$ rpki-client -vvf rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.mft File: 7D2Af3k8nPX84zXuFeCYREm0MJY.mft (raw, json) Hash identifier: jg28pu4Eoo6Dki/zI1uKCsN/iba7m/4CEJ4VSg/509I= Subject key identifier: 28:27:39:F8:CA:F5:98:A4:C8:AD:F3:53:77:D2:94:B5:87:D1:C1:94 Authority key identifier: EC:3D:80:7F:79:3C:9C:F5:FC:E3:35:EE:15:E0:98:44:49:B4:30:96 Certificate issuer: /CN=A91517CF/serialNumber=EC3D807F793C9CF5FCE335EE15E0984449B43096 Certificate serial: 0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7D2Af3k8nPX84zXuFeCYREm0MJY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.mft Manifest number: 0C Signing time: Wed 25 Dec 2024 06:10:32 +0000 Manifest this update: Wed 25 Dec 2024 06:10:32 +0000 Manifest next update: Wed 01 Jan 2025 06:10:32 +0000 Files and hashes: 1: 7D2Af3k8nPX84zXuFeCYREm0MJY.crl (hash: 2MeKE2NSEikzIk61DdwcBQyqRneTS8AuNnDyYceb8f4=) 2: 18164B6AB2C811EFA702DF80C4F9AE02.roa (hash: 7UFK5IvMzRZ9oqAbFOWW72hTsQEiovxWyIoXLKQd8RE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.crl rsync://rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7D2Af3k8nPX84zXuFeCYREm0MJY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jan 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91517CF/serialNumber=EC3D807F793C9CF5FCE335EE15E0984449B43096 Validity Not Before: Dec 25 06:10:32 2024 GMT Not After : Jan 1 06:10:32 2025 GMT Subject: CN=676ba1d8-e8ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2f:ea:ad:20:46:3b:96:fe:83:94:54:a5:f8: 4d:fe:31:5d:f5:93:af:19:94:bf:db:32:b4:f3:38: f3:5b:20:17:33:41:79:d2:fb:a2:ce:77:b1:5d:83: d8:d5:b3:fb:89:7c:d7:38:a9:17:11:00:9f:d8:e7: 62:29:92:89:e9:46:f0:96:4b:ed:c7:e7:c7:b4:af: 10:a1:95:14:b7:21:51:9c:5a:fd:1a:b2:c3:05:18: 0a:b2:26:01:76:1d:88:c6:16:b6:33:0a:84:e8:14: 10:c3:17:07:00:08:ea:0c:b1:32:b1:71:0b:72:24: b6:18:13:33:f9:b4:dd:df:27:90:55:0d:68:97:8c: a0:59:2e:73:52:b7:db:0a:c1:65:61:7d:0d:7e:c1: 82:1a:ed:0c:d9:98:81:f3:0f:6c:df:72:fa:da:b4: ed:01:55:f5:22:1d:ba:15:d4:97:b1:19:57:46:ee: ab:d0:15:1b:47:f0:56:72:e1:6f:88:e7:33:e0:31: f8:5e:2d:cf:b1:9e:3c:83:c8:63:9d:eb:80:da:72: ab:6d:fc:49:e2:13:69:38:cb:52:7c:33:30:a0:4b: d0:4b:42:b7:ed:86:48:df:d8:91:03:60:2f:0a:0f: 40:d9:6b:d2:b6:e9:53:18:2b:e3:45:d8:c2:a4:2d: 26:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:27:39:F8:CA:F5:98:A4:C8:AD:F3:53:77:D2:94:B5:87:D1:C1:94 X509v3 Authority Key Identifier: keyid:EC:3D:80:7F:79:3C:9C:F5:FC:E3:35:EE:15:E0:98:44:49:B4:30:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7D2Af3k8nPX84zXuFeCYREm0MJY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91517CF/B4155458B2C711EF916BB67FC4F9AE02/7D2Af3k8nPX84zXuFeCYREm0MJY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:92:37:59:af:9f:f6:90:c3:b5:c3:73:ee:c0:c4:84:b8:9f: 72:ce:f5:ab:60:56:f0:7f:60:f0:c8:15:8f:45:d8:38:9d:ab: 15:f5:ea:2d:f1:cd:3e:2a:78:ae:e0:9e:9b:e4:34:6e:12:5a: 5a:93:c7:06:3e:98:a9:fd:a3:a8:77:63:bb:12:38:01:14:97: fc:04:b1:57:83:80:25:31:6e:94:19:3b:ca:cb:37:09:9f:a5: ac:5c:29:36:cf:3b:81:83:6f:03:86:7e:5b:18:21:79:a1:f3: a8:2c:df:0a:ca:d4:57:18:16:62:dc:bc:e4:c3:7f:93:d9:d2: e8:70:dd:77:3b:86:c8:98:7b:42:0d:b4:44:b4:de:e4:9b:40: cc:5e:f4:21:c1:19:96:45:7f:e2:8b:48:4e:2b:59:7b:4c:c6: 81:7f:fa:ec:cb:f3:ba:e9:d6:ab:22:ca:3e:62:56:38:81:c2: 80:2a:19:94:f8:95:93:2a:e1:6a:0d:6b:5d:f7:95:1f:0f:3e: 78:5a:3c:df:55:b8:59:89:f1:87:b0:71:6f:15:56:00:cb:40: 66:49:86:8d:17:26:35:40:8a:e8:93:8b:4a:66:c2:74:67:27: 95:ea:b3:b3:66:a3:aa:3e:ed:59:43:91:1a:04:b8:3c:aa:6b: dd:4b:ba:ee -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MTdDRjExMC8GA1UEBRMoRUMzRDgwN0Y3OTNDOUNGNUZDRTMzNUVFMTVFMDk4NDQ0 OUI0MzA5NjAeFw0yNDEyMjUwNjEwMzJaFw0yNTAxMDEwNjEwMzJaMBgxFjAUBgNV BAMTDTY3NmJhMWQ4LWU4ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDXL+qtIEY7lv6DlFSl+E3+MV31k68ZlL/bMrTzOPNbIBczQXnS+6LOd7Fdg9jV s/uJfNc4qRcRAJ/Y52IpkonpRvCWS+3H58e0rxChlRS3IVGcWv0assMFGAqyJgF2 HYjGFrYzCoToFBDDFwcACOoMsTKxcQtyJLYYEzP5tN3fJ5BVDWiXjKBZLnNSt9sK wWVhfQ1+wYIa7QzZmIHzD2zfcvratO0BVfUiHboV1JexGVdG7qvQFRtH8FZy4W+I 5zPgMfheLc+xnjyDyGOd64Dacqtt/EniE2k4y1J8MzCgS9BLQrfthkjf2JEDYC8K D0DZa9K26VMYK+NF2MKkLSZ/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKCc5+Mr1 mKTIrfNTd9KUtYfRwZQwHwYDVR0jBBgwFoAU7D2Af3k8nPX84zXuFeCYREm0MJYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUxN0NGL0I0MTU1NDU4QjJD NzExRUY5MTZCQjY3RkM0RjlBRTAyLzdEMkFmM2s4blBYODR6WHVGZUNZUkVtME1K WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN0QyQWYzazhuUFg4NHpYdUZlQ1lSRW0wTUpZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUx N0NGL0I0MTU1NDU4QjJDNzExRUY5MTZCQjY3RkM0RjlBRTAyLzdEMkFmM2s4blBY ODR6WHVGZUNZUkVtME1KWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJCSN1mvn/aQw7XDc+7AxIS4n3LO9atgVvB/YPDIFY9F2DidqxX16i3x zT4qeK7gnpvkNG4SWlqTxwY+mKn9o6h3Y7sSOAEUl/wEsVeDgCUxbpQZO8rLNwmf paxcKTbPO4GDbwOGflsYIXmh86gs3wrK1FcYFmLcvOTDf5PZ0uhw3Xc7hsiYe0IN tES03uSbQMxe9CHBGZZFf+KLSE4rWXtMxoF/+uzL87rp1qsiyj5iVjiBwoAqGZT4 lZMq4WoNa133lR8PPnhaPN9VuFmJ8YewcW8VVgDLQGZJho0XJjVAiuiTi0pmwnRn J5Xqs7Nmo6o+7VlDkRoEuDyqa91Luu4= -----END CERTIFICATE-----Generated at Wed Dec 25 08:01:13 2024 by rpki-client on console-fra.rpki-client.org