$ rpki-client -vvf rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft File: XctT6r5qkI7KhlLekkgHxQnFLTA.mft (raw, json) Hash identifier: gnMvVlqrBMpuZX3HrBJ8rfdESV3sWuE00z2YArVppns= Subject key identifier: 6D:14:90:FF:71:CE:77:E9:3F:D2:08:0A:FE:11:7D:71:6D:DA:3E:44 Authority key identifier: 5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30 Certificate issuer: /CN=A918560D/serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30 Certificate serial: 0C8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft Manifest number: 0C82 Signing time: Fri 22 Nov 2024 18:07:32 +0000 Manifest this update: Fri 22 Nov 2024 18:07:32 +0000 Manifest next update: Fri 29 Nov 2024 18:07:31 +0000 Files and hashes: 1: XctT6r5qkI7KhlLekkgHxQnFLTA.crl (hash: xSeQqqj9Ti1RfyBed5IutMz+KQMR/NCJqBHZ4hliCG4=) 2: 41A8E738045111EA9C7DF516C4F9AE02.roa (hash: 549cEJi0czWRyHHS6o5u4NQ6YCs80VKq9MH5xptp8mg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:07:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3211 (0xc8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918560D/serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30 Validity Not Before: Nov 22 18:07:32 2024 GMT Not After : Nov 29 18:07:31 2024 GMT Subject: CN=6740c864-3bcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:f6:b5:1c:41:59:55:1b:5d:19:0f:ce:dd:7f: 0b:d7:2e:a2:ef:5c:ad:46:15:6b:73:68:a7:59:c6: bd:db:aa:55:03:d5:3f:74:28:7d:5e:0f:9e:4c:7f: 8d:9b:36:a2:c3:c6:35:2e:02:3d:47:83:d4:00:ea: 72:d3:5f:b8:43:b0:42:b5:66:d8:e8:d5:5f:5a:76: 62:c2:5c:13:73:2c:bd:39:97:2a:ff:d7:8f:69:b6: cb:da:ef:7d:75:6c:fc:d3:c3:a1:a6:1e:37:83:6b: 21:2f:66:08:8f:a2:a1:48:56:a5:54:5c:1b:cb:8d: e1:c3:50:37:fb:b5:0f:01:bb:31:6f:a3:91:7c:67: 2c:26:27:87:61:22:15:bf:3d:a1:e7:89:5c:67:08: 32:33:fe:e1:13:ee:91:9d:41:ff:0c:1a:02:2e:22: 43:8f:17:50:51:7f:c4:64:c9:6f:cd:0e:35:6b:fe: 26:7e:54:21:33:48:36:76:f4:98:74:e7:92:f5:a8: da:11:32:0f:98:c8:d0:99:6e:6a:28:71:17:83:d9: 05:1a:6d:d3:c2:30:68:9f:32:2c:cf:48:6b:a0:ea: 10:36:56:f5:8c:e9:d7:0f:eb:c8:41:69:7e:2a:2f: 64:52:a1:fc:41:a9:ce:5c:2a:60:49:fe:45:fd:4d: dd:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:14:90:FF:71:CE:77:E9:3F:D2:08:0A:FE:11:7D:71:6D:DA:3E:44 X509v3 Authority Key Identifier: keyid:5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:e0:5e:b4:1c:27:25:40:f0:5d:3d:0c:53:b8:f9:3f:65:5e: 4d:49:7a:57:a6:d8:78:b6:05:cf:bd:e5:0a:fd:2a:b2:d6:c9: a4:ea:6d:02:b1:0d:6b:c9:2f:de:8d:0c:a2:27:3e:76:43:d2: 5c:fb:39:5a:0f:3c:b4:8b:cf:2e:07:24:85:ad:a5:88:9c:d2: 37:8d:52:2d:46:1e:e5:13:cf:37:6b:4e:b1:ce:dd:7e:13:88: 78:ba:61:a4:02:2f:f7:23:a4:aa:c0:55:92:04:10:89:f7:17: cd:ad:b1:45:a7:59:7a:3d:88:df:af:ee:4a:cb:f1:2c:aa:dc: b3:a1:a2:84:be:97:9b:35:9b:e8:a7:c9:ef:80:07:42:bc:50: 0c:d4:9d:b3:19:c7:fb:03:b1:03:14:7e:a9:15:0c:46:5f:58: 95:60:04:93:bd:d6:71:26:fb:be:cb:93:7b:e9:a6:2e:d7:2a: 33:ac:79:42:17:be:f0:d3:b9:b8:ef:7a:8c:94:c5:6a:ac:5f: 80:e6:71:2c:32:ad:06:98:ec:1d:63:9a:b7:77:4d:3f:b0:7e: 34:8e:95:6c:97:68:ac:6b:ba:f3:42:3d:66:b8:43:17:9e:3f: a3:38:d3:69:5d:72:45:da:4d:5e:de:10:28:51:49:be:94:0e: df:24:0f:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODU2MEQxMTAvBgNVBAUTKDVEQ0I1M0VBQkU2QTkwOEVDQTg2NTJERTkyNDgwN0M1 MDlDNTJEMzAwHhcNMjQxMTIyMTgwNzMyWhcNMjQxMTI5MTgwNzMxWjAYMRYwFAYD VQQDEw02NzQwYzg2NC0zYmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkfa1HEFZVRtdGQ/O3X8L1y6i71ytRhVrc2inWca926pVA9U/dCh9Xg+eTH+N mzaiw8Y1LgI9R4PUAOpy01+4Q7BCtWbY6NVfWnZiwlwTcyy9OZcq/9ePabbL2u99 dWz808Ohph43g2shL2YIj6KhSFalVFwby43hw1A3+7UPAbsxb6ORfGcsJieHYSIV vz2h54lcZwgyM/7hE+6RnUH/DBoCLiJDjxdQUX/EZMlvzQ41a/4mflQhM0g2dvSY dOeS9ajaETIPmMjQmW5qKHEXg9kFGm3TwjBonzIsz0hroOoQNlb1jOnXD+vIQWl+ Ki9kUqH8QanOXCpgSf5F/U3d0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG0UkP9x znfpP9IICv4RfXFt2j5EMB8GA1UdIwQYMBaAFF3LU+q+apCOyoZS3pJIB8UJxS0w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTYwRC9GNURDQTZENEU1 QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJN0tobExla2tnSHhRbkZM VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjdFQ2cjVxa0k3S2hsTGVra2dIeFFuRkxUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NTYwRC9GNURDQTZENEU1QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJ N0tobExla2tnSHhRbkZMVEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBI4F60HCclQPBdPQxTuPk/ZV5NSXpXpth4tgXPveUK/Sqy1smk6m0C sQ1ryS/ejQyiJz52Q9Jc+zlaDzy0i88uBySFraWInNI3jVItRh7lE883a06xzt1+ E4h4umGkAi/3I6SqwFWSBBCJ9xfNrbFFp1l6PYjfr+5Ky/EsqtyzoaKEvpebNZvo p8nvgAdCvFAM1J2zGcf7A7EDFH6pFQxGX1iVYASTvdZxJvu+y5N76aYu1yozrHlC F77w07m473qMlMVqrF+A5nEsMq0GmOwdY5q3d00/sH40jpVsl2isa7rzQj1muEMX nj+jONNpXXJF2k1e3hAoUUm+lA7fJA/P -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:06 2024 by rpki-client on console-ams.rpki-client.org