$ rpki-client -vvf rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.mft File: H7fzr2-da5fjcg7FSsv1iTrGk2g.mft (raw, json) Hash identifier: a2ndex+sMLRyCRGG4UFKKMpP+2X3OXSIsSpAcRbA8oc= Subject key identifier: EE:CC:3E:9E:9E:CD:6C:57:86:5D:D3:91:18:0B:CF:B9:99:5C:F3:12 Authority key identifier: 1F:B7:F3:AF:6F:9D:6B:97:E3:72:0E:C5:4A:CB:F5:89:3A:C6:93:68 Certificate issuer: /CN=A9117DD2/serialNumber=1FB7F3AF6F9D6B97E3720EC54ACBF5893AC69368 Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.mft Manifest number: 0135 Signing time: Sat 23 Nov 2024 02:45:49 +0000 Manifest this update: Sat 23 Nov 2024 02:45:48 +0000 Manifest next update: Sat 30 Nov 2024 02:45:48 +0000 Files and hashes: 1: H7fzr2-da5fjcg7FSsv1iTrGk2g.crl (hash: f3KIsFq+kg6d4/g+MatepLALbtgC3o7UDDsMkSMWYFA=) 2: 2871DB9ED1CB11EDBE2F0D7EC4F9AE02.roa (hash: qsnpQrMFH1PY3Ac5AGcGsg4fbvmr0wt6eeqt7tZf76E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.crl rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:45:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117DD2/serialNumber=1FB7F3AF6F9D6B97E3720EC54ACBF5893AC69368 Validity Not Before: Nov 23 02:45:48 2024 GMT Not After : Nov 30 02:45:48 2024 GMT Subject: CN=674141dd-9647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a7:61:92:2a:49:77:2f:92:6f:38:c0:84:5e: 4c:33:de:7c:7e:93:bb:b0:86:ca:78:2a:eb:04:7b: 94:1f:22:5f:2f:5d:8f:af:fb:7c:c8:6c:22:27:f9: 8b:ad:8f:ba:e8:62:92:f5:97:8b:fe:92:a8:88:24: 90:14:ee:98:88:25:91:5d:72:61:4f:62:40:1f:3d: 91:9f:0d:a9:b5:5c:0a:28:34:48:5e:fd:fb:08:0b: 5e:41:45:4c:72:0b:e7:69:b3:96:34:05:c9:20:88: 63:92:e1:91:6d:15:fc:d9:aa:0f:67:77:bd:46:51: 78:1a:db:57:4f:49:7a:91:b6:f9:7d:e0:f1:17:a7: 70:5e:17:f5:55:bb:92:b4:e8:ff:d1:3e:bf:a7:66: 6f:04:3a:10:32:a7:00:73:e1:cb:fd:3d:07:50:ae: 88:c3:5b:8b:91:27:ce:38:1e:08:21:7b:dd:25:7f: ae:75:a0:8b:05:cf:11:48:a4:33:24:0a:21:8a:0e: 22:5e:c6:27:28:27:a9:40:2f:3a:7c:43:af:3b:98: 48:b6:f1:05:ad:03:e3:00:aa:6e:3b:03:c4:0b:79: 05:e5:ac:a4:6a:e7:66:f2:ee:a5:03:c3:2f:95:e0: 79:93:db:60:ff:97:ff:c5:d3:02:76:9a:18:ae:cc: 9b:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:CC:3E:9E:9E:CD:6C:57:86:5D:D3:91:18:0B:CF:B9:99:5C:F3:12 X509v3 Authority Key Identifier: keyid:1F:B7:F3:AF:6F:9D:6B:97:E3:72:0E:C5:4A:CB:F5:89:3A:C6:93:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H7fzr2-da5fjcg7FSsv1iTrGk2g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117DD2/101EDAEAD1C811EDACC81B7CC4F9AE02/H7fzr2-da5fjcg7FSsv1iTrGk2g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:b7:6f:58:13:99:1d:3b:2e:68:f2:4e:0f:47:f8:4e:d6:35: