$ rpki-client -vvf rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft File: hgOgrKcgSw7-1k23DeUcdboDk1U.mft (raw, json) Hash identifier: uQ09FT76l7iPGnqygppVUjgDvaoMleX6RQHyoQSizhc= Subject key identifier: 0D:C4:BF:25:7C:E4:C6:D0:83:C2:C0:97:98:95:58:2A:9D:54:A6:F4 Authority key identifier: 86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 Certificate issuer: /CN=A9118EB2/serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Certificate serial: 0249 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft Manifest number: 023B Signing time: Thu 21 Nov 2024 01:26:22 +0000 Manifest this update: Thu 21 Nov 2024 01:26:21 +0000 Manifest next update: Thu 28 Nov 2024 01:26:21 +0000 Files and hashes: 1: hgOgrKcgSw7-1k23DeUcdboDk1U.crl (hash: VsT6eVCKJFU8nFpmvlpy3GR40MVUG2e7Lq4NBF7mARs=) 2: 208C7D2E066C11EDB31C2239C4F9AE02.roa (hash: x+5szPOzul8sjdFcl5f4/q0qaORdcNT+KKQ8X8Y99Ts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 585 (0x249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118EB2/serialNumber=8603A0ACA7204B0EFED64DB70DE51C75BA039355 Validity Not Before: Nov 21 01:26:21 2024 GMT Not After : Nov 28 01:26:21 2024 GMT Subject: CN=673e8c3e-d60b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:1f:78:4c:01:cf:90:46:f0:ac:4b:1d:50:fc: 5c:1c:c4:ab:a1:96:64:3a:4e:0a:32:7d:ac:81:28: 8e:05:05:ea:31:66:5e:9e:e5:01:24:85:a7:97:f1: 0c:9b:cb:4b:c9:5d:6c:13:ce:f0:f9:c6:aa:89:b3: 9f:6a:b7:21:ae:1c:e5:80:3f:96:1f:76:59:49:32: 4d:03:d7:95:10:da:3f:71:74:43:b8:11:50:e2:3c: 87:be:b9:7d:02:48:cc:65:e0:37:6d:05:bc:0f:42: 0c:c2:e2:5a:56:16:4f:c4:82:f6:51:10:5a:32:4c: 93:3f:49:d4:6a:51:07:0e:94:59:9d:ab:d2:91:1c: 4a:e3:14:69:f3:a0:9b:f2:ea:73:0e:e1:3f:fa:58: ac:8c:4d:f7:32:19:1c:60:cf:35:92:d3:d3:4d:b2: d2:49:c6:a0:23:4c:10:18:fa:ad:fe:00:17:6a:42: cf:1f:ee:5d:71:93:ef:d6:07:c6:02:66:09:96:05: 93:b4:92:7a:66:14:84:b5:2d:12:00:ce:07:11:aa: 46:2c:a8:2d:9f:50:03:90:eb:61:64:41:91:aa:c7: 74:11:8a:3f:e9:fe:67:46:c7:bf:0b:d7:e7:1b:a9: 45:6f:42:75:65:5b:78:5e:73:18:8c:46:67:64:f2: 7a:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:C4:BF:25:7C:E4:C6:D0:83:C2:C0:97:98:95:58:2A:9D:54:A6:F4 X509v3 Authority Key Identifier: keyid:86:03:A0:AC:A7:20:4B:0E:FE:D6:4D:B7:0D:E5:1C:75:BA:03:93:55 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgOgrKcgSw7-1k23DeUcdboDk1U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118EB2/7AC767DE066911EDB0AE8E37C4F9AE02/hgOgrKcgSw7-1k23DeUcdboDk1U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:eb:a7:32:39:3c:bb:a7:d5:13:07:92:fc:c1:1e:63:e9:0b: 