$ rpki-client -vvf rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft File: 5vEsD995brDfK2AuWsQsy4OyLhg.mft (raw, json) Hash identifier: 63EmdI2xMEzOSvJTO327ddJg9dDNEBkjXwmz+V6BUlk= Subject key identifier: 31:72:52:17:14:72:77:5C:E8:B5:FF:7F:EE:21:9F:B5:36:FC:A0:02 Authority key identifier: E6:F1:2C:0F:DF:79:6E:B0:DF:2B:60:2E:5A:C4:2C:CB:83:B2:2E:18 Certificate issuer: /CN=A914E3B7/serialNumber=E6F12C0FDF796EB0DF2B602E5AC42CCB83B22E18 Certificate serial: 3422 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft Manifest number: 341F Signing time: Fri 22 Nov 2024 15:11:08 +0000 Manifest this update: Fri 22 Nov 2024 15:11:08 +0000 Manifest next update: Fri 29 Nov 2024 15:11:08 +0000 Files and hashes: 1: 5vEsD995brDfK2AuWsQsy4OyLhg.crl (hash: zGd8BtFKaeorfK5TYKp/RGG6BEJyTkCYzILjCenC9zQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.crl rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:11:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13346 (0x3422) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E3B7/serialNumber=E6F12C0FDF796EB0DF2B602E5AC42CCB83B22E18 Validity Not Before: Nov 22 15:11:08 2024 GMT Not After : Nov 29 15:11:08 2024 GMT Subject: CN=67409f0c-70f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:91:0d:5d:57:75:82:0e:c0:2c:f1:a2:c6:e2: e6:23:d5:c7:e7:53:97:b5:9a:b4:03:04:e7:07:32: f4:fe:e9:a5:af:18:8f:d2:5d:bf:64:08:f0:7e:e4: 0a:35:4b:f2:53:a4:31:37:89:23:a1:30:1b:94:fd: 57:c8:7c:36:07:e5:cc:d6:5e:ab:9d:0d:33:31:2d: 6d:d8:63:cc:84:ed:3b:7f:8c:9c:fd:5c:b8:9f:39: 6a:30:52:ed:ef:eb:ed:a7:5a:80:af:63:c6:3c:bc: ff:dd:82:5a:23:3a:cd:4a:f4:8f:53:ad:2e:b3:41: 74:c9:4a:c1:77:d5:e8:18:d4:5d:a0:c5:f3:b8:a3: de:d5:db:cc:03:32:07:90:11:a6:af:ab:75:17:6f: ea:84:69:ee:98:66:c4:e3:2d:d5:39:f3:ad:8d:c2: 06:81:bc:eb:5e:75:be:08:44:58:16:b6:8d:18:59: 0e:d5:17:c1:bf:c5:16:cc:2a:7e:ff:21:9e:5e:21: d1:df:f9:bf:8e:6b:73:96:08:15:13:0c:35:82:c1: d7:87:fc:0e:d9:39:22:b8:c8:11:6f:3e:70:70:6d: 0f:f6:66:7c:b1:37:d3:71:46:cc:37:d7:dd:20:1c: 8c:7b:5d:f3:d4:06:5a:a6:46:db:02:29:0c:9c:29: bc:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:72:52:17:14:72:77:5C:E8:B5:FF:7F:EE:21:9F:B5:36:FC:A0:02 X509v3 Authority Key Identifier: keyid:E6:F1:2C:0F:DF:79:6E:B0:DF:2B:60:2E:5A:C4:2C:CB:83:B2:2E:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5vEsD995brDfK2AuWsQsy4OyLhg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E3B7/9FAE84FA1DA411E2AC2BAF9A08B02CD2/5vEsD995brDfK2AuWsQsy4OyLhg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:a5:4a:1c:54:16:95:4a:0d:96:b4:91:7d:65:88:5c:a0:f3: