$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: 4HRkdxJwgIGnL661yMgCuJalLY3XP6/hQ8geEKTfHg4= Subject key identifier: F9:B3:2F:B1:6D:AA:9C:D8:16:CD:8A:FC:C1:DD:BA:56:36:E0:A6:6E Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 0FFA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 2241 Signing time: Tue 30 Apr 2024 17:53:14 +0000 Manifest this update: Tue 30 Apr 2024 17:53:13 +0000 Manifest next update: Tue 07 May 2024 17:53:13 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: GSCBgeADNaETEyFjy3s+qwZor1bGhjlHlmp3Twq/UO8=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: BqRiYiKR+dnXs8JO0fznQNab+fZpSZjQtALTInUxNfo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 17:53:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4090 (0xffa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Apr 30 17:53:13 2024 GMT Not After : May 7 17:53:13 2024 GMT Subject: CN=66313009-c865 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:21:36:c7:cf:6f:da:f5:df:b2:57:df:c1:23: fe:b2:d2:db:e7:7e:e9:a0:ef:7f:1c:30:97:e2:b8: 3f:91:b9:8a:b0:c9:bc:66:83:f3:e1:83:95:ee:b4: 6c:76:ac:3f:76:18:12:08:72:3f:ea:37:8a:16:1c: 37:42:4a:af:58:56:2a:0a:c0:ec:4c:59:4a:c6:29: df:6f:e1:c3:b1:f9:b5:46:40:e8:8a:ef:d1:a5:2f: 9f:ef:8e:e9:50:b0:9e:a7:fc:0c:c3:c5:64:32:4a: bc:ac:e0:fe:44:0c:02:03:7b:e0:21:dd:fd:fd:29: 9d:bb:df:c4:e4:3e:24:7e:19:6c:b7:54:97:c1:cd: 8e:3d:9d:14:f2:b3:9e:36:6e:b6:8e:9e:75:e6:f7: eb:87:a2:ab:75:74:0c:4a:c3:4e:38:a4:5a:42:66: b0:ab:52:21:9b:c9:87:23:6e:5e:10:75:d8:58:bd: 4f:13:5f:52:07:e6:c1:d5:22:09:97:3b:c4:df:84: 40:37:53:22:3d:50:f8:aa:87:4f:da:b1:3d:39:93: 3f:e7:19:b9:9b:b2:55:5f:1d:ac:43:c1:ed:ec:77: bf:5b:81:87:40:4f:b7:af:0d:6d:e7:9f:f7:03:20: 2e:06:f2:85:b6:45:0b:1f:44:2a:1c:01:52:0a:a2: 03:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B3:2F:B1:6D:AA:9C:D8:16:CD:8A:FC:C1:DD:BA:56:36:E0:A6:6E X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:e7:4e:75:26:af:07:39:4b:62:af:98:bb:df:b4:64:c1:4c: 76:af:b8:03:ed:84:ec:b0:d2:9e:bd:c9:20:e7:a6:e3:61:8b: f7:df:46:22:20:04:9f:6d:6d:b0:a0:b1:6b:d0:a3:c9:e7:02: e8:49:79:ff:e5:48:85:aa:e5:28:1d:e4:e1:cb:9e:ef:67:4b: 3a:8a:fa:51:1d:c9:13:68:0d:ae:4a:8a:05:56:58:e8:7f:66: 4e:8e:dd:6d:5e:6e:11:93:a3:f9:c4:08:1f:47:78:d5:aa:06: 29:26:d0:db:46:a0:2d:f9:19:cb:5e:02:34:a2:b9:da:7c:38: 06:6d:af:05:5b:aa:b9:2d:97:df:f2:f1:6b:37:b8:c7:90:fb: 0e:75:4d:52:76:97:e2:bb:54:c8:76:63:e2:27:41:6f:65:de: d5:09:de:24:c8:4b:d7:6f:22:95:e6:19:55:6b:43:66:1a:b7: 9e:bf:07:78:8d:8f:47:22:26:3d:8e:d1:85:94:91:b1:5b:d9: b8:26:07:ff:0d:95:74:36:78:15:15:c5:62:e8:d3:87:87:6f: 2d:11:8a:7f:6e:02:05:5d:19:cd:52:6b:e3:a6:5c:69:33:39: 0a:74:69:07:cb:da:fb:4e:51:a8:27:99:92:90:4c:d1:5b:55: b4:da:73:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjQwNDMwMTc1MzEzWhcNMjQwNTA3MTc1MzEzWjAYMRYwFAYD VQQDEw02NjMxMzAwOS1jODY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsSE2x89v2vXfslffwSP+stLb537poO9/HDCX4rg/kbmKsMm8ZoPz4YOV7rRs dqw/dhgSCHI/6jeKFhw3QkqvWFYqCsDsTFlKxinfb+HDsfm1RkDoiu/RpS+f747p ULCep/wMw8VkMkq8rOD+RAwCA3vgId39/Smdu9/E5D4kfhlst1SXwc2OPZ0U8rOe Nm62jp515vfrh6KrdXQMSsNOOKRaQmawq1Ihm8mHI25eEHXYWL1PE19SB+bB1SIJ lzvE34RAN1MiPVD4qodP2rE9OZM/5xm5m7JVXx2sQ8Ht7He/W4GHQE+3rw1t55/3 AyAuBvKFtkULH0QqHAFSCqIDSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPmzL7Ft qpzYFs2K/MHdulY24KZuMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCX5051Jq8HOUtir5i737RkwUx2r7gD7YTssNKevckg56bjYYv330Yi IASfbW2woLFr0KPJ5wLoSXn/5UiFquUoHeThy57vZ0s6ivpRHckTaA2uSooFVljo f2ZOjt1tXm4Rk6P5xAgfR3jVqgYpJtDbRqAt+RnLXgI0ornafDgGba8FW6q5LZff 8vFrN7jHkPsOdU1Sdpfiu1TIdmPiJ0FvZd7VCd4kyEvXbyKV5hlVa0NmGreevwd4 jY9HIiY9jtGFlJGxW9m4Jgf/DZV0NngVFcVi6NOHh28tEYp/bgIFXRnNUmvjplxp MzkKdGkHy9r7TlGoJ5mSkEzRW1W02nMP -----END CERTIFICATE-----Generated at Tue Apr 30 19:21:22 2024 by rpki-client on console-ams.rpki-client.org