7c:10:c1:27:cd:69:92:62:1f:f4:51:2a:fa:f9:59:6d:3a:d6: 9d:e2:0f:10:48:b0:36:3c:05:90:1e:aa:82:b5:d8:24:30:dc: 22:44:60:be:45:fa:a8:f6:42:96:81:74:2e:a5:ef:cc:16:c0: 50:4c:10:99:e0:25:96:2d:29:a0:ac:2b:4f:5b:43:b3:45:b9: 13:39:e3:22:a2:37:92:c7:df:52:a6:5f:bd:67:f3:05:d3:4b: 16:ea:13:ef:4d:02:15:6f:7c:d5:0a:d4:4f:99:77:e1:51:00: 33:2b:d8:a7:bf:58:28:ce:26:8f:55:a5:5d:0d:91:48:f6:a8: 1f:50:06:7c:ff:69:fd:78:6b:c3:42:31:d7:38:ba:c2:b9:63: 88:00:e9:ef:0d:ac:e4:1f:ba:00:4e:ca:16:13:f8:b7:d6:1a: 73:89:ed:17:a9:cf:57:7b:01:4a:da:da:67:1d:a6:c4:75:98: cd:01:76:67:54:7f:a9:06:02:49:f9:3e:14:59:9b:d2:7a:d9: 06:20:d4:34:48:79:d9:bd:78:46:36:67:a2:7d:c9:a8:9a:13: a4:21:04:0d:65:e8:a5:5d:44:45:8a:41:79:6d:6b:4a:11:1f: 3b:c4:c3:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThFQjIxMTAvBgNVBAUTKDg2MDNBMEFDQTcyMDRCMEVGRUQ2NERCNzBERTUxQzc1 QkEwMzkzNTUwHhcNMjQxMTIxMDEyNjIxWhcNMjQxMTI4MDEyNjIxWjAYMRYwFAYD VQQDEw02NzNlOGMzZS1kNjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7R94TAHPkEbwrEsdUPxcHMSroZZkOk4KMn2sgSiOBQXqMWZenuUBJIWnl/EM m8tLyV1sE87w+caqibOfarchrhzlgD+WH3ZZSTJNA9eVENo/cXRDuBFQ4jyHvrl9 AkjMZeA3bQW8D0IMwuJaVhZPxIL2URBaMkyTP0nUalEHDpRZnavSkRxK4xRp86Cb 8upzDuE/+lisjE33MhkcYM81ktPTTbLSScagI0wQGPqt/gAXakLPH+5dcZPv1gfG AmYJlgWTtJJ6ZhSEtS0SAM4HEapGLKgtn1ADkOthZEGRqsd0EYo/6f5nRse/C9fn G6lFb0J1ZVt4XnMYjEZnZPJ62QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA3EvyV8 5MbQg8LAl5iVWCqdVKb0MB8GA1UdIwQYMBaAFIYDoKynIEsO/tZNtw3lHHW6A5NV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEVCMi83QUM3NjdERTA2 NjkxMUVEQjBBRThFMzdDNEY5QUUwMi9oZ09ncktjZ1N3Ny0xazIzRGVVY2Rib0Rr MVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hnT2dyS2NnU3c3LTFrMjNEZVVjZGJvRGsxVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEVCMi83QUM3NjdERTA2NjkxMUVEQjBBRThFMzdDNEY5QUUwMi9oZ09ncktjZ1N3 Ny0xazIzRGVVY2Rib0RrMVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAd66cyOTy7p9UTB5L8wR5j6Qt8EMEnzWmSYh/0USr6+VltOtad4g8Q SLA2PAWQHqqCtdgkMNwiRGC+Rfqo9kKWgXQupe/MFsBQTBCZ4CWWLSmgrCtPW0Oz RbkTOeMiojeSx99Spl+9Z/MF00sW6hPvTQIVb3zVCtRPmXfhUQAzK9inv1goziaP VaVdDZFI9qgfUAZ8/2n9eGvDQjHXOLrCuWOIAOnvDazkH7oATsoWE/i31hpzie0X qc9XewFK2tpnHabEdZjNAXZnVH+pBgJJ+T4UWZvSetkGINQ0SHnZvXhGNmeifcmo mhOkIQQNZeilXURFikF5bWtKER87xMMB -----END CERTIFICATE-----Generated at Thu Nov 21 03:21:31 2024 by rpki-client on console-ams.rpki-client.org