$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: yQrJeLrjCupMuk0beMxZSYPwQOc//lsU3pciJpH3x7M= Subject key identifier: D3:2A:AE:D1:8A:E7:2C:87:2A:AD:D4:69:FA:01:6B:76:05:F9:C0:D4 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0D58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0D3C Signing time: Fri 22 Nov 2024 17:57:57 +0000 Manifest this update: Fri 22 Nov 2024 17:57:56 +0000 Manifest next update: Fri 29 Nov 2024 17:57:56 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: iXW611s9gbsWIb42XtAzIrBB/VFkVH6WKoHucdsxuv4=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: F8kcefS3I97Fp9Z0ACrQ84pOuyd0pejyLJ6D0xqjqYQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:57:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3416 (0xd58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Nov 22 17:57:56 2024 GMT Not After : Nov 29 17:57:56 2024 GMT Subject: CN=6740c624-0db2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:42:03:1b:e5:29:e1:7a:ec:4a:32:d6:9c:55: b6:55:a7:f2:64:4e:2f:39:61:dd:13:ef:02:70:68: fe:1d:f6:5e:d9:6e:c5:d0:b0:08:49:fb:b2:86:64: 43:5f:26:48:7b:bb:07:25:e5:a3:13:3c:1a:67:3d: e9:f6:39:84:eb:c7:1d:1b:5a:36:30:26:d5:f1:3e: ef:38:c5:6d:02:a1:3c:da:08:80:72:4f:85:84:fd: c8:87:18:fa:9e:47:20:65:05:66:93:65:cb:74:e9: a5:06:22:bc:c6:1c:7e:62:d9:6d:16:0e:81:9e:e7: ac:f5:8f:37:5b:7f:a7:b4:a3:78:da:db:1d:6e:88: d2:34:71:39:1f:ae:62:4b:3d:d0:1d:12:e5:6d:d6: 2c:b3:13:1a:16:db:57:98:ef:9a:22:6b:ff:6f:a2: c6:4a:4f:23:ac:5f:92:33:38:05:6a:ae:12:7a:33: 95:dc:48:87:a5:3e:15:9a:a7:20:3f:11:ec:d7:79: ff:0f:7d:cc:df:7e:36:89:8c:b9:fb:c2:2d:8f:c9: 45:c1:e6:b6:86:f0:bf:c7:85:e5:da:08:d3:06:b3: 89:d2:7b:c5:18:a6:99:d0:99:9b:67:97:cd:26:05: 47:b5:e9:da:79:06:a6:df:83:dc:2c:a5:31:e9:3e: 03:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:2A:AE:D1:8A:E7:2C:87:2A:AD:D4:69:FA:01:6B:76:05:F9:C0:D4 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:b8:4a:bf:5b:2b:05:1d:20:e3:d7:92:6f:43:be:ed:35:7c: e0:24:31:c7:66:01:e8:55:bc:e0:07:8b:a3:58:a2:78:02:2b: a4:65:dc:ec:9a:04:09:66:cd:15:a5:bb:8f:fc:4f:f7:ac:54: 83:4a:1f:b8:1c:82:cd:a9:4a:17:80:a1:8a:47:6e:74:c5:9f: 25:d2:fd:bc:24:92:63:49:f6:7a:83:e6:99:9a:56:a9:ed:71: a8:60:e9:7b:fc:5a:cb:05:46:70:26:2e:40:e3:a4:a3:0c:cc: 3f:11:33:3a:b5:88:45:ba:e5:eb:24:ef:96:f7:2d:c2:c3:55: 90:d2:71:e0:cb:81:50:9c:2d:ad:ce:23:4c:cd:c8:29:16:ea: 4e:fb:13:a3:90:50:fb:45:3d:25:ce:1b:7c:1d:00:94:c3:7c: f2:d6:70:a8:5a:9f:ae:c9:56:ea:39:6b:7f:4f:d6:68:1c:e9: 0a:f1:17:a2:5a:5b:7d:6b:17:6c:b6:e4:cb:0c:4d:4a:d5:9e: db:90:4c:bf:18:40:30:8f:e4:ae:d1:af:f8:1b:29:3e:02:20: 13:ac:ec:bc:10:4e:a5:ad:20:64:af:81:07:c5:cf:25:01:29: 61:3e:3f:97:9b:ae:9c:58:3d:32:46:84:36:60:c7:9a:2a:ee: 9b:73:62:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjQxMTIyMTc1NzU2WhcNMjQxMTI5MTc1NzU2WjAYMRYwFAYD VQQDEw02NzQwYzYyNC0wZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyEIDG+Up4XrsSjLWnFW2VafyZE4vOWHdE+8CcGj+HfZe2W7F0LAISfuyhmRD XyZIe7sHJeWjEzwaZz3p9jmE68cdG1o2MCbV8T7vOMVtAqE82giAck+FhP3Ihxj6 nkcgZQVmk2XLdOmlBiK8xhx+YtltFg6Bnues9Y83W3+ntKN42tsdbojSNHE5H65i Sz3QHRLlbdYssxMaFttXmO+aImv/b6LGSk8jrF+SMzgFaq4SejOV3EiHpT4Vmqcg PxHs13n/D33M3342iYy5+8Itj8lFwea2hvC/x4Xl2gjTBrOJ0nvFGKaZ0JmbZ5fN JgVHtenaeQam34PcLKUx6T4DxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNMqrtGK 5yyHKq3UafoBa3YF+cDUMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXuEq/WysFHSDj15JvQ77tNXzgJDHHZgHoVbzgB4ujWKJ4AiukZdzs mgQJZs0VpbuP/E/3rFSDSh+4HILNqUoXgKGKR250xZ8l0v28JJJjSfZ6g+aZmlap 7XGoYOl7/FrLBUZwJi5A46SjDMw/ETM6tYhFuuXrJO+W9y3Cw1WQ0nHgy4FQnC2t ziNMzcgpFupO+xOjkFD7RT0lzht8HQCUw3zy1nCoWp+uyVbqOWt/T9ZoHOkK8Rei Wlt9axdstuTLDE1K1Z7bkEy/GEAwj+Su0a/4Gyk+AiATrOy8EE6lrSBkr4EHxc8l ASlhPj+Xm66cWD0yRoQ2YMeaKu6bc2Ix -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:58 2024 by rpki-client on console-fra.rpki-client.org