f5:91:de:2b:9d:3e:19:50:68:d7:27:2d:cb:6e:74:88:ba:06: 00:b3:08:c2:0e:d9:87:d1:0f:83:c1:29:49:e6:71:32:03:7e: a3:c5:1f:5e:82:d3:9a:ee:39:c4:a2:4e:f3:27:21:68:90:34: 7b:97:1a:40:95:1d:b2:67:03:c2:cc:a4:a1:82:c3:22:1e:33: 2c:08:47:f7:aa:b7:9d:bf:87:6d:cc:67:33:29:02:ad:03:7e: 58:e3:b9:85:c8:6b:fb:b3:58:c3:f8:95:9a:09:c6:61:51:bd: c1:2f:8e:e6:e2:51:cd:a6:be:bb:7c:cb:27:cf:89:2b:0e:24: ee:fc:77:e4:b0:6f:bb:f4:9a:14:37:29:42:b7:34:d6:35:a2: 48:32:56:62:b7:4b:6e:df:9e:00:c9:f3:cf:1e:04:c7:2f:c6: 0b:95:3e:f0:82:0c:ab:dd:ee:89:df:8b:d4:1d:3e:46:a0:da: ca:23:a3:2b:ae:91:a5:dd:22:c1:96:1b:bf:11:bf:d2:35:4f: 9e:f1:36:c6:45:5b:62:7e:56:6a:e9:9a:7e:3c:41:76:9c:bd: b9:f0:c7:5f:d0:1b:1c:11:4f:3f:35:ce:ac:b0:68:29:cf:99: 1b:1c:ae:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdERDIxMTAvBgNVBAUTKDFGQjdGM0FGNkY5RDZCOTdFMzcyMEVDNTRBQ0JGNTg5 M0FDNjkzNjgwHhcNMjQxMTIzMDI0NTQ4WhcNMjQxMTMwMDI0NTQ4WjAYMRYwFAYD VQQDEw02NzQxNDFkZC05NjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz6dhkipJdy+SbzjAhF5MM958fpO7sIbKeCrrBHuUHyJfL12Pr/t8yGwiJ/mL rY+66GKS9ZeL/pKoiCSQFO6YiCWRXXJhT2JAHz2Rnw2ptVwKKDRIXv37CAteQUVM cgvnabOWNAXJIIhjkuGRbRX82aoPZ3e9RlF4GttXT0l6kbb5feDxF6dwXhf1VbuS tOj/0T6/p2ZvBDoQMqcAc+HL/T0HUK6Iw1uLkSfOOB4IIXvdJX+udaCLBc8RSKQz JAohig4iXsYnKCepQC86fEOvO5hItvEFrQPjAKpuOwPEC3kF5aykaudm8u6lA8Mv leB5k9tg/5f/xdMCdpoYrsybbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO7MPp6e zWxXhl3TkRgLz7mZXPMSMB8GA1UdIwQYMBaAFB+3869vnWuX43IOxUrL9Yk6xpNo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0REMi8xMDFFREFFQUQx QzgxMUVEQUNDODFCN0NDNEY5QUUwMi9IN2Z6cjItZGE1ZmpjZzdGU3N2MWlUckdr MmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g3ZnpyMi1kYTVmamNnN0ZTc3YxaVRyR2syZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx N0REMi8xMDFFREFFQUQxQzgxMUVEQUNDODFCN0NDNEY5QUUwMi9IN2Z6cjItZGE1 ZmpjZzdGU3N2MWlUckdrMmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUt29YE5kdOy5o8k4PR/hO1jX1kd4rnT4ZUGjXJy3LbnSIugYAswjC DtmH0Q+DwSlJ5nEyA36jxR9egtOa7jnEok7zJyFokDR7lxpAlR2yZwPCzKShgsMi HjMsCEf3qredv4dtzGczKQKtA35Y47mFyGv7s1jD+JWaCcZhUb3BL47m4lHNpr67 fMsnz4krDiTu/HfksG+79JoUNylCtzTWNaJIMlZit0tu354AyfPPHgTHL8YLlT7w ggyr3e6J34vUHT5GoNrKI6MrrpGl3SLBlhu/Eb/SNU+e8TbGRVtiflZq6Zp+PEF2 nL258Mdf0BscEU8/Nc6ssGgpz5kbHK4o -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:32 2024 by rpki-client on console-ams.rpki-client.org