$ rpki-client -vvf rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft File: tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft (raw, json) Hash identifier: P5OdqyowXbzmBxg2VyOBiB3fPK0iLtqBdlWptDqCcSI= Subject key identifier: 6E:1F:57:02:9D:89:EA:B5:1E:E0:17:58:9D:C3:C9:9C:BB:D8:D5:3D Authority key identifier: B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C Certificate issuer: /CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft Manifest number: 95 Signing time: Thu 21 Nov 2024 04:35:10 +0000 Manifest this update: Thu 21 Nov 2024 04:35:09 +0000 Manifest next update: Thu 28 Nov 2024 04:35:09 +0000 Files and hashes: 1: tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl (hash: S+En/pktk7Q3Z/nYOrugKQZZFokSDy77G4875urdumA=) 2: B2B006BAE3E911EEB845B268C4F9AE02.roa (hash: svtnxhlF5NWmNNObseS7pAI3bZ45udx6YcRU3jyp4kA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131711/serialNumber=B57B207F0E1C1BA873A0793582C7A8134098674C Validity Not Before: Nov 21 04:35:09 2024 GMT Not After : Nov 28 04:35:09 2024 GMT Subject: CN=673eb87d-4995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2c:4b:93:97:4c:09:71:6b:53:0d:b4:2a:42: 88:ab:99:72:b4:a4:d9:5b:fa:a2:31:51:85:ae:b1: 46:44:fa:53:07:b2:df:89:46:54:2e:3f:8a:cc:d4: 23:f5:71:9a:5e:96:0e:16:bc:ba:34:33:d1:83:67: af:c6:7b:3c:b6:15:3f:32:0f:6e:50:74:fe:64:3a: d7:6f:e2:5b:b0:13:3f:2e:fd:c7:fc:8c:1d:28:16: af:86:31:91:ed:0f:18:b4:26:da:59:15:70:ed:83: c4:7a:82:1e:d8:b6:f9:75:e0:a8:5b:c2:3b:fb:09: d3:c6:81:ed:d3:87:d4:9e:fd:f9:18:6f:6d:12:0b: c1:a8:a3:63:d6:86:5f:1d:9b:0d:00:83:48:cb:1e: 85:07:e5:20:50:74:b9:52:78:4e:41:8c:ad:0d:d4: 17:21:a3:85:58:42:d6:fc:94:a2:73:c7:c8:d1:2b: 33:7c:6b:c1:69:6a:7f:a2:40:41:5c:cb:66:9d:e2: e9:7a:0d:5c:68:26:e1:a4:fc:11:e8:b9:e6:87:36: ac:1c:aa:02:6c:41:61:f1:da:5b:d4:a6:d9:e4:52: 23:37:b3:a9:7b:b2:d0:60:77:17:41:09:41:d5:d7: 0c:9c:f8:71:f9:07:11:fe:45:7d:7c:a8:b4:2d:33: 0b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:1F:57:02:9D:89:EA:B5:1E:E0:17:58:9D:C3:C9:9C:BB:D8:D5:3D X509v3 Authority Key Identifier: keyid:B5:7B:20:7F:0E:1C:1B:A8:73:A0:79:35:82:C7:A8:13:40:98:67:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tXsgfw4cG6hzoHk1gseoE0CYZ0w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131711/9FDD2DA0C99111EE891BA419C4F9AE02/tXsgfw4cG6hzoHk1gseoE0CYZ0w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:b6:6c:07:2a:a4:9c:a0:d6:41:95:3c:4e:d7:f4:55:ee:d7: 