$ rpki-client -vvf rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft File: 1fozYzT5muNj6lhn0o6KUCMeQiA.mft (raw, json) Hash identifier: CmChTKrAV3FJ+AxP/ErWP6TnCWveuU5RU+OLQk5y6EA= Subject key identifier: 07:53:F4:41:E7:5F:46:A0:7F:BA:50:B0:DB:61:E1:C4:F7:E9:0C:29 Authority key identifier: D5:FA:33:63:34:F9:9A:E3:63:EA:58:67:D2:8E:8A:50:23:1E:42:20 Certificate issuer: /CN=A915F2B8/serialNumber=D5FA336334F99AE363EA5867D28E8A50231E4220 Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft Manifest number: 013A Signing time: Wed 27 Nov 2024 02:47:36 +0000 Manifest this update: Wed 27 Nov 2024 02:47:36 +0000 Manifest next update: Wed 04 Dec 2024 02:47:36 +0000 Files and hashes: 1: 1fozYzT5muNj6lhn0o6KUCMeQiA.crl (hash: eZbZ5GVlmnZ4H05GaTf6tqKSFtSkDWOfQxm91GVG+e0=) 2: 207C45B0CC2F11EDABE25F72C4F9AE02.roa (hash: 2eqS5cjF9sa6KMzGcQfKPVCA5SVXZZKPARO3qSqHB6Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.crl rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Dec 2024 02:47:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915F2B8/serialNumber=D5FA336334F99AE363EA5867D28E8A50231E4220 Validity Not Before: Nov 27 02:47:36 2024 GMT Not After : Dec 4 02:47:36 2024 GMT Subject: CN=67468848-89c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:14:8e:fd:13:7e:c6:22:06:4a:2a:73:c6:a9: fb:e1:5a:bf:e2:65:d4:1d:1a:59:1c:05:f6:54:10: f3:c1:2d:a0:d2:48:3b:b0:11:15:5a:a7:60:94:bb: 4e:23:c4:4d:74:10:e6:88:7d:ce:0c:01:72:17:a3: 2f:65:ca:7a:6a:8b:99:75:7d:68:b7:e1:b4:37:2f: 91:a5:2f:27:a6:c6:77:64:d9:45:71:6f:f6:e3:c7: ae:27:31:25:31:d8:f1:1b:5e:14:94:fc:f8:37:62: 6c:57:8a:ee:04:d4:1c:39:a8:60:1e:0f:68:b3:92: 75:4b:51:55:8a:7d:06:5b:8a:c1:56:fb:0d:c2:1a: c9:8b:7c:80:71:82:d1:16:db:46:4c:d4:3f:f2:c0: aa:b7:14:00:85:0e:9e:a7:9b:1e:6a:bc:0f:f1:e5: e9:14:88:50:80:eb:5f:50:a0:b7:94:ae:aa:3b:e9: a2:50:bf:fa:ff:43:e1:96:1c:01:fb:ae:6b:6b:48: 47:7b:08:3d:c5:37:13:54:84:23:d9:f5:c6:d7:de: 42:74:37:96:24:e9:c0:64:6f:b2:f1:62:d2:a3:51: fd:b9:62:7d:29:9b:b0:e0:95:f4:72:f5:96:6b:26: 39:5c:e6:f5:94:1b:7d:55:10:41:93:9c:71:bd:12: b0:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:53:F4:41:E7:5F:46:A0:7F:BA:50:B0:DB:61:E1:C4:F7:E9:0C:29 X509v3 Authority Key Identifier: keyid:D5:FA:33:63:34:F9:9A:E3:63:EA:58:67:D2:8E:8A:50:23:1E:42:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fozYzT5muNj6lhn0o6KUCMeQiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F2B8/2F17608ACC2C11EDB9860571C4F9AE02/1fozYzT5muNj6lhn0o6KUCMeQiA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:84:b5:40:71:d8:b5:2f:32:6c:a2:5c:d2:02:93:c1:17:01: