$ rpki-client -vvf rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft File: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft (raw, json) Hash identifier: 9TDXtru6RSbglb/15lXt0XIvfNi4p2bJfUsJWmH49EA= Subject key identifier: 1B:37:96:61:74:1A:5A:90:4F:52:95:B5:DB:66:55:C2:37:5F:F0:98 Authority key identifier: AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 Certificate issuer: /CN=A9172CE3/serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Certificate serial: 042D Authority info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft Manifest number: 0428 Signing time: Fri 22 Nov 2024 23:53:46 +0000 Manifest this update: Fri 22 Nov 2024 23:53:45 +0000 Manifest next update: Fri 29 Nov 2024 23:53:45 +0000 Files and hashes: 1: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl (hash: GqEFuw11aT1pMCPX01x1xgzH6H4Gy+8bmZaNQvJlcdM=) 2: 887BE0D0405D11ECA642D813C4F9AE02.roa (hash: F1QNCH1RoC6ZkUfmQLfZBiY5CIVlSxxGTrB6pens2Bw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1069 (0x42d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172CE3/serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Validity Not Before: Nov 22 23:53:45 2024 GMT Not After : Nov 29 23:53:45 2024 GMT Subject: CN=67411989-262a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fe:8a:23:41:15:de:f7:b2:dc:ed:3a:71:a9: aa:54:9d:65:72:2d:03:8d:0b:5a:14:0f:9b:a4:93: 16:56:79:58:a1:f0:a3:c0:f3:9f:36:cd:d4:35:b8: 8a:18:ff:89:b0:95:21:58:14:62:78:8c:8a:df:ee: c0:19:b7:74:e2:18:1b:62:30:0f:69:cc:61:5d:4d: 73:2d:bd:13:6d:6f:2f:4b:81:6a:22:fa:9e:ff:ea: ae:83:10:ff:3e:9a:52:27:75:21:77:11:5a:ae:51: 38:6b:30:5b:3c:18:7c:89:e1:75:05:43:76:45:30: bb:dc:38:7e:57:a7:e5:85:32:0a:d6:15:d3:2e:f3: 54:23:c7:7f:f5:22:a9:b2:88:bf:ad:81:58:63:65: d9:17:73:66:b3:d2:dd:31:35:0e:1e:ff:dd:99:84: e5:eb:eb:a4:b4:aa:1d:c4:57:7d:0e:0d:ad:34:50: 14:f0:48:3b:d1:55:6b:66:f0:fc:4c:6e:8a:ef:b9: a7:8f:c3:22:70:c4:6c:4c:b3:0c:ca:b6:9d:0e:aa: 22:85:46:59:55:3c:09:5c:42:29:a7:f2:42:c3:6f: c0:01:1e:8c:8b:d7:e1:45:2b:63:ff:2b:7d:7d:34: 39:4b:b5:53:dc:af:72:a0:c2:81:62:09:82:c9:2e: da:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:37:96:61:74:1A:5A:90:4F:52:95:B5:DB:66:55:C2:37:5F:F0:98 X509v3 Authority Key Identifier: keyid:AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:dc:82:c3:98:88:08:48:bc:bf:88:26:bf:8d:96:af:f3:3d: aa:9d:77:1a:6b:e6:3d:20:eb:12:e4:e7:30:04:7e:d5:7a:42: 0c:c7:66:80:8c:26:15:3e:a2:09:b0:b0:be:f1:4b:8e:42:86: e8:c4:1e:81:34:0f:66:50:dd:c2:e9:af:3c:96:b0:86:5f:b1: 08:a1:12:4f:95:f1:86:a6:68:a5:2f:e4:ce:a5:a2:c7:ee:cf: 6f:d3:9f:da:81:0a:ac:a3:c9:cc:cd:89:0c:2e:c5:f8:77:81: 91:d5:83:56:d8:6f:1e:54:84:11:12:4f:01:52:a3:19:8e:bb: a5:67:f7:69:c6:4f:47:5a:21:94:83:eb:a5:9b:39:1d:68:4b: f8:c4:54:85:e8:4c:17:df:a1:80:46:b3:c9:fc:70:39:d8:2f: 55:d6:39:e2:e2:6e:e7:4d:92:8a:90:f7:69:2c:e4:c0:f1:67: 82:13:2c:8d:d9:66:6b:94:61:b9:94:2a:f0:fe:b1:87:ef:c9: 10:34:e1:c3:12:d6:e9:f9:7f:4d:dd:da:23:f4:b9:5a:19:01: 9d:95:23:5c:33:f1:4d:79:3f:2c:e1:66:af:df:8b:9a:b2:79: 2a:64:31:06:89:ff:0a:ac:14:e4:a1:02:64:d6:93:4d:c7:2b: cd:14:52:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDRTMxMTAvBgNVBAUTKEFCQzZGQkE0Qjc4NDI4Mzg3OTE5MERDNzE3RTM0QjRD RDg4MkRBMDgwHhcNMjQxMTIyMjM1MzQ1WhcNMjQxMTI5MjM1MzQ1WjAYMRYwFAYD VQQDEw02NzQxMTk4OS0yNjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvP6KI0EV3vey3O06camqVJ1lci0DjQtaFA+bpJMWVnlYofCjwPOfNs3UNbiK GP+JsJUhWBRieIyK3+7AGbd04hgbYjAPacxhXU1zLb0TbW8vS4FqIvqe/+qugxD/ PppSJ3UhdxFarlE4azBbPBh8ieF1BUN2RTC73Dh+V6flhTIK1hXTLvNUI8d/9SKp soi/rYFYY2XZF3Nms9LdMTUOHv/dmYTl6+uktKodxFd9Dg2tNFAU8Eg70VVrZvD8 TG6K77mnj8MicMRsTLMMyradDqoihUZZVTwJXEIpp/JCw2/AAR6Mi9fhRStj/yt9 fTQ5S7VT3K9yoMKBYgmCyS7aeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBs3lmF0 GlqQT1KVtdtmVcI3X/CYMB8GA1UdIwQYMBaAFKvG+6S3hCg4eRkNxxfjS0zYgtoI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkNFMy81RDc4OTlGNDQw NTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtEaDVHUTNIRi1OTFROaUMy Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0MUZFNjEwMUQ2NjExRTJBNjJGODc3Qzcy RkQxRkYyL3E4YjdwTGVFS0RoNUdRM0hGLU5MVE5pQzJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkNFMy81RDc4OTlGNDQwNTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtE aDVHUTNIRi1OTFROaUMyZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZ3ILDmIgISLy/iCa/jZav8z2qnXcaa+Y9IOsS5OcwBH7VekIMx2aA jCYVPqIJsLC+8UuOQoboxB6BNA9mUN3C6a88lrCGX7EIoRJPlfGGpmilL+TOpaLH 7s9v05/agQqso8nMzYkMLsX4d4GR1YNW2G8eVIQREk8BUqMZjrulZ/dpxk9HWiGU g+ulmzkdaEv4xFSF6EwX36GARrPJ/HA52C9V1jni4m7nTZKKkPdpLOTA8WeCEyyN 2WZrlGG5lCrw/rGH78kQNOHDEtbp+X9N3doj9LlaGQGdlSNcM/FNeT8s4Wav34ua snkqZDEGif8KrBTkoQJk1pNNxyvNFFIQ -----END CERTIFICATE-----Generated at Sat Nov 23 00:49:35 2024 by rpki-client on console-fra.rpki-client.org