$ rpki-client -vvf rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.mft File: XOvYaFsXSV2z4edFmXn-hPBDg_I.mft (raw, json) Hash identifier: Ix0s7gsSM+7gW8FlAqSVti87zrH7oILy4OkqWLXTAkU= Subject key identifier: B5:83:83:B8:DE:76:66:91:72:D3:42:EA:DA:01:2B:B9:19:22:49:F3 Authority key identifier: 5C:EB:D8:68:5B:17:49:5D:B3:E1:E7:45:99:79:FE:84:F0:43:83:F2 Certificate issuer: /CN=A917C716/serialNumber=5CEBD8685B17495DB3E1E7459979FE84F04383F2 Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOvYaFsXSV2z4edFmXn-hPBDg_I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.mft Manifest number: 0228 Signing time: Sun 15 Sep 2024 05:11:52 +0000 Manifest this update: Sun 15 Sep 2024 05:11:51 +0000 Manifest next update: Sun 22 Sep 2024 05:11:51 +0000 Files and hashes: 1: XOvYaFsXSV2z4edFmXn-hPBDg_I.crl (hash: 8Q2UdQmfvWONrASLs8tTSDqFUHybgwH3f6sozwRL9L8=) 2: 48D1340C1E4B11EF91B1E611C4F9AE02.roa (hash: svT6qtzLSMx+UTK8XXgF9N/eQtu+nO8qycZ+vtRmD7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.crl rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOvYaFsXSV2z4edFmXn-hPBDg_I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Sep 2024 02:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C716/serialNumber=5CEBD8685B17495DB3E1E7459979FE84F04383F2 Validity Not Before: Sep 15 05:11:51 2024 GMT Not After : Sep 22 05:11:51 2024 GMT Subject: CN=66e66c97-5a39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:01:ad:5c:af:38:3a:ef:1e:ba:c2:65:57:d6: fb:cf:40:73:f3:92:8d:b3:a9:71:ef:25:ef:39:f7: 2b:89:5d:c9:21:34:50:fe:41:ca:5e:60:14:ac:6e: aa:9b:f6:24:8f:c4:cb:61:e3:95:03:56:7a:dd:29: e1:33:ff:91:87:06:09:8f:db:47:27:f2:10:c2:5b: a7:54:e6:32:e7:2f:f8:4f:fb:f0:90:70:3f:dd:bc: 01:54:67:18:5e:68:ec:d1:a6:1d:43:19:99:77:c5: 8e:f5:5a:d6:06:e1:ac:2e:79:ae:0d:2c:df:e2:c7: 77:b3:67:b6:9b:60:d1:35:27:b6:13:be:03:cd:3c: cd:d3:c8:49:f4:78:ee:4c:b5:d9:17:54:c2:9d:62: ab:98:6f:92:e7:9d:70:d4:d0:91:49:bc:a7:9d:92: bf:99:04:27:60:05:55:af:55:bb:c5:31:d4:89:8c: 8e:e1:67:81:38:0b:49:74:c0:e2:b2:a1:53:77:eb: 94:3c:aa:46:c8:91:c8:3e:9b:b6:3b:2d:d1:f2:21: ae:ed:d8:95:1f:a3:f5:2e:b9:53:b2:a7:93:c3:f9: ae:02:35:35:b8:ac:05:80:d8:06:bf:5b:a2:25:dd: 77:ca:14:ee:3e:4b:45:f8:9c:c5:c9:94:ac:16:02: 51:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:83:83:B8:DE:76:66:91:72:D3:42:EA:DA:01:2B:B9:19:22:49:F3 X509v3 Authority Key Identifier: keyid:5C:EB:D8:68:5B:17:49:5D:B3:E1:E7:45:99:79:FE:84:F0:43:83:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XOvYaFsXSV2z4edFmXn-hPBDg_I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/XOvYaFsXSV2z4edFmXn-hPBDg_I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:67:d2:14:97:74:5e:ba:26:07:1d:d2:11:11:5c:dd:1f:64: 07:a4:c7:81:2d:26:4a:75:53:04:8e:e8:d2:c1:6e:4b:e3:92: 33:0d:f5:bd:90:b8:d0:59:d7:33:95:a4:0d:74:13:cf:3e:7e: a8:0d:0b:bb:dc:1b:46:9b:27:35:2a:10:c7:f0:93:ba:db:57: d3:74:0a:84:65:1c:ef:a4:2f:72:35:9d:16:94:95:05:0d:21: 5f:8c:6b:a0:67:76:5a:e0:0c:cc:f0:ce:c8:bd:b0:bc:ba:cc: 49:1e:2a:08:0e:69:f4:df:a9:ab:6f:a4:a5:0e:56:9a:d6:18: a4:6c:bb:90:52:f1:f7:36:db:e2:14:d6:88:a5:cf:01:84:8d: 39:4a:50:a9:f0:31:74:21:70:df:ff:33:55:93:ae:bc:34:5a: de:a9:17:0a:c7:03:9c:8a:38:51:49:76:12:b7:32:00:c3:92: 14:77:bc:d4:a7:8e:7e:0c:25:be:88:c6:57:6c:81:32:46:15: c8:0c:05:55:ad:4e:7c:66:c7:73:6e:7f:88:f4:bc:69:cc:9d: 3e:a3:4c:84:33:41:4b:f5:87:80:2a:c8:95:29:82:44:87:bc: d0:a0:d9:2b:5b:02:f8:56:72:11:e7:16:b9:2b:69:73:c5:54: a0:7d:44:99 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzcxNjExMC8GA1UEBRMoNUNFQkQ4Njg1QjE3NDk1REIzRTFFNzQ1OTk3OUZFODRG MDQzODNGMjAeFw0yNDA5MTUwNTExNTFaFw0yNDA5MjIwNTExNTFaMBgxFjAUBgNV BAMTDTY2ZTY2Yzk3LTVhMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVAa1crzg67x66wmVX1vvPQHPzko2zqXHvJe859yuJXckhNFD+QcpeYBSsbqqb 9iSPxMth45UDVnrdKeEz/5GHBgmP20cn8hDCW6dU5jLnL/hP+/CQcD/dvAFUZxhe aOzRph1DGZl3xY71WtYG4awuea4NLN/ix3ezZ7abYNE1J7YTvgPNPM3TyEn0eO5M tdkXVMKdYquYb5LnnXDU0JFJvKedkr+ZBCdgBVWvVbvFMdSJjI7hZ4E4C0l0wOKy oVN365Q8qkbIkcg+m7Y7LdHyIa7t2JUfo/UuuVOyp5PD+a4CNTW4rAWA2Aa/W6Il 3XfKFO4+S0X4nMXJlKwWAlHTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtYODuN52 ZpFy00Lq2gEruRkiSfMwHwYDVR0jBBgwFoAUXOvYaFsXSV2z4edFmXn+hPBDg/Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDNzE2LzREQjlDQUM0MTQw MjExRURCOTY2MzQxNUM0RjlBRTAyL1hPdllhRnNYU1YyejRlZEZtWG4taFBCRGdf SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWE92WWFGc1hTVjJ6NGVkRm1Ybi1oUEJEZ19JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD NzE2LzREQjlDQUM0MTQwMjExRURCOTY2MzQxNUM0RjlBRTAyL1hPdllhRnNYU1Yy ejRlZEZtWG4taFBCRGdfSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJln0hSXdF66Jgcd0hERXN0fZAekx4EtJkp1UwSO6NLBbkvjkjMN9b2Q uNBZ1zOVpA10E88+fqgNC7vcG0abJzUqEMfwk7rbV9N0CoRlHO+kL3I1nRaUlQUN IV+Ma6BndlrgDMzwzsi9sLy6zEkeKggOafTfqatvpKUOVprWGKRsu5BS8fc22+IU 1oilzwGEjTlKUKnwMXQhcN//M1WTrrw0Wt6pFwrHA5yKOFFJdhK3MgDDkhR3vNSn jn4MJb6IxldsgTJGFcgMBVWtTnxmx3Nuf4j0vGnMnT6jTIQzQUv1h4AqyJUpgkSH vNCg2StbAvhWchHnFrkraXPFVKB9RJk= -----END CERTIFICATE-----Generated at Sun Sep 15 06:55:48 2024 by rpki-client on console-fra.rpki-client.org