c0:86:37:59:b7:61:5f:3c:db:66:c9:98:b5:fc:36:af:4e:16: dc:86:2a:41:d6:02:28:d9:e7:5f:bb:20:be:17:17:12:37:aa: f8:78:6f:0c:da:5e:c5:45:f6:49:d3:78:53:a1:e8:4b:4a:79: 0a:2b:a3:fb:63:33:86:83:97:f8:9a:3c:33:83:b4:79:52:30: 01:34:1f:23:12:30:c8:1e:a1:66:a2:06:ef:b1:9d:50:03:62: 6b:9e:ed:06:35:43:11:58:d7:11:ac:98:50:9b:d0:df:f7:70: 8d:b4:07:97:17:5f:76:1b:73:e4:56:01:25:71:f7:3d:13:33: 89:06:e5:7d:b8:f9:79:63:8d:54:06:6b:de:36:a0:b3:c6:20: f9:3c:72:94:1a:c5:3f:47:aa:39:ab:5e:a8:d0:54:83:67:af: 5e:02:c9:45:f1:05:43:3d:78:e2:3d:84:80:c2:8b:fa:f7:27: 7f:8e:6e:7e:3a:11:02:47:5c:b1:37:08:72:48:f1:e1:37:a9: 47:ae:01:63:8d:96:83:56:43:6e:82:2f:66:8c:bf:77:de:77: c7:2e:ff:7a:07:17:16:85:f6:c5:1e:b8:86:d9:d6:58:bc:4c: f3:aa:22:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUYyQjgxMTAvBgNVBAUTKEQ1RkEzMzYzMzRGOTlBRTM2M0VBNTg2N0QyOEU4QTUw MjMxRTQyMjAwHhcNMjQxMTI3MDI0NzM2WhcNMjQxMjA0MDI0NzM2WjAYMRYwFAYD VQQDEw02NzQ2ODg0OC04OWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxSO/RN+xiIGSipzxqn74Vq/4mXUHRpZHAX2VBDzwS2g0kg7sBEVWqdglLtO I8RNdBDmiH3ODAFyF6MvZcp6aouZdX1ot+G0Ny+RpS8npsZ3ZNlFcW/248euJzEl MdjxG14UlPz4N2JsV4ruBNQcOahgHg9os5J1S1FVin0GW4rBVvsNwhrJi3yAcYLR FttGTNQ/8sCqtxQAhQ6ep5searwP8eXpFIhQgOtfUKC3lK6qO+miUL/6/0PhlhwB +65ra0hHewg9xTcTVIQj2fXG195CdDeWJOnAZG+y8WLSo1H9uWJ9KZuw4JX0cvWW ayY5XOb1lBt9VRBBk5xxvRKwGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAdT9EHn X0agf7pQsNth4cT36QwpMB8GA1UdIwQYMBaAFNX6M2M0+ZrjY+pYZ9KOilAjHkIg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RjJCOC8yRjE3NjA4QUND MkMxMUVEQjk4NjA1NzFDNEY5QUUwMi8xZm96WXpUNW11Tmo2bGhuMG82S1VDTWVR aUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFmb3pZelQ1bXVOajZsaG4wbzZLVUNNZVFpQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RjJCOC8yRjE3NjA4QUNDMkMxMUVEQjk4NjA1NzFDNEY5QUUwMi8xZm96WXpUNW11 Tmo2bGhuMG82S1VDTWVRaUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnhLVAcdi1LzJsolzSApPBFwHAhjdZt2FfPNtmyZi1/DavThbchipB 1gIo2edfuyC+FxcSN6r4eG8M2l7FRfZJ03hToehLSnkKK6P7YzOGg5f4mjwzg7R5 UjABNB8jEjDIHqFmogbvsZ1QA2Jrnu0GNUMRWNcRrJhQm9Df93CNtAeXF192G3Pk VgElcfc9EzOJBuV9uPl5Y41UBmveNqCzxiD5PHKUGsU/R6o5q16o0FSDZ69eAslF 8QVDPXjiPYSAwov69yd/jm5+OhECR1yxNwhySPHhN6lHrgFjjZaDVkNugi9mjL93 3nfHLv96BxcWhfbFHriG2dZYvEzzqiLZ -----END CERTIFICATE-----Generated at Wed Nov 27 04:02:59 2024 by rpki-client on console-fra.rpki-client.org