$ rpki-client -vvf rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft File: pkvkSssA5L2uRJGw-gzXCZ0scnw.mft (raw, json) Hash identifier: 1mg3C1GHYEj8hJHtjEpgI73+2dG6KRAZAM0xGexAyXc= Subject key identifier: 68:59:A4:84:8D:6E:30:FD:71:0D:D3:68:09:01:BB:83:DF:F5:5D:4C Authority key identifier: A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C Certificate issuer: /CN=A91288D9/serialNumber=A64BE44ACB00E4BDAE4491B0FA0CD7099D2C727C Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft Manifest number: 24 Signing time: Tue 04 Feb 2025 19:07:40 +0000 Manifest this update: Tue 04 Feb 2025 19:07:40 +0000 Manifest next update: Tue 11 Feb 2025 19:07:40 +0000 Files and hashes: 1: pkvkSssA5L2uRJGw-gzXCZ0scnw.crl (hash: dNp6uHeQMx5g6xVAqn9M6Baah+nbNTlpVUcrYFffHxk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Feb 2025 19:07:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91288D9 Validity Not Before: Feb 4 19:07:40 2025 GMT Not After : Feb 11 19:07:40 2025 GMT Subject: CN=67a2657c-40d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5e:c2:c0:bb:09:93:d1:12:ce:89:25:f7:86: 20:04:b7:4e:02:54:26:cd:8e:20:cb:77:17:89:0d: d3:51:63:f4:57:9d:9e:d0:3d:5a:a1:dd:44:64:d7: 93:af:70:18:ef:1a:69:33:49:07:22:be:9f:06:f0: d8:ab:a7:c8:14:45:a5:eb:ad:cd:a9:1f:9f:1b:73: 08:20:4d:3c:63:dc:56:fb:88:15:c6:b5:44:b8:6e: f8:b1:d0:26:c0:6a:5a:7c:7f:6c:34:2e:24:d3:b9: 9b:a0:78:73:a8:0b:fb:0d:ad:ea:b3:fb:c9:a7:2f: b5:13:be:d7:37:92:3c:f4:d9:90:a5:55:e3:27:c3: 30:9e:99:5e:fd:3f:d3:cc:af:7e:a0:2d:d9:f2:c3: 58:af:2b:45:55:15:31:2d:0b:f5:d1:c1:0b:75:99: 8b:ce:e1:56:31:27:f1:1b:e3:d9:45:59:0f:9d:1d: 18:8a:1f:6d:46:94:99:26:24:17:a3:3a:8c:bd:bb: f4:35:c4:de:2d:12:cf:f8:c1:a9:db:bd:1f:91:ec: a0:c2:01:84:ac:63:05:0e:b2:05:5c:40:f0:a0:3a: de:fa:4e:3c:fe:2f:46:84:77:00:9e:d2:9f:20:11: 0c:9b:1c:64:a5:45:32:15:53:01:e2:0e:53:27:1e: 21:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:59:A4:84:8D:6E:30:FD:71:0D:D3:68:09:01:BB:83:DF:F5:5D:4C X509v3 Authority Key Identifier: keyid:A6:4B:E4:4A:CB:00:E4:BD:AE:44:91:B0:FA:0C:D7:09:9D:2C:72:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pkvkSssA5L2uRJGw-gzXCZ0scnw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91288D9/F83E3FCEADBC11EFB302983EC4F9AE02/pkvkSssA5L2uRJGw-gzXCZ0scnw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:27:27:2b:78:cd:c1:4b:0f:48:8a:75:fd:f1:f1:4e:4d:b8: