$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft File: 5D3SMzFr8OKboG0g3sJdtMwRbgg.mft (raw, json) Hash identifier: zXLdHnUB1nUsEPACMuFloYT+DtBllhpqcQXH2D7qW9A= Subject key identifier: 4E:1F:AB:0A:1A:14:0B:99:BC:DA:14:12:EC:88:DF:8B:93:52:65:A1 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 0458 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft Manifest number: 044F Signing time: Wed 20 Nov 2024 23:45:31 +0000 Manifest this update: Wed 20 Nov 2024 23:45:31 +0000 Manifest next update: Wed 27 Nov 2024 23:45:31 +0000 Files and hashes: 1: 5D3SMzFr8OKboG0g3sJdtMwRbgg.crl (hash: wpl7LONHugYdawdV4zyUsvhv4HrTDMbCr2UcHKF1eQg=) 2: 3A2A80AE3C8311ECA86D031EC4F9AE02.roa (hash: ajpvJcJk2hIGJtK47b/oFETGJ6AH8R2N0nzWfcugHow=) 3: ECC109EA3C8811EC889B9D78C4F9AE02.roa (hash: XrzDpLQm0V+9lneCAa/NLIKLtQrYT59YvNC+sD19lgk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1112 (0x458) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Validity Not Before: Nov 20 23:45:31 2024 GMT Not After : Nov 27 23:45:31 2024 GMT Subject: CN=673e749b-bfe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f0:4d:06:65:4c:b0:2b:aa:8a:fe:aa:55:39: 63:22:fb:56:82:51:e9:79:59:07:8e:c1:6a:26:0b: 6d:81:df:96:2f:36:8c:68:3e:50:03:6b:04:9f:2f: 71:f6:31:44:6b:a5:6b:46:61:c1:f3:fa:db:0b:91: 78:17:f5:f9:00:03:bd:28:42:cb:48:9b:be:21:f9: 24:78:ff:09:6c:31:8e:ff:b5:7a:35:07:b1:75:9a: 04:13:db:ef:fd:38:d5:41:0e:fe:e0:b6:48:a9:31: 71:53:09:86:e2:24:3f:a2:b9:6f:a7:5d:1f:46:d5: 38:11:47:7d:90:a6:a9:94:60:9c:00:80:23:44:6b: ec:bb:f4:6f:70:dd:b0:00:ff:d8:ce:92:a2:64:7b: 92:9b:bd:02:c6:15:df:d4:9d:58:ed:32:e2:f9:32: 5d:32:57:3c:22:f4:b0:03:37:8d:e4:93:bd:0e:ab: fe:72:31:ec:63:10:f7:b0:19:81:81:53:1b:d1:93: 9a:39:0f:c1:fb:bb:ed:cd:6f:92:98:c3:05:28:f9: c9:80:d7:11:0f:5a:49:62:48:9c:b4:b0:d2:2f:32: fb:5e:98:9b:ce:d3:f5:f2:be:b4:09:66:cb:ec:e9: ae:e2:d0:11:bc:4f:e2:c6:99:71:29:a3:4f:8c:59: 1a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:1F:AB:0A:1A:14:0B:99:BC:DA:14:12:EC:88:DF:8B:93:52:65:A1 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:c9:43:a3:27:e7:1b:0e:0c:e6:7d:eb:f7:9a:a8:f9:84:84: 59:8a:cc:ca:10:24:30:30:2e:fb:85:10:1a:6b:f9:17:c5:6b: 2b:1a:b2:42:f3:dc:ce:da:64:b2:20:6c:7f:cb:c4:fe:d6:1a: 4f:06:a8:38:01:a0:96:6e:50:15:d6:8f:3d:a1:d4:10:0b:14: b2:48:c3:7d:86:ba:81:c1:93:ef:46:a3:97:93:c8:b5:8b:f0: 0d:18:d6:a7:9d:0f:d7:83:8f:80:f8:60:36:59:2c:93:5c:13: eb:db:fa:a0:e5:2a:62:da:b0:f4:f1:0c:3f:f3:0d:cb:45:a1: 95:b3:ec:4a:1b:33:8e:de:4c:17:c2:e8:eb:14:0d:26:ba:a8: 54:12:6a:db:84:b3:8c:17:42:bc:e8:4f:5d:7d:f1:02:ab:b6: 22:a0:4f:cb:e5:b7:7f:d0:e0:fd:df:b3:b7:ef:66:3a:59:a0: 54:f4:66:25:e4:89:07:48:45:96:ea:af:e0:87:42:a5:43:88: f5:1e:f1:7a:75:3e:00:09:ec:f7:85:62:70:47:7e:da:69:c5: fe:f7:24:c2:e0:21:26:8e:1c:48:93:39:f6:4f:39:06:0b:7d: 5a:18:ad:7e:c5:18:d2:10:1d:f1:ec:ce:ef:b9:7b:95:3b:a5: 75:1b:7c:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjQxMTIwMjM0NTMxWhcNMjQxMTI3MjM0NTMxWjAYMRYwFAYD VQQDEw02NzNlNzQ5Yi1iZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsPBNBmVMsCuqiv6qVTljIvtWglHpeVkHjsFqJgttgd+WLzaMaD5QA2sEny9x 9jFEa6VrRmHB8/rbC5F4F/X5AAO9KELLSJu+IfkkeP8JbDGO/7V6NQexdZoEE9vv /TjVQQ7+4LZIqTFxUwmG4iQ/orlvp10fRtU4EUd9kKaplGCcAIAjRGvsu/RvcN2w AP/YzpKiZHuSm70CxhXf1J1Y7TLi+TJdMlc8IvSwAzeN5JO9Dqv+cjHsYxD3sBmB gVMb0ZOaOQ/B+7vtzW+SmMMFKPnJgNcRD1pJYkictLDSLzL7XpibztP18r60CWbL 7Omu4tARvE/ixplxKaNPjFka8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE4fqwoa FAuZvNoUEuyI34uTUmWhMB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MEFDMS8zRTlBNEFFMDMwOTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhP S2JvRzBnM3NKZHRNd1JiZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAlyUOjJ+cbDgzmfev3mqj5hIRZiszKECQwMC77hRAaa/kXxWsrGrJC 89zO2mSyIGx/y8T+1hpPBqg4AaCWblAV1o89odQQCxSySMN9hrqBwZPvRqOXk8i1 i/ANGNannQ/Xg4+A+GA2WSyTXBPr2/qg5Spi2rD08Qw/8w3LRaGVs+xKGzOO3kwX wujrFA0muqhUEmrbhLOMF0K86E9dffECq7YioE/L5bd/0OD937O372Y6WaBU9GYl 5IkHSEWW6q/gh0KlQ4j1HvF6dT4ACez3hWJwR37aacX+9yTC4CEmjhxIkzn2TzkG C31aGK1+xRjSEB3x7M7vuXuVO6V1G3yA -----END CERTIFICATE-----Generated at Thu Nov 21 01:31:52 2024 by rpki-client on console-fra.rpki-client.org