6f:a7:49:55:da:b4:03:cf:29:bd:15:70:f1:b9:b1:6b:02:0b: 76:8d:ae:4e:b1:ef:c7:34:4a:b5:84:4c:7e:12:8e:35:ef:d6: a0:2b:47:1b:0c:00:fc:1a:59:75:ff:69:23:e5:eb:0d:5e:86: 2c:c4:a1:00:03:0f:1d:16:8b:de:9d:05:ee:2d:c9:e9:73:63: 33:21:71:f0:94:d5:40:48:11:87:b1:f6:4e:eb:37:40:91:82: 53:6e:1b:79:e1:df:af:9d:c3:fb:d5:84:f4:fd:84:3a:06:69: 97:d0:f4:f6:c8:74:9e:73:29:c6:96:6f:42:d0:29:e1:31:e8: 20:9e:d5:e5:5c:65:23:c8:69:48:78:1f:14:fc:9e:4b:89:fc: e5:bb:13:4e:23:f2:fe:e4:97:83:3c:45:db:f1:b3:57:7b:7f: 8b:27:2a:39:6f:3e:17:b2:1d:3f:38:41:79:b4:64:f4:0b:73: 0e:41:3f:7d:88:71:3e:25:82:00:2b:37:d9:d4:dd:6d:a2:ff: 16:f2:2e:c8:30:33:70:80:b4:8e:94:fe:9e:55:e2:69:c0:a8: c0:98:1e:02:50:2a:37:c8:e8:f3:c3:87:5b:17:cd:e1:a5:53: 8b:6d:44:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE3MTExMTAvBgNVBAUTKEI1N0IyMDdGMEUxQzFCQTg3M0EwNzkzNTgyQzdBODEz NDA5ODY3NEMwHhcNMjQxMTIxMDQzNTA5WhcNMjQxMTI4MDQzNTA5WjAYMRYwFAYD VQQDEw02NzNlYjg3ZC00OTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArSxLk5dMCXFrUw20KkKIq5lytKTZW/qiMVGFrrFGRPpTB7LfiUZULj+KzNQj 9XGaXpYOFry6NDPRg2evxns8thU/Mg9uUHT+ZDrXb+JbsBM/Lv3H/IwdKBavhjGR 7Q8YtCbaWRVw7YPEeoIe2Lb5deCoW8I7+wnTxoHt04fUnv35GG9tEgvBqKNj1oZf HZsNAINIyx6FB+UgUHS5UnhOQYytDdQXIaOFWELW/JSic8fI0SszfGvBaWp/okBB XMtmneLpeg1caCbhpPwR6LnmhzasHKoCbEFh8dpb1KbZ5FIjN7Ope7LQYHcXQQlB 1dcMnPhx+QcR/kV9fKi0LTMLHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG4fVwKd ieq1HuAXWJ3DyZy72NU9MB8GA1UdIwQYMBaAFLV7IH8OHBuoc6B5NYLHqBNAmGdM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTcxMS85RkREMkRBMEM5 OTExMUVFODkxQkE0MTlDNEY5QUUwMi90WHNnZnc0Y0c2aHpvSGsxZ3Nlb0UwQ1la MHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3RYc2dmdzRjRzZoem9IazFnc2VvRTBDWVowdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTcxMS85RkREMkRBMEM5OTExMUVFODkxQkE0MTlDNEY5QUUwMi90WHNnZnc0Y0c2 aHpvSGsxZ3Nlb0UwQ1laMHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhtmwHKqScoNZBlTxO1/RV7tdvp0lV2rQDzym9FXDxubFrAgt2ja5O se/HNEq1hEx+Eo4179agK0cbDAD8Gll1/2kj5esNXoYsxKEAAw8dFovenQXuLcnp c2MzIXHwlNVASBGHsfZO6zdAkYJTbht54d+vncP71YT0/YQ6BmmX0PT2yHSecynG lm9C0CnhMeggntXlXGUjyGlIeB8U/J5LifzluxNOI/L+5JeDPEXb8bNXe3+LJyo5 bz4Xsh0/OEF5tGT0C3MOQT99iHE+JYIAKzfZ1N1tov8W8i7IMDNwgLSOlP6eVeJp wKjAmB4CUCo3yOjzw4dbF83hpVOLbUSo -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:03 2024 by rpki-client on console-ams.rpki-client.org