$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: oPRLyUV6FuaK8EmRbZfGVBHoEXjIC4xbrGDs4EyIldU= Subject key identifier: B6:5E:E2:DE:CD:9D:F8:C8:8B:81:CE:ED:11:AA:16:1F:1B:92:6B:0E Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: 2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: 28 Signing time: Mon 25 Nov 2024 05:45:46 +0000 Manifest this update: Mon 25 Nov 2024 05:45:45 +0000 Manifest next update: Mon 02 Dec 2024 05:45:45 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: 4r4PJRsUHflqwlEYy2/P33+8Ga0P4HUsi16Yfjr+3fY=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: Po2BM3la9bQp8SxvolgWBVl3dKAKoE5yaonqoVw5jxw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 05:31:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Nov 25 05:45:45 2024 GMT Not After : Dec 2 05:45:45 2024 GMT Subject: CN=67440f0a-55c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:84:98:54:81:fc:df:dd:40:6d:e0:49:46:e3: 50:f5:76:e1:da:07:75:1b:ac:fd:e1:71:22:17:b6: 82:37:cb:d2:aa:30:ba:91:63:cf:81:e1:af:c5:c4: ef:19:3b:ae:12:1a:5f:ae:de:5d:2c:d6:ac:19:be: 95:8d:04:3f:50:75:02:bb:68:88:8f:45:fd:3d:3b: 04:48:01:e5:e1:7c:98:3a:c6:20:b7:ec:94:c8:67: 09:b0:d0:9d:51:d0:d0:f7:e1:d1:4b:de:2b:05:cc: 68:a5:4c:9e:52:8b:09:e9:59:68:2c:29:c1:55:81: a6:50:ea:f9:7b:f5:59:82:6a:0c:4c:17:5e:af:b8: 24:1a:1d:f4:32:e4:d6:37:3a:5e:8f:2f:07:61:54: c7:14:ec:91:41:06:7a:43:12:63:dc:ee:09:a4:c8: aa:37:e2:b4:89:76:ee:d7:0b:a2:52:0e:c8:92:1e: 4d:ed:9b:f1:cc:1b:f0:78:a4:b3:1c:d1:99:30:1c: 38:c6:29:a7:d8:e8:63:2a:e5:75:9e:9f:08:f2:36: 7c:3c:5d:19:27:b0:11:5a:f4:8d:16:79:b9:69:df: a2:85:95:bf:4d:89:57:f1:e2:2c:fe:95:99:6d:d9: 2d:a0:06:f0:5e:76:ed:14:88:0b:af:f0:91:c4:6c: 93:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:5E:E2:DE:CD:9D:F8:C8:8B:81:CE:ED:11:AA:16:1F:1B:92:6B:0E X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:13:7d:b3:34:98:42:0f:23:65:b7:dc:55:32:16:31:27:75: 90:a4:51:98:06:81:60:ad:25:10:19:40:92:e2:55:90:40:ef: 5a:9e:87:d9:4b:c1:b6:aa:bf:8e:e3:9b:5c:f3:13:a8:4e:d7: 79:72:73:6c:39:f4:16:a6:47:18:ac:42:6c:c3:61:4e:81:c4: ed:37:92:ef:f2:93:33:19:bf:80:fa:ce:8b:d8:e2:63:d5:d6: ac:3d:1c:76:b1:52:ab:b2:ae:90:b1:d7:97:67:e4:49:7e:da: 20:b0:5e:1c:92:0b:14:d0:8c:69:f4:70:ef:fe:fd:e0:da:67: 3a:4a:e7:fc:7c:22:ef:77:6f:3c:e6:a1:0c:90:de:03:fb:f5: 9e:c1:cc:c3:cb:ef:3d:39:b2:b3:db:20:1a:cf:45:70:c7:89: ef:2f:fd:70:8c:ef:95:d7:f2:59:30:a6:9a:78:36:af:91:63: c1:fc:be:50:a5:96:52:75:96:57:1e:6a:2e:0f:7d:a4:a8:01: d3:ac:7a:6d:e3:90:b5:44:ad:87:32:ba:30:d7:1e:2a:a7:36: 5d:c7:72:32:23:1e:20:d7:c3:45:24:29:f4:d4:0c:a0:f4:27: 8e:3b:ac:5b:48:8d:bb:a4:84:b6:2f:29:c1:96:f2:33:f6:ef: 4e:ed:bc:05 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzlCRjExMC8GA1UEBRMoNUNBQ0U1QkY2NTVBQUNGN0NCQzYyNzJDNUM2OTdGMzc3 QTA2Q0U4QzAeFw0yNDExMjUwNTQ1NDVaFw0yNDEyMDIwNTQ1NDVaMBgxFjAUBgNV BAMTDTY3NDQwZjBhLTU1YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCahJhUgfzf3UBt4ElG41D1duHaB3UbrP3hcSIXtoI3y9KqMLqRY8+B4a/FxO8Z O64SGl+u3l0s1qwZvpWNBD9QdQK7aIiPRf09OwRIAeXhfJg6xiC37JTIZwmw0J1R 0ND34dFL3isFzGilTJ5SiwnpWWgsKcFVgaZQ6vl79VmCagxMF16vuCQaHfQy5NY3 Ol6PLwdhVMcU7JFBBnpDEmPc7gmkyKo34rSJdu7XC6JSDsiSHk3tm/HMG/B4pLMc 0ZkwHDjGKafY6GMq5XWenwjyNnw8XRknsBFa9I0Weblp36KFlb9NiVfx4iz+lZlt 2S2gBvBedu0UiAuv8JHEbJNrAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtl7i3s2d +MiLgc7tEaoWHxuSaw4wHwYDVR0jBBgwFoAUXKzlv2VarPfLxicsXGl/N3oGzoww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDOUJGL0JFMUQ0QTM0N0I0 RDExRUZCMDIzNkM3OEM0RjlBRTAyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pv dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWEt6bHYyVmFyUGZMeGljc1hHbF9OM29Hem93LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD OUJGL0JFMUQ0QTM0N0I0RDExRUZCMDIzNkM3OEM0RjlBRTAyL1hLemx2MlZhclBm THhpY3NYR2xfTjNvR3pvdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEQTfbM0mEIPI2W33FUyFjEndZCkUZgGgWCtJRAZQJLiVZBA71qeh9lL wbaqv47jm1zzE6hO13lyc2w59BamRxisQmzDYU6BxO03ku/ykzMZv4D6zovY4mPV 1qw9HHaxUquyrpCx15dn5El+2iCwXhySCxTQjGn0cO/+/eDaZzpK5/x8Iu93bzzm oQyQ3gP79Z7BzMPL7z05srPbIBrPRXDHie8v/XCM75XX8lkwppp4Nq+RY8H8vlCl llJ1llceai4PfaSoAdOsem3jkLVErYcyujDXHiqnNl3HcjIjHiDXw0UkKfTUDKD0 J447rFtIjbukhLYvKcGW8jP2707tvAU= -----END CERTIFICATE-----Generated at Mon Nov 25 07:14:55 2024 by rpki-client on console-fra.rpki-client.org