$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: 32Kmn56ks6R/MoSwQm2BkJS5MFqPQkJhbOnPXkvbVGc= Subject key identifier: B3:0B:04:8D:5C:02:C3:A8:5D:20:6F:F6:09:76:1D:90:CC:61:13:D8 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1CBD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1C53 Signing time: Wed 20 Nov 2024 16:11:21 +0000 Manifest this update: Wed 20 Nov 2024 16:11:20 +0000 Manifest next update: Wed 27 Nov 2024 16:11:20 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: j35JW+dkpMwm3f13KbJKY5zQcY/MGVCMa1U8cdB7tV0=) 2: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: 7ejHexwU58Vd/6AhEj3R11Z55i5VPsu0+3DBnr8HpKI=) 3: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 4: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 5: 646703648A2411EF98CFF955C4F9AE02.roa (hash: wTjZVM548Wrh9y0svyoOrwDzYCRd/yXq2seB9OWoYhQ=) 6: A147FB6E991311EFB7BB5354C4F9AE02.roa (hash: wVeNSsmPeOOl8spUoRVrZWh+Hcs1x8Fi4c/dzbGxgfg=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: 8IA0ohDjbOIDbTIwzd4DAazOGIPH0d9I4v3XbQLDu3w=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: 9EFBD8C8906011EF851EF771C4F9AE02.roa (hash: 73mYITc/mJTokoVqMFJPYjjSwQTtaUdiJr58Vvd3cIw=) 10: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 11: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: rM2HcTN6YD/Z+cCFcZeuxrJ7Jgv3YiMIlsdFtNQfr2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:11:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7357 (0x1cbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Nov 20 16:11:20 2024 GMT Not After : Nov 27 16:11:20 2024 GMT Subject: CN=673e0a29-0312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:08:f0:62:45:eb:5a:53:a4:17:5a:58:82:15: 18:05:d2:1c:b6:46:c1:3b:1b:ef:7b:4c:34:73:de: 20:26:94:b3:a2:37:a5:bb:91:ea:fa:dc:42:34:1f: 99:79:f9:31:44:f4:b6:cc:72:7c:62:d1:f2:ea:c8: 83:f9:7d:a1:8e:bf:2f:a6:cb:2b:40:c5:33:a6:de: 8f:42:ad:26:94:8f:26:97:37:0f:62:51:70:ed:16: 20:e7:35:83:14:bd:40:3b:02:aa:96:4d:35:c2:50: b0:be:e8:09:c0:0f:c2:1d:3f:30:7a:af:c1:99:b5: b4:ec:7a:44:33:11:f7:2b:c4:ea:2b:37:e8:ea:0f: 89:78:0b:43:35:b5:14:f3:f1:19:08:f0:fa:bb:17: 4b:41:a9:12:14:d2:95:12:81:08:db:b3:41:9c:87: ba:0a:d9:d7:cb:72:5a:cc:f4:29:1c:33:60:41:df: 05:b8:eb:22:28:c7:9d:59:1f:8a:a8:d9:8b:a3:2e: e8:53:2d:8d:e5:41:db:6c:da:d5:f4:12:18:55:d6: 8f:73:ef:ac:60:8c:d5:64:18:96:21:21:aa:4d:fe: c7:fb:13:93:79:94:fa:9f:70:50:9e:83:dc:c4:aa: 32:b4:66:00:fd:4d:76:58:eb:c9:5f:30:36:c7:c2: 2e:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:0B:04:8D:5C:02:C3:A8:5D:20:6F:F6:09:76:1D:90:CC:61:13:D8 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:38:3d:74:cb:9b:2d:77:62:0d:78:66:ee:2b:e8:db:c5:9b: b3:49:ed:e4:16:e1:2d:f4:44:ce:e8:6d:e4:9a:9c:5b:a3:29: c5:0f:1c:5d:d3:e0:03:9f:85:bb:67:94:d4:22:e2:7e:99:fd: 2b:fb:ee:94:20:38:14:f7:6b:3a:5f:45:45:45:8b:dd:d7:79: 1d:9a:9b:0f:cb:3a:98:bf:66:05:d1:a8:9e:c9:d8:79:03:be: ca:2f:18:93:9b:83:70:86:07:2a:5f:f2:0f:98:01:a1:50:19: 89:82:c2:06:11:3a:0e:70:e8:ee:2f:b1:8b:38:6d:25:73:46: 66:34:47:ff:11:6a:cd:9a:0e:0a:99:cf:eb:55:3d:cc:89:29: c0:8a:46:d0:29:f5:09:e3:d8:6e:8d:e7:98:4a:7f:23:9d:0c: 06:b3:a0:66:f2:72:6c:9c:21:bb:39:3b:d2:2f:a7:5e:4e:81: 00:0d:e8:2e:78:8e:0d:8b:b6:f3:e3:ee:e7:91:46:0f:60:4b: d5:e7:0a:9e:6b:a1:59:8d:8a:5e:88:16:04:44:d1:07:57:85: 92:f3:dc:3f:2c:b0:b7:89:2f:04:8d:18:6c:10:35:5d:82:0f: 9c:3a:92:7e:b1:f7:a1:2d:a7:6a:e8:f0:c9:90:b8:18:78:3b: 34:0f:c1:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjQxMTIwMTYxMTIwWhcNMjQxMTI3MTYxMTIwWjAYMRYwFAYD VQQDEw02NzNlMGEyOS0wMzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoQjwYkXrWlOkF1pYghUYBdIctkbBOxvve0w0c94gJpSzojelu5Hq+txCNB+Z efkxRPS2zHJ8YtHy6siD+X2hjr8vpssrQMUzpt6PQq0mlI8mlzcPYlFw7RYg5zWD FL1AOwKqlk01wlCwvugJwA/CHT8weq/BmbW07HpEMxH3K8TqKzfo6g+JeAtDNbUU 8/EZCPD6uxdLQakSFNKVEoEI27NBnIe6CtnXy3JazPQpHDNgQd8FuOsiKMedWR+K qNmLoy7oUy2N5UHbbNrV9BIYVdaPc++sYIzVZBiWISGqTf7H+xOTeZT6n3BQnoPc xKoytGYA/U12WOvJXzA2x8IupQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLMLBI1c AsOoXSBv9gl2HZDMYRPYMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPOD10y5std2INeGbuK+jbxZuzSe3kFuEt9ETO6G3kmpxboynFDxxd 0+ADn4W7Z5TUIuJ+mf0r++6UIDgU92s6X0VFRYvd13kdmpsPyzqYv2YF0aieydh5 A77KLxiTm4NwhgcqX/IPmAGhUBmJgsIGEToOcOjuL7GLOG0lc0ZmNEf/EWrNmg4K mc/rVT3MiSnAikbQKfUJ49hujeeYSn8jnQwGs6Bm8nJsnCG7OTvSL6deToEADegu eI4Ni7bz4+7nkUYPYEvV5wqea6FZjYpeiBYERNEHV4WS89w/LLC3iS8EjRhsEDVd gg+cOpJ+sfehLadq6PDJkLgYeDs0D8FF -----END CERTIFICATE-----Generated at Wed Nov 20 18:45:00 2024 by rpki-client on console-fra.rpki-client.org