f8:c9:9e:14:18:4f:92:45:40:9f:ed:3f:e0:8e:db:43:4e:70: 43:fb:e1:2d:3b:95:03:e5:12:db:60:95:15:8f:dc:0a:61:a2: d4:7b:11:30:57:1d:11:ef:1d:4e:bf:56:36:ed:12:0d:e6:39: cc:5a:f6:50:69:e3:09:a7:68:42:14:de:ee:48:26:d6:01:8f: 3e:97:9e:b5:4b:e3:81:28:49:9d:5f:db:39:f6:17:de:96:6c: 54:ef:97:e6:e7:7e:a6:04:25:cd:fc:a4:09:c2:2c:9c:4f:93: aa:b0:ed:1a:53:8f:86:7c:24:65:5b:a9:ca:16:77:2d:00:58: 20:c4:54:64:95:8f:71:fc:0e:2c:53:6d:5c:92:c4:a2:55:50: 50:89:51:f9:ac:5e:6a:40:e5:42:90:43:2a:cc:22:8c:f4:9c: ea:79:04:b4:ae:15:5e:91:61:fa:26:cf:2f:67:5b:34:70:65: 45:8e:b2:ed:98:2c:ea:8b:95:82:bc:bd:95:c3:07:ce:ec:04: 91:3e:41:90:2e:a8:e7:94:e7:03:1a:46:5c:0d:09:62:74:8e: a7:e1:18:b3:3c:f3:c3:ff:c6:4c:86:c7:cf:93:b2:51:c4:ef: ea:4e:fe:6b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy ODhEOTExMC8GA1UEBRMoQTY0QkU0NEFDQjAwRTRCREFFNDQ5MUIwRkEwQ0Q3MDk5 RDJDNzI3QzAeFw0yNTAyMDQxOTA3NDBaFw0yNTAyMTExOTA3NDBaMBgxFjAUBgNV BAMTDTY3YTI2NTdjLTQwZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1XsLAuwmT0RLOiSX3hiAEt04CVCbNjiDLdxeJDdNRY/RXnZ7QPVqh3URk15Ov cBjvGmkzSQcivp8G8Nirp8gURaXrrc2pH58bcwggTTxj3Fb7iBXGtUS4bvix0CbA alp8f2w0LiTTuZugeHOoC/sNreqz+8mnL7UTvtc3kjz02ZClVeMnwzCemV79P9PM r36gLdnyw1ivK0VVFTEtC/XRwQt1mYvO4VYxJ/Eb49lFWQ+dHRiKH21GlJkmJBej Ooy9u/Q1xN4tEs/4wanbvR+R7KDCAYSsYwUOsgVcQPCgOt76Tjz+L0aEdwCe0p8g EQybHGSlRTIVUwHiDlMnHiG7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaFmkhI1u MP1xDdNoCQG7g9/1XUwwHwYDVR0jBBgwFoAUpkvkSssA5L2uRJGw+gzXCZ0scnww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4OEQ5L0Y4M0UzRkNFQURC QzExRUZCMzAyOTgzRUM0RjlBRTAyL3BrdmtTc3NBNUwydVJKR3ctZ3pYQ1owc2Nu dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcGt2a1Nzc0E1TDJ1UkpHdy1nelhDWjBzY253LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4 OEQ5L0Y4M0UzRkNFQURCQzExRUZCMzAyOTgzRUM0RjlBRTAyL3BrdmtTc3NBNUwy dVJKR3ctZ3pYQ1owc2Nudy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB4nJyt4zcFLD0iKdf3x8U5NuPjJnhQYT5JFQJ/tP+CO20NOcEP74S07 lQPlEttglRWP3AphotR7ETBXHRHvHU6/VjbtEg3mOcxa9lBp4wmnaEIU3u5IJtYB jz6XnrVL44EoSZ1f2zn2F96WbFTvl+bnfqYEJc38pAnCLJxPk6qw7RpTj4Z8JGVb qcoWdy0AWCDEVGSVj3H8DixTbVySxKJVUFCJUfmsXmpA5UKQQyrMIoz0nOp5BLSu FV6RYfomzy9nWzRwZUWOsu2YLOqLlYK8vZXDB87sBJE+QZAuqOeU5wMaRlwNCWJ0 jqfhGLM888P/xkyGx8+TslHE7+pO/ms= -----END CERTIFICATE-----Generated at Wed Feb 5 20:13:52 2025 by rpki-client