$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: lqA7hp/Y1qL06PSb13/vTc89mI5m6WZnzwd8NniNMyw= Subject key identifier: 03:13:E2:9B:A1:07:1E:BD:EA:D4:17:B8:38:53:E3:3F:8E:B2:C9:4C Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0CA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0CA0 Signing time: Fri 22 Nov 2024 18:05:25 +0000 Manifest this update: Fri 22 Nov 2024 18:05:25 +0000 Manifest next update: Fri 29 Nov 2024 18:05:25 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: znCb8I0oRbcyZ0wn/Tox6WDHdzAyMeqarF1dk6rYFAI=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: vQUUglkdMv/072cNIafcYwyV+Or+HuBH/Aor98sulsc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:05:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3239 (0xca7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Nov 22 18:05:25 2024 GMT Not After : Nov 29 18:05:25 2024 GMT Subject: CN=6740c7e5-66f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:50:a1:48:43:78:db:42:cd:f5:bc:62:15:c1: 60:25:ca:70:b5:35:53:54:da:0f:30:d0:77:50:04: 05:87:f9:d6:0d:06:40:70:3c:99:c2:a1:65:ab:b1: 62:e7:9f:c6:e5:71:7b:24:6a:37:a1:73:6b:74:b6: 43:f6:f7:23:f0:25:c5:f6:6e:e4:01:0a:5c:dd:80: a7:e7:dc:2e:41:87:c9:ca:dd:5b:67:a1:96:96:b5: ca:8f:cc:b6:07:5f:f5:1b:97:56:03:68:8d:a9:e9: c0:b0:b4:b4:13:b0:68:fd:67:cc:b8:1f:d5:14:d6: c5:f0:9d:95:4b:73:eb:9a:e8:d4:22:4e:f2:48:ff: 86:df:8f:9d:c3:ff:2e:25:85:0e:43:cc:53:f7:e4: f7:a9:a3:75:c7:38:97:2c:5e:a7:b4:c9:88:5d:a5: 88:84:4d:83:79:d0:1f:af:02:6f:e3:f8:39:cc:b2: f1:0d:8a:a8:69:71:92:c5:f7:3d:1c:47:04:99:4e: b4:3c:92:19:b8:07:f2:11:33:62:77:3d:ff:1f:d9: 24:ee:ba:e7:b2:8f:de:8d:13:86:45:81:ff:0c:64: 2e:fd:1e:78:e6:d6:a0:f2:bb:0e:e8:1a:82:75:50: 7a:b4:b3:89:ac:62:94:58:25:02:45:52:ff:8a:0b: c2:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:13:E2:9B:A1:07:1E:BD:EA:D4:17:B8:38:53:E3:3F:8E:B2:C9:4C X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:a6:c4:aa:1a:46:01:a3:91:40:6f:7a:fa:cd:75:cb:ac:50: f6:2b:58:d0:39:58:12:9f:4b:fd:f3:39:b3:cc:7e:c9:2c:38: cd:b7:56:a9:a0:be:45:c0:ff:98:77:0e:5e:38:dd:9e:aa:f1: 04:ea:9f:15:92:11:14:d5:51:57:4f:41:87:20:3b:6f:05:ac: fd:13:9f:da:69:f1:09:bf:7c:cd:25:9d:ff:34:ac:e7:ed:e4: 44:aa:88:25:d3:c5:ac:68:d8:12:1d:42:4f:04:c4:e9:fd:30: 09:8d:ed:5c:fc:e5:eb:31:a0:47:fe:25:cf:cd:07:ef:63:8d: 05:cb:d2:63:cd:30:c9:e2:7f:18:3a:e5:c0:98:be:4f:5e:d9: d5:79:25:13:90:60:c0:d0:5e:a3:fe:6d:44:49:25:72:a0:75: 82:43:76:b7:55:40:41:1c:c7:a4:6d:48:a5:43:9f:12:9c:bf: a0:9f:fd:58:f7:5a:94:86:30:b8:6a:14:b1:52:d8:fc:0a:53: 49:ed:1f:32:e8:96:e5:a5:60:f3:0a:0b:82:a8:74:d9:c5:4b: 99:bc:4e:1f:9e:43:fc:6a:56:0e:ad:56:de:c7:5b:a7:17:9a: 45:7f:2c:0e:5f:32:7f:72:19:71:8e:29:ff:4a:31:ee:f9:96: 42:49:ab:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjQxMTIyMTgwNTI1WhcNMjQxMTI5MTgwNTI1WjAYMRYwFAYD VQQDEw02NzQwYzdlNS02NmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArFChSEN420LN9bxiFcFgJcpwtTVTVNoPMNB3UAQFh/nWDQZAcDyZwqFlq7Fi 55/G5XF7JGo3oXNrdLZD9vcj8CXF9m7kAQpc3YCn59wuQYfJyt1bZ6GWlrXKj8y2 B1/1G5dWA2iNqenAsLS0E7Bo/WfMuB/VFNbF8J2VS3PrmujUIk7ySP+G34+dw/8u JYUOQ8xT9+T3qaN1xziXLF6ntMmIXaWIhE2DedAfrwJv4/g5zLLxDYqoaXGSxfc9 HEcEmU60PJIZuAfyETNidz3/H9kk7rrnso/ejROGRYH/DGQu/R545tag8rsO6BqC dVB6tLOJrGKUWCUCRVL/igvCAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAMT4puh Bx696tQXuDhT4z+OsslMMB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJpsSqGkYBo5FAb3r6zXXLrFD2K1jQOVgSn0v98zmzzH7JLDjNt1ap oL5FwP+Ydw5eON2eqvEE6p8VkhEU1VFXT0GHIDtvBaz9E5/aafEJv3zNJZ3/NKzn 7eREqogl08WsaNgSHUJPBMTp/TAJje1c/OXrMaBH/iXPzQfvY40Fy9JjzTDJ4n8Y OuXAmL5PXtnVeSUTkGDA0F6j/m1ESSVyoHWCQ3a3VUBBHMekbUilQ58SnL+gn/1Y 91qUhjC4ahSxUtj8ClNJ7R8y6JblpWDzCguCqHTZxUuZvE4fnkP8alYOrVbex1un F5pFfywOXzJ/chlxjin/SjHu+ZZCSaty -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:56 2024 by rpki-client on console-fra.rpki-client.org