$ rpki-client -vvf rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft File: X3A2SNc_YGlFARjbom-WaC1a5so.mft (raw, json) Hash identifier: RcQjlr3kODtmMw81WQWUpG8donb7JSsW0xGvvs5e0FQ= Subject key identifier: 45:86:3B:B1:D3:BB:A9:C1:5C:73:38:40:67:5B:D0:73:4C:C5:49:93 Authority key identifier: 5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA Certificate issuer: /CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Certificate serial: 3423 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft Manifest number: 3423 Signing time: Fri 22 Nov 2024 14:37:54 +0000 Manifest this update: Fri 22 Nov 2024 14:37:54 +0000 Manifest next update: Fri 29 Nov 2024 14:37:54 +0000 Files and hashes: 1: X3A2SNc_YGlFARjbom-WaC1a5so.crl (hash: FXqycM7OoCBY0V1Z1bwhfLglk3TBV4ihTjCzzg2O4r4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:37:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13347 (0x3423) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Validity Not Before: Nov 22 14:37:54 2024 GMT Not After : Nov 29 14:37:54 2024 GMT Subject: CN=67409742-afe8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:36:2e:bf:c0:c7:c9:fd:7e:28:4f:6f:ce:0a: 7b:b1:fa:94:70:7a:28:9e:0b:da:08:08:21:e7:cb: 1c:50:6d:44:d4:d1:75:a1:6b:ed:0a:c6:3a:81:66: f9:47:97:1f:51:39:26:d3:7d:3c:03:1a:a9:2c:a9: bb:01:e6:ab:87:13:8d:11:e9:cd:90:4e:a9:f8:71: 9d:f0:90:c4:ee:e3:dd:0b:c5:e5:13:37:9d:63:ef: 45:90:97:52:6e:ef:29:10:d2:2a:08:40:5f:c3:b8: 55:8b:0c:e4:80:ad:a0:65:87:93:7e:a4:50:e6:01: 4e:4e:5b:0c:de:0b:3b:5f:24:f0:cf:d9:04:e9:f5: b5:fa:03:38:58:98:ba:22:b4:c5:ab:8e:bf:b8:ce: d3:bd:11:38:1b:d0:79:a3:d4:ba:f2:84:33:ae:81: 72:d9:60:e2:8f:4a:99:16:ac:51:95:4e:87:46:ea: 86:b6:95:5b:d9:89:99:ec:de:b0:01:ae:55:98:15: 5c:d2:b5:c6:e1:0d:81:52:4a:96:0e:ce:6d:cb:de: 6c:b3:f7:44:7f:c4:5f:97:c3:99:3d:4c:0b:74:df: 9a:82:36:28:50:7b:5d:3b:dd:db:fa:b5:b7:ad:cd: dc:0d:7a:62:4e:62:a1:05:62:d8:97:64:86:43:34: 40:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:86:3B:B1:D3:BB:A9:C1:5C:73:38:40:67:5B:D0:73:4C:C5:49:93 X509v3 Authority Key Identifier: keyid:5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:5a:ee:c4:16:3a:7c:bd:88:46:b1:fd:d7:ce:e5:bf:da:b9: ac:5f:cd:5c:bf:fe:76:70:fc:57:c0:87:7b:86:1e:42:e8:a0: bc:75:ea:5b:95:24:9f:76:20:0f:bf:65:5f:26:39:4c:89:53: 82:fa:aa:dd:54:64:72:63:fd:62:d1:d3:e6:3a:2d:5b:8f:5a: 75:84:07:75:bd:fd:95:e0:c2:29:b8:23:d3:57:00:63:53:d8: 40:86:6a:91:ff:fd:9a:12:9a:69:0c:b9:0a:cf:82:cf:99:c0: 3a:ca:6c:86:f7:99:ef:ed:8f:31:16:ee:85:e9:e7:d5:1d:5a: a5:33:b6:7a:cf:f1:0b:7c:73:03:34:81:b7:31:ae:08:24:bb: 0d:7f:b7:1c:a0:0c:8a:33:c8:ee:db:2e:1d:ba:f1:a5:e0:1d: 24:f9:f8:7e:75:c2:3b:c8:a5:cc:fa:a9:fe:c2:69:4b:1c:54: fd:21:43:66:87:18:37:72:5b:1d:e8:5d:7c:d6:35:4f:17:5d: aa:48:b2:76:36:c2:ce:59:6a:41:a6:81:c6:ed:de:ac:25:d9: f9:39:74:16:15:ab:e2:3d:e4:e4:ac:08:9d:31:84:ea:79:27: 05:05:6f:dd:f1:59:bc:af:20:d0:8c:d6:5b:60:04:e9:8f:64: b3:b2:df:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4QkIxMTAvBgNVBAUTKDVGNzAzNjQ4RDczRjYwNjk0NTAxMThEQkEyNkY5NjY4 MkQ1QUU2Q0EwHhcNMjQxMTIyMTQzNzU0WhcNMjQxMTI5MTQzNzU0WjAYMRYwFAYD VQQDEw02NzQwOTc0Mi1hZmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0DYuv8DHyf1+KE9vzgp7sfqUcHoongvaCAgh58scUG1E1NF1oWvtCsY6gWb5 R5cfUTkm0308AxqpLKm7AearhxONEenNkE6p+HGd8JDE7uPdC8XlEzedY+9FkJdS bu8pENIqCEBfw7hViwzkgK2gZYeTfqRQ5gFOTlsM3gs7XyTwz9kE6fW1+gM4WJi6 IrTFq46/uM7TvRE4G9B5o9S68oQzroFy2WDij0qZFqxRlU6HRuqGtpVb2YmZ7N6w Aa5VmBVc0rXG4Q2BUkqWDs5ty95ss/dEf8Rfl8OZPUwLdN+agjYoUHtdO93b+rW3 rc3cDXpiTmKhBWLYl2SGQzRAAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEWGO7HT u6nBXHM4QGdb0HNMxUmTMB8GA1UdIwQYMBaAFF9wNkjXP2BpRQEY26JvlmgtWubK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDhCQi81QTBEOTU4ODFE OEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lHbEZBUmpib20tV2FDMWE1 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gzQTJTTmNfWUdsRkFSamJvbS1XYUMxYTVzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDhCQi81QTBEOTU4ODFEOEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lH bEZBUmpib20tV2FDMWE1c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPWu7EFjp8vYhGsf3XzuW/2rmsX81cv/52cPxXwId7hh5C6KC8depb lSSfdiAPv2VfJjlMiVOC+qrdVGRyY/1i0dPmOi1bj1p1hAd1vf2V4MIpuCPTVwBj U9hAhmqR//2aEpppDLkKz4LPmcA6ymyG95nv7Y8xFu6F6efVHVqlM7Z6z/ELfHMD NIG3Ma4IJLsNf7ccoAyKM8ju2y4duvGl4B0k+fh+dcI7yKXM+qn+wmlLHFT9IUNm hxg3clsd6F181jVPF12qSLJ2NsLOWWpBpoHG7d6sJdn5OXQWFaviPeTkrAidMYTq eScFBW/d8Vm8ryDQjNZbYATpj2Szst90 -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:36 2024 by rpki-client on console-fra.rpki-client.org