$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft File: es5to1-2pKn2-ZcMGLyvWydIEZ8.mft (raw, json) Hash identifier: yZFA+Wbbj/+otwHEdxGByxULBvS/MQgc1KYnhtNO8hk= Subject key identifier: 0A:E6:A0:BA:CA:84:91:57:58:DD:C7:4F:39:AE:DA:28:7B:FA:35:59 Authority key identifier: 7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F Certificate issuer: /CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Certificate serial: 0A39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft Manifest number: 0A19 Signing time: Wed 20 Nov 2024 19:34:39 +0000 Manifest this update: Wed 20 Nov 2024 19:34:38 +0000 Manifest next update: Wed 27 Nov 2024 19:34:38 +0000 Files and hashes: 1: es5to1-2pKn2-ZcMGLyvWydIEZ8.crl (hash: vTXeweN24w2l8+vRBeWNof8cl7mb+g82PZMF0HMMKtE=) 2: 495324CA39CB11EBB2F08020C4F9AE02.roa (hash: osiy8r5wOcZwc+hzXjUSDPKHDtxSKkSDsBR1kqJAjV4=) 3: D4EFA44673CD11EA8BE69127C4F9AE02.roa (hash: UGiehiieQMG0h11m4WT8Sepc4lZpfmvaR3Wz1SUuF+k=) 4: B24920940C6911EC90B57338C4F9AE02.roa (hash: Nuk6/U0PEEUTh4/Znumg3fhwPF24LqsvJENpm5HBvzI=) 5: F90F9A403ACB11EC9FEBB367C4F9AE02.roa (hash: +xOv12aaFD+ElTkbMbM+GL6Nan/ResHUQv6dF6h2KxA=) 6: 7E12F8DC4C0A11ECACB7F96AC4F9AE02.roa (hash: EdbP6Ic3TKOXeBjm7GNDv83YO0G30y52gbvBzwhEMSM=) 7: 46F5BC3206A211EEBDA4D34BC4F9AE02.roa (hash: nUOUleUTzrwDfXxPCbpeZJCMn5m+Z2Uvkn1+H8UcN1Y=) 8: D0D573BA7D4611EDA39A867EC4F9AE02.roa (hash: Ri908Mam4olAUfRbBVo4OcQZuaNzAo60OI3PDGDqutA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:34:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2617 (0xa39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8/serialNumber=7ACE6DA35FB6A4A9F6F9970C18BCAF5B2748119F Validity Not Before: Nov 20 19:34:38 2024 GMT Not After : Nov 27 19:34:38 2024 GMT Subject: CN=673e39cf-6090 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:65:b6:7e:b9:a2:c8:74:1a:17:ae:18:5f:32: 5f:4c:74:af:b1:b8:8d:de:60:cb:3c:e1:26:51:70: be:7c:16:86:25:f1:19:0f:d3:f3:a7:7f:6d:23:67: be:0c:e6:05:2d:41:2d:99:25:c0:b2:f3:4d:b5:28: 1a:36:2a:aa:3f:4c:5e:6b:13:14:f8:7e:4e:2f:21: 8c:66:97:58:e8:a3:0e:49:7a:f7:61:0a:a7:fb:27: 67:4a:c6:20:87:d1:45:07:c1:59:b6:6f:a5:6c:35: ce:92:c5:13:c7:a5:b1:d9:89:d3:ed:ad:b1:59:04: 53:69:e4:08:cc:3c:3b:9b:87:4d:6a:e6:ee:0a:05: a6:b4:b4:8b:a8:e6:82:de:9a:68:be:70:16:23:76: 65:53:e1:6d:07:97:6f:9a:90:14:7f:8b:97:0b:62: 6e:99:ac:f7:da:30:1f:83:87:7c:3c:e6:65:80:a0: 22:d0:24:1c:6d:d2:e1:06:e8:85:b9:b8:93:0a:7f: ac:86:ef:4d:bd:c3:f5:be:08:b3:0a:d5:72:96:c3: 9a:19:55:17:96:ba:8a:b8:1b:b7:f6:8d:2f:f1:c1: 24:65:3a:15:0e:22:4f:9b:07:be:b3:05:23:d8:81: a7:f9:2c:b7:bc:fa:0b:9b:7b:37:1c:e9:42:d1:bc: db:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:E6:A0:BA:CA:84:91:57:58:DD:C7:4F:39:AE:DA:28:7B:FA:35:59 