$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: YlQLErZODyruXp+D7jSRM5l11H1Q79tFyvdZ9uGtmJA= Subject key identifier: 5E:67:5E:32:AF:6C:38:0A:11:F1:68:EC:78:AA:8A:0D:43:85:59:8E Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 0E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 0C Signing time: Thu 21 Nov 2024 06:10:56 +0000 Manifest this update: Thu 21 Nov 2024 06:10:56 +0000 Manifest next update: Thu 28 Nov 2024 06:10:56 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 8ic1kkxwjpHxiqMNrcypHWG8lGj5Rng1L2/OysdjaWY=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Nov 21 06:10:56 2024 GMT Not After : Nov 28 06:10:56 2024 GMT Subject: CN=673ecef0-135e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:76:70:18:cf:58:1c:d4:66:da:29:7f:b7:da: 82:80:86:60:af:94:e8:35:39:42:cc:79:1a:6a:20: 58:da:06:89:8e:fb:42:92:37:45:35:79:62:c6:f8: 62:69:be:4b:ff:4b:69:d8:03:d7:1a:c1:7a:77:af: 97:f6:46:60:80:16:02:a9:1b:1f:a7:b3:2e:4e:81: bf:5a:d3:3d:bb:57:34:30:d7:8c:be:6b:29:6f:47: 29:11:1a:38:c4:37:c9:f3:ba:6d:de:1e:18:1a:82: 10:08:fe:78:1b:37:89:54:b4:3f:ee:65:e6:46:db: 9b:d8:3a:6e:56:f3:5f:22:e9:76:90:e9:5c:e0:ca: 1d:fe:a6:82:83:e9:7d:63:73:be:9e:50:67:73:44: d0:da:7f:ca:cd:0d:85:da:10:d4:9d:3f:9c:65:d7: f8:d9:6e:46:1c:71:10:30:80:59:93:f4:74:99:7e: 3f:54:ee:65:8c:50:f2:6f:66:b1:74:dc:71:ff:24: e6:fe:9b:80:95:d0:a4:61:51:d8:d0:44:02:9c:35: 46:2b:87:a9:9c:30:65:ce:2b:56:27:32:b8:8f:a1: 07:6d:86:97:52:28:41:08:06:88:4e:00:a5:73:4c: 10:c4:9f:09:a0:4e:fe:f6:cf:b4:77:e5:a1:ce:e5: 7d:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:67:5E:32:AF:6C:38:0A:11:F1:68:EC:78:AA:8A:0D:43:85:59:8E X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:26:b5:a5:74:89:54:bb:4a:aa:cb:01:6c:0a:5c:8d:30:3f: 6e:4c:27:7d:7b:d3:c3:99:e6:96:6d:1d:03:50:d1:6c:58:fe: 00:a8:ab:bf:ff:d7:a9:e6:9c:68:26:08:5c:2d:98:3e:c0:90: 6a:9b:08:5b:dc:84:fc:ca:17:f3:20:f0:e1:a3:a6:ec:a4:43: a2:b1:02:da:88:9b:28:12:e2:44:74:bb:b0:81:9b:40:36:02: 0d:1e:82:81:64:14:63:51:3d:3b:e5:97:4a:23:ed:a7:88:87: c1:c0:69:89:e0:fe:e2:ed:5f:04:f7:2d:90:97:25:da:88:f6: c2:87:48:c0:09:cf:45:da:ce:3d:82:f4:21:bc:40:5e:92:00: 29:43:1a:94:24:e7:28:28:58:27:90:ac:c9:15:1b:f0:23:ea: 76:54:cc:90:64:49:62:b6:33:2c:2c:c6:fa:88:3d:b0:e7:bf: c7:44:9e:2c:52:96:79:e8:9a:8b:27:7b:21:be:ac:d4:da:38: c6:6e:9f:15:aa:e3:4c:1a:d1:53:04:3f:de:5e:c2:a7:5c:ca: 33:bd:9d:9e:45:5f:db:4d:d9:b4:0e:f5:76:d4:92:18:8b:c7: fc:1b:77:0d:1e:85:18:16:ef:48:15:9b:a8:89:85:84:3a:f6: a8:65:84:6e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNDExMjEwNjEwNTZaFw0yNDExMjgwNjEwNTZaMBgxFjAUBgNV BAMTDTY3M2VjZWYwLTEzNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRdnAYz1gc1GbaKX+32oKAhmCvlOg1OULMeRpqIFjaBomO+0KSN0U1eWLG+GJp vkv/S2nYA9cawXp3r5f2RmCAFgKpGx+nsy5Ogb9a0z27VzQw14y+aylvRykRGjjE N8nzum3eHhgaghAI/ngbN4lUtD/uZeZG25vYOm5W818i6XaQ6Vzgyh3+poKD6X1j c76eUGdzRNDaf8rNDYXaENSdP5xl1/jZbkYccRAwgFmT9HSZfj9U7mWMUPJvZrF0 3HH/JOb+m4CV0KRhUdjQRAKcNUYrh6mcMGXOK1YnMriPoQdthpdSKEEIBohOAKVz TBDEnwmgTv72z7R35aHO5X2pAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXmdeMq9s OAoR8WjseKqKDUOFWY4wHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKkmtaV0iVS7SqrLAWwKXI0wP25MJ31708OZ5pZtHQNQ0WxY/gCoq7// 16nmnGgmCFwtmD7AkGqbCFvchPzKF/Mg8OGjpuykQ6KxAtqImygS4kR0u7CBm0A2 Ag0egoFkFGNRPTvll0oj7aeIh8HAaYng/uLtXwT3LZCXJdqI9sKHSMAJz0Xazj2C 9CG8QF6SAClDGpQk5ygoWCeQrMkVG/Aj6nZUzJBkSWK2MywsxvqIPbDnv8dEnixS lnnomosneyG+rNTaOMZunxWq40wa0VMEP95ewqdcyjO9nZ5FX9tN2bQO9XbUkhiL x/wbdw0ehRgW70gVm6iJhYQ69qhlhG4= -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:06 2024 by rpki-client on console-ams.rpki-client.org