$ rpki-client -vvf rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.mft File: K8rPYWW1h0BZDllxhDPYGD_5Rm0.mft (raw, json) Hash identifier: +dgX2YZ3sE8R+UqK6U7cPOspwef0AlQCHw6MJ4BnwUY= Subject key identifier: D4:77:9E:5A:A1:AF:84:44:F9:F3:7E:3E:AB:13:49:35:E5:4D:0F:E9 Authority key identifier: 2B:CA:CF:61:65:B5:87:40:59:0E:59:71:84:33:D8:18:3F:F9:46:6D Certificate issuer: /CN=A9144DEA/serialNumber=2BCACF6165B58740590E59718433D8183FF9466D Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8rPYWW1h0BZDllxhDPYGD_5Rm0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.mft Manifest number: 34 Signing time: Thu 21 Nov 2024 05:37:01 +0000 Manifest this update: Thu 21 Nov 2024 05:37:00 +0000 Manifest next update: Thu 28 Nov 2024 05:37:00 +0000 Files and hashes: 1: K8rPYWW1h0BZDllxhDPYGD_5Rm0.crl (hash: 5kSy6JeSOOPhW/r377BUFNRnXF1kAasbH+LxNRT6Q20=) 2: 7490D0DE5AE111EFAD7EB82CC4F9AE02.roa (hash: t2Ij9WmOv285Qe1IPpwSlpXmYjCDJzDV9cm4X0fPj98=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.crl rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8rPYWW1h0BZDllxhDPYGD_5Rm0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9144DEA/serialNumber=2BCACF6165B58740590E59718433D8183FF9466D Validity Not Before: Nov 21 05:37:00 2024 GMT Not After : Nov 28 05:37:00 2024 GMT Subject: CN=673ec6fc-c401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a8:24:16:91:24:ab:d8:be:0f:e7:03:f8:b1: 10:f4:67:16:01:38:f1:a8:cc:b8:08:aa:8e:07:ca: 89:ca:00:17:11:43:a5:a0:6c:e9:cd:00:1a:fd:dc: 3c:6d:f9:77:5a:64:8c:88:c4:58:39:5f:a4:d6:09: 95:61:6c:79:8f:4e:a5:21:10:c4:1b:54:27:13:f6: 03:bd:d9:61:4e:4c:17:01:98:35:0e:9f:80:b1:1d: dc:b8:55:3f:7a:8c:22:c9:4e:2b:e3:21:75:f0:f9: e3:6b:4c:93:9e:22:eb:88:be:3a:63:ea:41:3b:d7: 38:44:15:67:13:fb:ef:74:da:b2:88:28:51:c7:bb: e0:0f:83:f2:b6:49:4c:53:70:11:5c:6d:c3:32:74: 24:34:dc:ad:00:ba:3d:03:7e:52:78:0d:2b:27:19: 6f:b6:d0:af:ef:4e:0a:c8:a0:3c:2d:65:4b:ac:bf: 80:5b:50:17:19:0b:0f:4a:90:47:19:d9:fc:d0:4a: 6b:18:c5:e8:ab:48:bd:68:b1:68:5f:ec:4c:ec:83: 15:17:b1:bb:b3:e1:c9:12:5b:9e:46:14:cf:8f:1f: 52:1c:a6:f8:18:c0:8b:44:c1:fe:b0:89:b9:fc:27: 48:71:57:90:60:93:23:0d:b5:17:91:36:a5:9b:49: 52:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:77:9E:5A:A1:AF:84:44:F9:F3:7E:3E:AB:13:49:35:E5:4D:0F:E9 X509v3 Authority Key Identifier: keyid:2B:CA:CF:61:65:B5:87:40:59:0E:59:71:84:33:D8:18:3F:F9:46:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8rPYWW1h0BZDllxhDPYGD_5Rm0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144DEA/3BF5F2E05AE111EFA7563C2CC4F9AE02/K8rPYWW1h0BZDllxhDPYGD_5Rm0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:b3:08:4f:8f:fa:fc:b2:21:bb:69:bf:fe:9d:d7:dd:16:71: f4:60:26:fd:84:c5:b6:9e:39:97:9a:6d:23:b7:14:1e:cb:fe: 17:7f:fb:63:9e:48:b6:ae:81:85:bb:e9:52:a9:e1:e2:e7:07: 10:d0:5b:89:2b:63:11:21:58:78:e3:a2:a1:ed:2b:1d:69:fd: b3:18:b9:fa:40:70:f8:98:c1:db:04:ed:c5:23:56:00:c1:df: 80:40:bf:f5:8a:17:92:65:33:97:40:b6:fc:22:db:f1:36:7e: 63:f3:c1:88:5c:e7:33:7e:42:6b:ab:48:00:24:a5:c9:51:66: a9:4f:47:a1:0a:a6:2c:9f:81:45:7f:78:67:f7:11:ca:4d:c7: e7:4c:e1:db:d4:df:7c:19:0e:a1:cd:b6:4b:44:c7:be:83:c8: e9:ce:82:0a:30:56:32:80:42:75:c5:49:5e:ef:88:5d:e9:0a: 78:4b:a2:5e:cc:0c:83:c7:65:12:37:3c:2f:bc:bd:dd:e9:33: 8a:34:07:e4:a4:63:cc:0d:e2:56:e3:35:a2:7a:09:10:5d:a2: e3:93:26:c6:57:1d:a2:4a:22:71:27:ab:5c:8f:12:13:ef:a2: b0:46:93:5f:43:d3:47:90:b6:d6:e1:18:87:48:b9:46:6c:3d: 36:ca:f3:a8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NERFQTExMC8GA1UEBRMoMkJDQUNGNjE2NUI1ODc0MDU5MEU1OTcxODQzM0Q4MTgz RkY5NDY2RDAeFw0yNDExMjEwNTM3MDBaFw0yNDExMjgwNTM3MDBaMBgxFjAUBgNV BAMTDTY3M2VjNmZjLWM0MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOqCQWkSSr2L4P5wP4sRD0ZxYBOPGozLgIqo4HyonKABcRQ6WgbOnNABr93Dxt +XdaZIyIxFg5X6TWCZVhbHmPTqUhEMQbVCcT9gO92WFOTBcBmDUOn4CxHdy4VT96 jCLJTivjIXXw+eNrTJOeIuuIvjpj6kE71zhEFWcT++902rKIKFHHu+APg/K2SUxT cBFcbcMydCQ03K0Auj0DflJ4DSsnGW+20K/vTgrIoDwtZUusv4BbUBcZCw9KkEcZ 2fzQSmsYxeirSL1osWhf7EzsgxUXsbuz4ckSW55GFM+PH1IcpvgYwItEwf6wibn8 J0hxV5BgkyMNtReRNqWbSVLPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1HeeWqGv hET5834+qxNJNeVND+kwHwYDVR0jBBgwFoAUK8rPYWW1h0BZDllxhDPYGD/5Rm0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0REVBLzNCRjVGMkUwNUFF MTExRUZBNzU2M0MyQ0M0RjlBRTAyL0s4clBZV1cxaDBCWkRsbHhoRFBZR0RfNVJt MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSzhyUFlXVzFoMEJaRGxseGhEUFlHRF81Um0wLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ0 REVBLzNCRjVGMkUwNUFFMTExRUZBNzU2M0MyQ0M0RjlBRTAyL0s4clBZV1cxaDBC WkRsbHhoRFBZR0RfNVJtMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADSzCE+P+vyyIbtpv/6d190WcfRgJv2ExbaeOZeabSO3FB7L/hd/+2Oe SLaugYW76VKp4eLnBxDQW4krYxEhWHjjoqHtKx1p/bMYufpAcPiYwdsE7cUjVgDB 34BAv/WKF5JlM5dAtvwi2/E2fmPzwYhc5zN+QmurSAAkpclRZqlPR6EKpiyfgUV/ eGf3EcpNx+dM4dvU33wZDqHNtktEx76DyOnOggowVjKAQnXFSV7viF3pCnhLol7M DIPHZRI3PC+8vd3pM4o0B+SkY8wN4lbjNaJ6CRBdouOTJsZXHaJKInEnq1yPEhPv orBGk19D00eQttbhGIdIuUZsPTbK86g= -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:02 2024 by rpki-client on console-ams.rpki-client.org