bc:04:56:41:b0:16:b4:cf:91:6d:85:77:1b:4b:8a:1c:41:69: 24:71:fb:06:8f:82:12:04:89:75:a0:75:5a:5f:19:a2:2a:ab: cd:a1:77:24:51:5a:8c:89:9a:31:9c:e9:57:b7:04:60:29:3c: a8:72:75:83:d7:ab:0e:b0:d8:e8:7e:3a:f5:15:f7:52:38:6f: 30:13:dc:db:99:97:78:9d:33:21:39:3b:3a:30:14:1d:5f:03: e6:5b:95:b3:b4:1c:95:95:c7:bf:df:bd:d2:eb:da:4c:1b:0a: 7a:1b:e4:e5:df:ec:a8:5b:ba:44:fe:12:ec:ab:9a:30:d6:2e: 42:7e:bc:5a:b1:c1:48:79:de:3e:fd:b8:47:ae:56:e9:19:d1: 13:2c:a2:6d:38:e7:42:cb:97:cb:ee:2e:06:1c:27:b9:ad:4a: 0d:7e:ca:c1:bd:f2:c3:e6:d0:de:4d:bb:23:d1:00:d6:f6:4f: 9c:06:2b:7b:6d:9f:39:d7:e2:ef:7f:39:1f:e3:fb:53:48:2a: d6:b3:be:41:6f:da:a2:d6:33:ad:59:ae:a2:61:c9:02:02:a6: 80:bc:ea:dd:62:6d:0a:bb:c4:bb:9b:dc:ca:70:97:17:ad:e6: ce:12:89:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUzQjcxMTAvBgNVBAUTKEU2RjEyQzBGREY3OTZFQjBERjJCNjAyRTVBQzQyQ0NC ODNCMjJFMTgwHhcNMjQxMTIyMTUxMTA4WhcNMjQxMTI5MTUxMTA4WjAYMRYwFAYD VQQDEw02NzQwOWYwYy03MGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2JENXVd1gg7ALPGixuLmI9XH51OXtZq0AwTnBzL0/umlrxiP0l2/ZAjwfuQK NUvyU6QxN4kjoTAblP1XyHw2B+XM1l6rnQ0zMS1t2GPMhO07f4yc/Vy4nzlqMFLt 7+vtp1qAr2PGPLz/3YJaIzrNSvSPU60us0F0yUrBd9XoGNRdoMXzuKPe1dvMAzIH kBGmr6t1F2/qhGnumGbE4y3VOfOtjcIGgbzrXnW+CERYFraNGFkO1RfBv8UWzCp+ /yGeXiHR3/m/jmtzlggVEww1gsHXh/wO2TkiuMgRbz5wcG0P9mZ8sTfTcUbMN9fd IByMe13z1AZapkbbAikMnCm8lQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDFyUhcU cndc6LX/f+4hn7U2/KACMB8GA1UdIwQYMBaAFObxLA/feW6w3ytgLlrELMuDsi4Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTNCNy85RkFFODRGQTFE QTQxMUUyQUMyQkFGOUEwOEIwMkNEMi81dkVzRDk5NWJyRGZLMkF1V3NRc3k0T3lM aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzV2RXNEOTk1YnJEZksyQXVXc1FzeTRPeUxoZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTNCNy85RkFFODRGQTFEQTQxMUUyQUMyQkFGOUEwOEIwMkNEMi81dkVzRDk5NWJy RGZLMkF1V3NRc3k0T3lMaGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwpUocVBaVSg2WtJF9ZYhcoPO8BFZBsBa0z5FthXcbS4ocQWkkcfsG j4ISBIl1oHVaXxmiKqvNoXckUVqMiZoxnOlXtwRgKTyocnWD16sOsNjofjr1FfdS OG8wE9zbmZd4nTMhOTs6MBQdXwPmW5WztByVlce/373S69pMGwp6G+Tl3+yoW7pE /hLsq5ow1i5CfrxascFIed4+/bhHrlbpGdETLKJtOOdCy5fL7i4GHCe5rUoNfsrB vfLD5tDeTbsj0QDW9k+cBit7bZ851+Lvfzkf4/tTSCrWs75Bb9qi1jOtWa6iYckC AqaAvOrdYm0Ku8S7m9zKcJcXrebOEokS -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:45 2024 by rpki-client on console-fra.rpki-client.org