$ rpki-client -vvf rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft File: LRgGu3n37GppfLCmWiHlyxIv3nY.mft (raw, json) Hash identifier: mTGuBjdP70Tl7uyjP0uH8RYl77x7WhJRjFJjecA0zBQ= Subject key identifier: A6:12:A5:71:41:F8:14:71:15:99:B1:10:B7:C6:B6:61:AC:9A:6B:2A Authority key identifier: 2D:18:06:BB:79:F7:EC:6A:69:7C:B0:A6:5A:21:E5:CB:12:2F:DE:76 Certificate issuer: /CN=A9165A58/serialNumber=2D1806BB79F7EC6A697CB0A65A21E5CB122FDE76 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft Manifest number: 20 Signing time: Sat 23 Nov 2024 05:47:38 +0000 Manifest this update: Sat 23 Nov 2024 05:47:38 +0000 Manifest next update: Sat 30 Nov 2024 05:47:38 +0000 Files and hashes: 1: LRgGu3n37GppfLCmWiHlyxIv3nY.crl (hash: 4OA36jVlhMq4wd3uHn88560NpJLLRxSS6TULha7L/+0=) 2: BDBEED967C0011EFB63C7076C4F9AE02.roa (hash: Nz2FGej23dIiDwRtV6Sp50mpW+TP9HnxQFOScAwf8wk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.crl rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165A58/serialNumber=2D1806BB79F7EC6A697CB0A65A21E5CB122FDE76 Validity Not Before: Nov 23 05:47:38 2024 GMT Not After : Nov 30 05:47:38 2024 GMT Subject: CN=67416c7a-94d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fa:3d:00:9a:08:9f:2e:da:d9:69:10:59:fd: cc:f3:e0:14:e2:f7:06:6f:81:38:b7:08:65:7b:0b: a1:a9:dc:f4:3c:74:90:fd:ac:04:4f:9a:98:05:6b: 8d:43:3f:94:34:af:8b:fe:e1:ce:20:81:26:a8:8d: 48:c0:26:2f:76:3b:f6:d5:e7:50:dc:4e:2a:b8:67: 6b:09:5f:34:fa:b5:64:a9:0c:ef:ee:05:2d:36:70: 72:d1:14:5f:20:ef:39:e5:66:a0:47:c8:db:ee:95: 3a:89:00:60:9a:34:6f:7b:e9:a9:f8:29:5e:83:ad: 9d:fa:4b:d9:e1:d4:47:b2:1a:3c:d8:bf:d0:4c:54: d6:04:40:ea:f1:ca:b6:68:ce:34:79:71:12:c5:fe: 66:4f:59:a8:ae:49:78:51:d9:96:a4:5b:19:fa:dd: b8:ec:58:e7:03:eb:dc:f1:88:f3:97:a2:c5:df:b8: 3c:db:23:2d:be:21:eb:89:af:0b:6f:8f:ae:22:b5: d5:70:a7:ce:2b:4d:4a:f5:aa:6b:62:76:ba:04:29: 0c:5a:47:d2:c4:dd:ec:e3:dd:fd:59:36:fd:d3:c2: 56:76:87:5b:db:d0:7f:b9:89:ea:60:9a:12:db:b3: e3:67:ad:42:6f:4d:58:4e:16:de:bc:dc:7e:87:de: 65:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:12:A5:71:41:F8:14:71:15:99:B1:10:B7:C6:B6:61:AC:9A:6B:2A X509v3 Authority Key Identifier: keyid:2D:18:06:BB:79:F7:EC:6A:69:7C:B0:A6:5A:21:E5:CB:12:2F:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LRgGu3n37GppfLCmWiHlyxIv3nY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165A58/DF694BA67BFD11EFA7B8EB5CC4F9AE02/LRgGu3n37GppfLCmWiHlyxIv3nY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:7f:69:11:96:4d:51:f9:22:1b:26:80:25:cb:01:90:86:4b: 