$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: 8aCfPMkVjJC65Rq61FwwrCitTDcvxmbdIeDtj4j3Gzk= Subject key identifier: 96:E5:0B:E9:70:C1:0B:92:AB:A7:D3:FC:F1:75:65:95:6C:BD:2E:0C Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 060D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 0608 Signing time: Wed 20 Nov 2024 22:16:47 +0000 Manifest this update: Wed 20 Nov 2024 22:16:46 +0000 Manifest next update: Wed 27 Nov 2024 22:16:46 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: ovOkXKXnyRRkpYMIwRXykOl7qF16YPNOKCOUTWtVT7A=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: bzwAo1vTwZtUvpqV0SE31TfJe7tyOs8AEfKtkNJnl48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1549 (0x60d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: Nov 20 22:16:46 2024 GMT Not After : Nov 27 22:16:46 2024 GMT Subject: CN=673e5fce-c619 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:89:36:ef:04:4a:60:ff:0b:cc:87:0e:93:75: 8f:14:37:00:af:40:01:8a:5d:04:b0:20:b7:a6:d5: 21:d8:96:d6:9b:c5:bd:a2:a7:bc:53:1c:bc:de:77: f4:78:be:9c:04:8c:18:46:d4:e7:c7:66:dd:27:1d: 82:ad:36:44:55:17:f0:d3:d3:5f:6e:70:e0:27:be: d5:ab:ca:f5:eb:80:75:82:41:15:a5:c5:38:c4:a9: aa:97:6a:fe:33:89:7c:b9:07:50:bb:79:93:17:53: c3:ab:ff:7e:41:be:19:55:d3:f0:07:44:21:ca:f8: 49:bd:49:48:e0:95:e6:e6:9b:3a:22:7a:b6:f0:36: da:21:36:2a:fb:8c:e2:78:58:d3:cf:6d:cd:82:88: 8e:23:16:35:db:53:6c:68:e2:35:8d:0b:95:34:12: a7:3f:ca:f6:70:ad:76:9b:f9:98:f7:39:e0:da:27: 2f:9a:c0:12:da:59:f3:ae:88:91:11:60:bd:e4:84: 2f:d0:17:15:2a:2e:51:ea:31:59:a4:aa:6a:50:b6: 90:b9:4c:0c:a4:16:ed:3f:c2:e3:2f:39:eb:eb:4a: 25:47:51:54:04:65:1e:56:87:92:4d:9b:f6:c8:9b: b9:40:ee:47:30:5a:92:4e:27:aa:39:32:97:01:32: 8a:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:E5:0B:E9:70:C1:0B:92:AB:A7:D3:FC:F1:75:65:95:6C:BD:2E:0C X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:63:52:6d:5b:61:01:61:05:c1:9d:6f:5f:d0:eb:00:d0:24: a3:9e:2e:ac:8d:72:77:e0:15:3b:aa:cc:6a:57:0a:63:df:77: 66:cf:fa:d3:d7:4d:9e:6c:cf:b1:38:b0:da:fb:1d:20:a6:88: 5e:99:50:e7:63:bb:1d:08:ec:9b:38:41:db:bb:a1:7e:01:a5: bf:d2:3b:5c:5e:c1:2e:1b:36:96:7d:05:54:af:c1:78:65:13: f7:e7:26:4c:73:d8:ba:78:6b:ed:ed:8e:8f:30:b1:fc:62:31: 10:14:0f:65:89:61:ac:50:14:0b:b2:00:6d:02:e5:8b:f3:3b: 68:88:60:ca:dd:b5:89:dd:00:70:fe:2d:1e:39:0c:9e:ad:ea: 7b:2e:2a:a3:41:c5:e4:44:8d:43:c9:3e:a7:2d:c7:0c:be:da: 80:09:b1:c0:0e:f3:41:fa:45:73:1e:d1:f9:dd:9d:29:c0:e1: d3:1e:f8:40:6a:c2:a5:ac:88:d7:95:91:44:26:38:83:40:1a: d4:fd:e9:6c:8e:45:5b:ab:23:4f:d8:e5:c1:5b:b0:10:7b:2b: 5e:47:b9:8d:88:0b:f5:87:c7:c2:bf:1f:00:60:8e:f1:bb:7c: c3:33:d0:9b:50:cf:bf:64:c3:2d:bf:af:14:46:51:11:1f:bf: 8d:6a:8b:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjQxMTIwMjIxNjQ2WhcNMjQxMTI3MjIxNjQ2WjAYMRYwFAYD VQQDEw02NzNlNWZjZS1jNjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxok27wRKYP8LzIcOk3WPFDcAr0ABil0EsCC3ptUh2JbWm8W9oqe8Uxy83nf0 eL6cBIwYRtTnx2bdJx2CrTZEVRfw09NfbnDgJ77Vq8r164B1gkEVpcU4xKmql2r+ M4l8uQdQu3mTF1PDq/9+Qb4ZVdPwB0QhyvhJvUlI4JXm5ps6Inq28DbaITYq+4zi eFjTz23NgoiOIxY121NsaOI1jQuVNBKnP8r2cK12m/mY9zng2icvmsAS2lnzroiR EWC95IQv0BcVKi5R6jFZpKpqULaQuUwMpBbtP8LjLznr60olR1FUBGUeVoeSTZv2 yJu5QO5HMFqSTieqOTKXATKK4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJblC+lw wQuSq6fT/PF1ZZVsvS4MMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkY1JtW2EBYQXBnW9f0OsA0CSjni6sjXJ34BU7qsxqVwpj33dmz/rT 102ebM+xOLDa+x0gpohemVDnY7sdCOybOEHbu6F+AaW/0jtcXsEuGzaWfQVUr8F4 ZRP35yZMc9i6eGvt7Y6PMLH8YjEQFA9liWGsUBQLsgBtAuWL8ztoiGDK3bWJ3QBw /i0eOQyerep7LiqjQcXkRI1DyT6nLccMvtqACbHADvNB+kVzHtH53Z0pwOHTHvhA asKlrIjXlZFEJjiDQBrU/elsjkVbqyNP2OXBW7AQeyteR7mNiAv1h8fCvx8AYI7x u3zDM9CbUM+/ZMMtv68URlERH7+Naosy -----END CERTIFICATE-----Generated at Wed Nov 20 23:55:37 2024 by rpki-client on console-ams.rpki-client.org