$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft File: cI8eBxM4VcgHTu1fjIO0RmpgesI.mft (raw, json) Hash identifier: PeiJRnZcQihXmwpze3S4pozpALHpAjidDDkpU8eg/K4= Subject key identifier: 79:B2:79:71:68:76:EB:C2:86:05:9A:D4:C7:DE:01:C0:C5:97:2B:80 Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: A7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft Manifest number: A5 Signing time: Thu 21 Nov 2024 04:21:29 +0000 Manifest this update: Thu 21 Nov 2024 04:21:28 +0000 Manifest next update: Thu 28 Nov 2024 04:21:28 +0000 Files and hashes: 1: cI8eBxM4VcgHTu1fjIO0RmpgesI.crl (hash: OFGMBRGd5+JjTCkQcAK7ZnN7mAKytfRqWfUppNeR9mQ=) 2: BFC0298670DC11EF8B65D95AC4F9AE02.roa (hash: xXgZmTOjB2R5QXQ+RZB2yUg6+3TlEC2Vj8vF4e6Tnwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 167 (0xa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Nov 21 04:21:28 2024 GMT Not After : Nov 28 04:21:28 2024 GMT Subject: CN=673eb548-52ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:99:0e:fc:9a:15:cb:e0:fe:17:fa:c5:dd:58: 18:32:b1:a4:8f:80:70:3e:0e:12:86:39:98:64:c9: 00:28:73:7e:55:1d:c1:66:4a:1f:bf:cc:0b:2c:85: da:2f:72:d0:80:86:a4:32:1e:52:f6:b6:6d:66:11: 73:b0:f0:b2:59:b8:63:fa:00:99:ac:a6:b7:f2:99: 13:1b:03:94:1c:2b:ca:e7:3c:e8:be:19:90:97:c6: fd:d0:eb:87:08:32:1e:73:8e:f3:77:b4:a9:17:ef: b7:50:80:43:ec:d6:1a:48:18:5b:c2:d3:e1:d9:d8: 75:fa:48:99:f3:2b:06:58:82:ed:db:7d:e9:3c:fa: 98:8d:94:16:54:9a:3f:67:9b:3c:f0:ff:ee:e6:28: 1d:64:33:a7:14:27:10:e4:84:57:25:18:3c:e2:93: 34:fb:d4:a9:bf:df:1f:fb:b3:7b:10:e8:a8:b2:8e: 0b:e6:56:56:cb:4f:e8:26:7a:35:55:08:e8:f9:2a: 16:81:6f:28:e3:b1:36:08:8a:0c:17:7a:0e:18:44: 90:b9:72:ae:18:c9:d1:bf:33:b7:c9:bb:81:f5:6d: ba:59:99:da:eb:cb:01:92:ff:63:8f:3a:7c:fc:6d: 71:f5:1f:ad:a0:b7:bd:7d:99:82:52:1e:e1:60:bf: 90:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:B2:79:71:68:76:EB:C2:86:05:9A:D4:C7:DE:01:C0:C5:97:2B:80 X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:f3:16:92:47:b9:96:87:f0:87:67:da:39:c1:79:bf:a5:88: 53:d8:06:db:2e:d9:e1:df:67:4f:1e:36:e2:61:0c:82:9e:13: 5d:14:21:07:27:53:b9:13:ae:8b:0a:66:59:77:ab:85:9f:60: ae:77:db:e8:0a:ae:72:61:51:d4:c1:cb:c9:96:86:e0:3b:24: ff:0f:6c:b4:03:1e:84:89:e3:6f:54:3f:50:a2:23:e5:31:a4: 55:4f:9b:03:02:43:6d:e7:14:39:77:7f:a8:ab:59:d8:9b:b6: 80:e5:a8:08:98:25:e7:d1:93:84:fb:d4:4d:fd:5a:a4:e5:da: 0f:40:a3:83:ef:81:b2:f6:6c:07:37:cb:eb:c6:d9:93:4e:6c: 59:38:da:c3:8d:22:c8:19:e3:c9:03:6d:ee:7e:1a:d2:f4:06: 08:ad:b2:d9:f3:82:65:6a:b5:96:91:85:6c:80:16:bf:81:4f: eb:76:02:ff:8d:bd:58:9f:f6:dc:77:7b:8a:26:7c:fd:54:ac: f0:79:1f:ac:d9:f8:55:dc:5a:73:f9:e3:78:cc:21:74:8c:be: 1b:ad:84:5b:77:d0:c3:d7:95:96:cc:67:4d:f4:6c:49:2b:cf: 8e:0a:ef:62:74:94:8e:bf:2d:87:c6:ee:b7:1a:a5:a8:8d:bb: cc:c0:51:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjQxMTIxMDQyMTI4WhcNMjQxMTI4MDQyMTI4WjAYMRYwFAYD VQQDEw02NzNlYjU0OC01MmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr5kO/JoVy+D+F/rF3VgYMrGkj4BwPg4ShjmYZMkAKHN+VR3BZkofv8wLLIXa L3LQgIakMh5S9rZtZhFzsPCyWbhj+gCZrKa38pkTGwOUHCvK5zzovhmQl8b90OuH CDIec47zd7SpF++3UIBD7NYaSBhbwtPh2dh1+kiZ8ysGWILt233pPPqYjZQWVJo/ Z5s88P/u5igdZDOnFCcQ5IRXJRg84pM0+9Spv98f+7N7EOioso4L5lZWy0/oJno1 VQjo+SoWgW8o47E2CIoMF3oOGESQuXKuGMnRvzO3ybuB9W26WZna68sBkv9jjzp8 /G1x9R+toLe9fZmCUh7hYL+QIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHmyeXFo duvChgWa1MfeAcDFlyuAMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZj Z0hUdTFmaklPMFJtcGdlc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDH8xaSR7mWh/CHZ9o5wXm/pYhT2AbbLtnh32dPHjbiYQyCnhNdFCEH J1O5E66LCmZZd6uFn2Cud9voCq5yYVHUwcvJlobgOyT/D2y0Ax6EieNvVD9QoiPl MaRVT5sDAkNt5xQ5d3+oq1nYm7aA5agImCXn0ZOE+9RN/Vqk5doPQKOD74Gy9mwH N8vrxtmTTmxZONrDjSLIGePJA23ufhrS9AYIrbLZ84JlarWWkYVsgBa/gU/rdgL/ jb1Yn/bcd3uKJnz9VKzweR+s2fhV3Fpz+eN4zCF0jL4brYRbd9DD15WWzGdN9GxJ K8+OCu9idJSOvy2Hxu63GqWojbvMwFE4 -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:06 2024 by rpki-client on console-ams.rpki-client.org