$ rpki-client -vvf rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft File: punLpSnAWpYkymA1SKPjFJF1jys.mft (raw, json) Hash identifier: Hyf0uKMtN/Ynuw21giTq4vtl9d+hpgFeGpXDsJg7fGk= Subject key identifier: F7:4E:92:1E:C1:2F:5B:78:2F:BC:09:BB:96:CC:25:21:29:5D:F5:AF Authority key identifier: A6:E9:CB:A5:29:C0:5A:96:24:CA:60:35:48:A3:E3:14:91:75:8F:2B Certificate issuer: /CN=A9189B41/serialNumber=A6E9CBA529C05A9624CA603548A3E31491758F2B Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft Manifest number: 22 Signing time: Wed 23 Oct 2024 06:30:38 +0000 Manifest this update: Wed 23 Oct 2024 06:30:37 +0000 Manifest next update: Wed 30 Oct 2024 06:30:37 +0000 Files and hashes: 1: punLpSnAWpYkymA1SKPjFJF1jys.crl (hash: p4EPIK/S5gayr+IgLaI6cwUVoshqK5r/aLffWfrJtBQ=) 2: 17AF252C605A11EFB7F45361C4F9AE02.roa (hash: hIohGLAEr9r6SYuLg+aGzwQmujzK2d8ao66pEwxDxz4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.crl rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Oct 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189B41/serialNumber=A6E9CBA529C05A9624CA603548A3E31491758F2B Validity Not Before: Oct 23 06:30:37 2024 GMT Not After : Oct 30 06:30:37 2024 GMT Subject: CN=6718980e-8559 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:54:fe:3b:b9:6c:1d:ff:da:5f:24:f9:0e:52: c9:04:ad:a8:15:4c:49:1a:32:c9:9f:5b:a9:52:6b: e5:2d:8a:b1:1b:61:12:0d:dc:1c:7b:66:a4:e3:23: 25:8f:1f:4a:e7:7f:b5:4b:bd:7a:dc:77:6f:9e:9a: 89:d7:38:04:e3:60:b8:a2:ca:d9:ff:8d:59:3e:ca: d8:19:c8:07:52:c1:62:f3:da:9b:bd:d8:c8:89:7f: bc:00:ab:f8:79:a1:1b:ad:1c:a9:1b:22:c6:80:8b: e5:85:24:07:e2:5a:36:d2:44:b6:67:59:ac:a2:8a: 88:ef:7f:0e:d8:9a:9a:00:fa:31:d8:04:fd:f3:69: 87:a8:a6:13:47:d9:1a:b5:1d:c3:8c:ee:ff:5e:35: cb:f4:b1:14:03:f5:4e:7d:6e:52:1e:b4:92:26:e5: 23:14:62:45:85:cf:a0:30:4c:39:a4:46:73:af:ba: 13:f2:4d:f6:ce:6b:fd:22:b5:3f:88:ad:0b:43:be: 6d:2c:43:98:a2:85:16:a1:4d:15:00:67:bf:4f:36: 9f:a0:6e:7b:cc:57:97:fd:7f:ff:83:e6:d4:7c:38: 6e:d8:80:7b:66:0f:a4:96:cb:6a:6e:4b:d6:7f:25: 94:8f:a9:0b:dd:51:93:6c:72:7d:09:ac:00:f0:37: ec:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:4E:92:1E:C1:2F:5B:78:2F:BC:09:BB:96:CC:25:21:29:5D:F5:AF X509v3 Authority Key Identifier: keyid:A6:E9:CB:A5:29:C0:5A:96:24:CA:60:35:48:A3:E3:14:91:75:8F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/punLpSnAWpYkymA1SKPjFJF1jys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189B41/69B7698E605911EF9C223760C4F9AE02/punLpSnAWpYkymA1SKPjFJF1jys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:e9:11:01:3f:c0:7e:59:6a:d8:d8:b7:7f:0f:bc:b9:0b:5e: bc:f0:d5:55:6c:39:f9:2d:bd:7c:31:b5:67:d5:3a:39:b8:e9: 16:3f:64:78:d0:48:df:fe:05:5c:69:42:dd:13:ce:27:f4:23: e0:eb:2e:fb:fd:21:e1:4a:6b:05:14:c3:f1:9c:63:eb:2c:31: dc:8b:37:7f:6d:0b:8b:d6:83:9c:b5:4e:0b:8f:03:79:44:8e: 8f:6f:5b:db:5b:3e:7b:08:bb:dc:eb:f3:c6:fc:72:28:fd:4f: 5f:a4:7b:70:2a:94:c2:3b:da:e9:7e:d5:b0:02:e0:3b:35:ff: 28:7f:ed:3c:ce:e0:ef:11:67:53:4c:b0:3f:19:3f:7b:10:b5: 6c:70:73:d3:22:c4:df:99:b5:4f:82:7a:26:83:50:8d:85:b2: b3:bb:8a:46:a6:25:8a:76:89:3c:17:88:d7:dc:f1:c6:7e:ae: 15:12:a3:eb:c5:50:f4:da:84:f1:21:a1:82:ff:16:99:0c:32: 38:72:24:33:94:3a:ac:51:c9:7d:5a:6c:55:83:f0:0a:6e:c1: 9e:53:ed:3c:9c:24:51:6c:62:a8:46:8b:19:49:60:d9:74:99: 37:6b:a5:54:a4:ac:b3:4f:d7:41:d4:3e:a1:2f:d4:40:0c:c5: 5c:ec:39:44 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 OUI0MTExMC8GA1UEBRMoQTZFOUNCQTUyOUMwNUE5NjI0Q0E2MDM1NDhBM0UzMTQ5 MTc1OEYyQjAeFw0yNDEwMjMwNjMwMzdaFw0yNDEwMzAwNjMwMzdaMBgxFjAUBgNV BAMTDTY3MTg5ODBlLTg1NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCVP47uWwd/9pfJPkOUskEragVTEkaMsmfW6lSa+UtirEbYRIN3Bx7ZqTjIyWP H0rnf7VLvXrcd2+emonXOATjYLiiytn/jVk+ytgZyAdSwWLz2pu92MiJf7wAq/h5 oRutHKkbIsaAi+WFJAfiWjbSRLZnWayiiojvfw7YmpoA+jHYBP3zaYeophNH2Rq1 HcOM7v9eNcv0sRQD9U59blIetJIm5SMUYkWFz6AwTDmkRnOvuhPyTfbOa/0itT+I rQtDvm0sQ5iihRahTRUAZ79PNp+gbnvMV5f9f/+D5tR8OG7YgHtmD6SWy2puS9Z/ JZSPqQvdUZNscn0JrADwN+zbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU906SHsEv W3gvvAm7lswlISld9a8wHwYDVR0jBBgwFoAUpunLpSnAWpYkymA1SKPjFJF1jysw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5QjQxLzY5Qjc2OThFNjA1 OTExRUY5QzIyMzc2MEM0RjlBRTAyL3B1bkxwU25BV3BZa3ltQTFTS1BqRkpGMWp5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcHVuTHBTbkFXcFlreW1BMVNLUGpGSkYxanlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5 QjQxLzY5Qjc2OThFNjA1OTExRUY5QzIyMzc2MEM0RjlBRTAyL3B1bkxwU25BV3BZ a3ltQTFTS1BqRkpGMWp5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKjpEQE/wH5ZatjYt38PvLkLXrzw1VVsOfktvXwxtWfVOjm46RY/ZHjQ SN/+BVxpQt0Tzif0I+DrLvv9IeFKawUUw/GcY+ssMdyLN39tC4vWg5y1TguPA3lE jo9vW9tbPnsIu9zr88b8cij9T1+ke3AqlMI72ul+1bAC4Ds1/yh/7TzO4O8RZ1NM sD8ZP3sQtWxwc9MixN+ZtU+CeiaDUI2FsrO7ikamJYp2iTwXiNfc8cZ+rhUSo+vF UPTahPEhoYL/FpkMMjhyJDOUOqxRyX1abFWD8ApuwZ5T7TycJFFsYqhGixlJYNl0 mTdrpVSkrLNP10HUPqEv1EAMxVzsOUQ= -----END CERTIFICATE-----Generated at Wed Oct 23 07:33:22 2024 by rpki-client on console-fra.rpki-client.org