X509v3 Authority Key Identifier: keyid:7A:CE:6D:A3:5F:B6:A4:A9:F6:F9:97:0C:18:BC:AF:5B:27:48:11:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/es5to1-2pKn2-ZcMGLyvWydIEZ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/A059AF8A640D11EAB6395571C4F9AE02/es5to1-2pKn2-ZcMGLyvWydIEZ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:f8:aa:f1:08:67:d5:83:3f:e1:c1:c9:f2:2e:7e:7d:ed:a9: c3:c2:69:a9:59:b5:a2:c6:f8:65:ae:b2:79:e8:34:15:2c:3b: f8:a8:00:d5:a1:31:82:9a:69:7f:a0:7d:8d:de:74:4c:ee:3e: 30:64:57:23:4d:2a:0d:02:8f:a3:41:7b:49:7b:99:8c:a3:46: a1:16:8a:4a:2a:a2:3d:f0:86:e9:e0:a6:5b:98:6f:21:99:22: 1f:83:f4:a6:c6:a7:ec:c3:57:9c:dd:5a:8d:43:6b:8b:51:1b: 0a:86:b7:1e:fb:c4:cd:62:27:7e:53:b9:39:65:29:56:b8:f8: ae:73:f3:0a:74:93:94:bb:50:a3:dd:a6:be:e9:ed:00:32:4b: 65:c2:c8:63:14:01:24:6b:bf:42:09:ce:5e:e5:4a:c6:1b:ad: ed:af:9d:92:69:4c:6b:a3:27:97:44:99:37:e5:0d:7a:e6:d4: 16:da:8d:b6:4d:ae:35:e2:20:49:95:ad:63:46:bd:1f:cb:ef: f0:8d:05:38:8a:7d:3a:8e:66:dc:f2:5b:e1:b6:2e:53:c3:bb: 32:f7:8d:9b:3c:5d:29:54:9e:fd:bf:2c:b1:26:b2:c5:22:bc: 24:11:d9:fb:fd:12:b3:12:e5:12:99:47:20:34:38:f8:ed:99: 71:bc:c1:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDdBQ0U2REEzNUZCNkE0QTlGNkY5OTcwQzE4QkNBRjVC Mjc0ODExOUYwHhcNMjQxMTIwMTkzNDM4WhcNMjQxMTI3MTkzNDM4WjAYMRYwFAYD VQQDEw02NzNlMzljZi02MDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6GW2frmiyHQaF64YXzJfTHSvsbiN3mDLPOEmUXC+fBaGJfEZD9Pzp39tI2e+ DOYFLUEtmSXAsvNNtSgaNiqqP0xeaxMU+H5OLyGMZpdY6KMOSXr3YQqn+ydnSsYg h9FFB8FZtm+lbDXOksUTx6Wx2YnT7a2xWQRTaeQIzDw7m4dNaubuCgWmtLSLqOaC 3ppovnAWI3ZlU+FtB5dvmpAUf4uXC2Jumaz32jAfg4d8POZlgKAi0CQcbdLhBuiF ubiTCn+shu9NvcP1vgizCtVylsOaGVUXlrqKuBu39o0v8cEkZToVDiJPmwe+swUj 2IGn+Sy3vPoLm3s3HOlC0bzbdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArmoLrK hJFXWN3HTzmu2ih7+jVZMB8GA1UdIwQYMBaAFHrObaNftqSp9vmXDBi8r1snSBGf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC9BMDU5QUY4QTY0 MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBLbjItWmNNR0x5dld5ZElF WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VzNXRvMS0ycEtuMi1aY01HTHl2V3lkSUVaOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC9BMDU5QUY4QTY0MEQxMUVBQjYzOTU1NzFDNEY5QUUwMi9lczV0bzEtMnBL bjItWmNNR0x5dld5ZElFWjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCs+KrxCGfVgz/hwcnyLn597anDwmmpWbWixvhlrrJ56DQVLDv4qADV oTGCmml/oH2N3nRM7j4wZFcjTSoNAo+jQXtJe5mMo0ahFopKKqI98Ibp4KZbmG8h mSIfg/Smxqfsw1ec3VqNQ2uLURsKhrce+8TNYid+U7k5ZSlWuPiuc/MKdJOUu1Cj 3aa+6e0AMktlwshjFAEka79CCc5e5UrGG63tr52SaUxroyeXRJk35Q165tQW2o22 Ta414iBJla1jRr0fy+/wjQU4in06jmbc8lvhti5Tw7sy942bPF0pVJ79vyyxJrLF IrwkEdn7/RKzEuUSmUcgNDj47ZlxvMGB -----END CERTIFICATE-----Generated at Wed Nov 20 21:34:54 2024 by rpki-client on console-ams.rpki-client.org