:72:d0:22:b7:af:8e:f0:7b:92:4f:98:1f: d6:19:88:29:7a:ff:00:9d:39:17:d7:3f:ed:1d:d4: 20:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:12:51:22:18:73:E0:10:D3:9E:AA:42:72:8C:B6:BF:53:82:F5:1B X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:12:e9:bf:29:00:13:ef:8b:c2:5d:66:e7:ea:56:13:6d:eb: 01:fb:c1:37:ef:36:81:fd:3a:1c:b5:7f:6b:13:da:7b:2b:8a: 88:89:7d:13:08:bf:d7:33:f3:f7:fd:2a:22:94:c0:93:51:82: 9e:05:6b:29:b3:66:fd:c0:98:49:38:16:5f:9c:4b:df:42:00: 34:12:d7:4a:99:ab:67:21:8b:16:11:ce:cf:c1:f8:c3:ad:36: b6:aa:b8:58:c2:51:96:ce:cd:fc:b0:3d:8f:9d:87:8d:51:e0: a3:e6:ab:72:29:a0:b4:11:b7:d4:de:5d:cb:41:f2:0c:2b:71: c5:03:a4:05:14:3a:08:62:eb:48:22:e4:a7:c6:47:59:ca:e6: 70:cf:5f:7a:c4:31:4e:88:3d:4a:db:01:a3:ae:5a:1c:02:72: db:08:4f:de:fe:12:10:61:82:a2:ee:7c:f4:47:b0:e4:b6:11: 62:94:59:45:85:c6:45:80:4d:18:2a:79:3d:2f:cc:9a:d8:d2: d2:aa:63:c7:2b:66:65:a9:39:ee:13:0e:92:3f:4e:f9:cd:d2: 14:c9:9d:d4:54:fa:da:9a:b5:ca:ee:a1:5a:00:d2:99:fe:99: b8:01:d7:05:b2:11:78:c4:b2:42:7f:f6:7d:63:94:70:1d:bf: e2:de:44:c4 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUIs9I0sXbDA1p7irb8kVmB9JsLA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDUxMTA0MTMwNFoX DTI0MDUxMjA3MTEwNFowMzExMC8GA1UEAxMoNUExMjUxMjIxODczRTAxMEQzOUVB QTQyNzI4Q0I2QkY1MzgyRjUxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKkFkxOUBfHU4JhnPQkd6yDW48Up5PFQB8IAuoPSU5S/ax49tTIjuwYrvG7 DSoJLfHZ9l2ipsGFSXhZGBERPGOBjDWZA+yWMfHhk31JGOrkHKFYtL86xo/gvkOz o1E+O7L/qsTB5rBUFY/0m7C706U7IpK0PEo+o7Fo1C9NFHLBNhNfPQYyzT+Diab0 nUoDt0OI5RVBV7vDZPqVi/2bGwWRwIzNvEv2+UoZch3RY1fZpqG5iAOWpQ3QCA+a Yq4g8vEWDRv/O6P6shkh+RkqBxg9+vXgWxZkjBYJeWTKzCLUrCcfctAit6+O8HuS T5gf1hmIKXr/AJ05F9c/7R3UILMCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBRaElEi GHPgENOeqkJyjLa/U4L1GzAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvNUExOUQyRkRDODM5MjcyNzY5NkY3MDQ0OUI4QjMy QUY3NzIwOTFBOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJMS6b8pABPvi8JdZufqVhNt6wH7wTfvNoH9 Ohy1f2sT2nsrioiJfRMIv9cz8/f9KiKUwJNRgp4FaymzZv3AmEk4Fl+cS99CADQS 10qZq2chixYRzs/B+MOtNraquFjCUZbOzfywPY+dh41R4KPmq3IpoLQRt9TeXctB 8gwrccUDpAUUOghi60gi5KfGR1nK5nDPX3rEMU6IPUrbAaOuWhwCctsIT97+EhBh gqLufPRHsOS2EWKUWUWFxkWATRgqeT0vzJrY0tKqY8crZmWpOe4TDpI/TvnN0hTJ ndRU+tqatcruoVoA0pn+mbgB1wWyEXjEskJ/9n1jlHAdv+LeRMQ= -----END CERTIFICATE-----Generated at Sat May 11 07:01:14 2024 by rpki-client on console-ams.rpki-client.org