5f:89:ca:cd:aa:5d:3f:aa:36:1e:81:42:6d:2e:c4:15:25:9a: 0d:db:66:4f:64:d4:5a:94:70:82:25:ee:0e:1c:68:ea:b6:b1: ce:39:81:12:e1:ee:8b:71:42:64:c9:ac:66:75:0a:d3:4c:0f: 30:a7:f5:af:e6:cd:85:fb:18:e8:ef:c8:1d:11:eb:2a:cc:e6: 42:d4:7f:61:a3:63:47:5c:dc:1e:3f:5b:5d:e2:9c:61:0e:12: f9:33:82:f1:f3:ff:63:2a:08:5c:c8:04:49:0a:67:77:64:09: 15:fe:98:85:f5:b8:dd:92:8f:90:f3:e1:48:e7:07:e0:93:88: cb:3b:98:5d:14:f3:49:65:b7:4b:48:ba:1f:6c:57:c2:12:19: 3f:00:38:3b:64:dc:65:67:ed:5d:ec:11:98:a6:ae:77:01:c6: 92:18:91:0b:86:9a:3f:de:00:ef:60:c5:40:dc:9f:ed:de:6c: b0:17:1e:a7:fa:e5:b0:c9:8e:5c:e6:74:81:2c:ed:cd:88:6d: 8a:81:d8:fb:13:0b:dd:14:5f:b5:62:8f:d2:bd:db:bd:ab:17: ca:de:bc:81:0c:70:01:33:e2:60:7a:b4:3e:a6:3b:02:0f:af: 24:36:85:e8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NUE1ODExMC8GA1UEBRMoMkQxODA2QkI3OUY3RUM2QTY5N0NCMEE2NUEyMUU1Q0Ix MjJGREU3NjAeFw0yNDExMjMwNTQ3MzhaFw0yNDExMzAwNTQ3MzhaMBgxFjAUBgNV BAMTDTY3NDE2YzdhLTk0ZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCq+j0AmgifLtrZaRBZ/czz4BTi9wZvgTi3CGV7C6Gp3PQ8dJD9rARPmpgFa41D P5Q0r4v+4c4ggSaojUjAJi92O/bV51DcTiq4Z2sJXzT6tWSpDO/uBS02cHLRFF8g 7znlZqBHyNvulTqJAGCaNG976an4KV6DrZ36S9nh1EeyGjzYv9BMVNYEQOrxyrZo zjR5cRLF/mZPWaiuSXhR2ZakWxn63bjsWOcD69zxiPOXosXfuDzbIy2+IeuJrwtv j64itdVwp84rTUr1qmtidroEKQxaR9LE3ezj3f1ZNv3TwlZ2h1vb0H+5iepgmhLb s+NnrUJvTVhOFt683H6H3mVbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUphKlcUH4 FHEVmbEQt8a2YayaayowHwYDVR0jBBgwFoAULRgGu3n37GppfLCmWiHlyxIv3nYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1QTU4L0RGNjk0QkE2N0JG RDExRUZBN0I4RUI1Q0M0RjlBRTAyL0xSZ0d1M24zN0dwcGZMQ21XaUhseXhJdjNu WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTFJnR3UzbjM3R3BwZkxDbVdpSGx5eEl2M25ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1 QTU4L0RGNjk0QkE2N0JGRDExRUZBN0I4RUI1Q0M0RjlBRTAyL0xSZ0d1M24zN0dw cGZMQ21XaUhseXhJdjNuWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD5/aRGWTVH5IhsmgCXLAZCGS1+Jys2qXT+qNh6BQm0uxBUlmg3bZk9k 1FqUcIIl7g4caOq2sc45gRLh7otxQmTJrGZ1CtNMDzCn9a/mzYX7GOjvyB0R6yrM 5kLUf2GjY0dc3B4/W13inGEOEvkzgvHz/2MqCFzIBEkKZ3dkCRX+mIX1uN2Sj5Dz 4UjnB+CTiMs7mF0U80llt0tIuh9sV8ISGT8AODtk3GVn7V3sEZimrncBxpIYkQuG mj/eAO9gxUDcn+3ebLAXHqf65bDJjlzmdIEs7c2IbYqB2PsTC90UX7Vij9K9272r F8revIEMcAEz4mB6tD6mOwIPryQ2heg= -----END CERTIFICATE-----Generated at Sat Nov 23 07:31:30 2024 by rpki-client on console-fra.rpki-client.org