$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: s8LUOjviz+i55oRBqgo39BBj19cPLUc44iC4txHyfMc= Subject key identifier: FC:DE:20:0C:A7:4B:37:EC:A6:B9:A8:3A:12:29:85:C7:1B:EA:73:F7 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0BA8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0B9A Signing time: Fri 22 Nov 2024 18:45:22 +0000 Manifest this update: Fri 22 Nov 2024 18:45:22 +0000 Manifest next update: Fri 29 Nov 2024 18:45:22 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: QNzghT5nppKZv94TJFzOpRg4nLOdjvv3LEbRvVWJYCM=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: o7cey+AS0R8fVuMf4POftZacKVzAhG2qKeR3u+WEUgU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:45:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2984 (0xba8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Nov 22 18:45:22 2024 GMT Not After : Nov 29 18:45:22 2024 GMT Subject: CN=6740d142-eb08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:89:0b:05:c7:ca:b9:6b:67:8d:de:ba:ab:03: 6c:9a:a2:60:1a:6c:07:4f:da:0c:66:a3:e6:83:42: c0:8c:bc:af:ee:13:f5:25:cf:d2:5a:c0:d0:37:5d: 6c:c0:7c:27:9c:a3:5d:0c:54:e1:b2:29:dc:06:21: fe:c4:4b:4b:80:d8:fa:af:04:44:d8:43:3b:6e:57: cd:97:27:ca:99:15:4f:a5:f7:4b:cd:ea:9e:01:b3: 26:85:7e:83:04:09:2d:f7:f7:94:96:d7:43:bc:88: 57:b6:fe:0f:0a:d7:16:4a:a2:7b:71:fe:89:25:ce: 1e:65:3a:c2:df:6c:96:fa:d3:8d:ae:1a:03:c7:e3: a3:d2:25:ef:8b:24:7c:c7:5b:5e:29:33:6b:d7:e8: 60:d9:07:e7:f5:39:e8:f9:3f:a7:66:40:88:bd:be: 9a:0d:1b:95:de:bb:93:18:09:1f:10:e7:85:ee:92: 93:e5:47:7c:dd:d0:2d:3a:18:96:59:ba:55:01:16: d9:20:fd:b0:ba:e4:f8:06:e1:23:8c:4d:b9:f4:11: 3c:79:ab:11:af:35:b1:11:32:78:8e:a1:b6:af:5c: 43:67:1e:ce:d6:f8:60:94:a7:7b:36:e9:eb:82:be: 1b:cc:d2:ee:24:15:80:5f:f1:ff:1b:4b:89:fa:2a: 2e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:DE:20:0C:A7:4B:37:EC:A6:B9:A8:3A:12:29:85:C7:1B:EA:73:F7 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:dc:5e:39:c4:be:c6:60:eb:65:54:e0:72:8a:08:ac:b9:ed: 03:0d:95:79:2e:0a:60:ae:f6:41:4d:f1:33:8e:f7:62:b7:99: 41:b7:f1:dd:98:63:d0:62:bc:58:d6:8d:72:dc:54:43:67:54: 39:aa:5c:8b:76:0c:6f:5a:4b:d8:cb:57:5a:fb:68:d5:ce:c2: 3f:df:f5:db:66:49:cc:10:c0:a7:2c:47:d9:5e:1f:a0:4c:9d: fa:0e:19:c1:df:13:2e:08:bb:50:a5:0b:95:2b:5c:e7:66:9a: 33:1f:7e:00:bc:a5:e3:7f:b9:4e:9d:06:a9:90:52:aa:79:d6: 8a:58:c2:98:0b:3b:cb:fc:3b:7b:65:10:69:09:b2:61:87:41: 9d:b0:6b:8f:b0:a4:b8:19:08:62:91:f5:ca:7c:97:58:8b:e5: 94:63:3f:70:38:01:e5:e3:df:a2:61:25:07:88:8b:01:27:ed: d3:11:2e:6f:96:97:0b:84:0c:80:38:71:b3:3e:f7:08:ee:2b: 3b:2b:9f:1b:44:77:3f:ad:a8:bc:31:e6:fe:d2:58:79:f1:15: 41:04:4a:97:d8:42:d8:d5:f3:bb:b9:ca:9b:7c:8d:56:18:89: 8f:32:bd:ec:58:be:e9:6a:9b:39:fb:e7:86:e0:32:a3:28:ef: 9e:17:7a:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjQxMTIyMTg0NTIyWhcNMjQxMTI5MTg0NTIyWjAYMRYwFAYD VQQDEw02NzQwZDE0Mi1lYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs4kLBcfKuWtnjd66qwNsmqJgGmwHT9oMZqPmg0LAjLyv7hP1Jc/SWsDQN11s wHwnnKNdDFThsincBiH+xEtLgNj6rwRE2EM7blfNlyfKmRVPpfdLzeqeAbMmhX6D BAkt9/eUltdDvIhXtv4PCtcWSqJ7cf6JJc4eZTrC32yW+tONrhoDx+Oj0iXviyR8 x1teKTNr1+hg2Qfn9Tno+T+nZkCIvb6aDRuV3ruTGAkfEOeF7pKT5Ud83dAtOhiW WbpVARbZIP2wuuT4BuEjjE259BE8easRrzWxETJ4jqG2r1xDZx7O1vhglKd7Nunr gr4bzNLuJBWAX/H/G0uJ+iouBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPzeIAyn SzfsprmoOhIphccb6nP3MB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBH3F45xL7GYOtlVOByigisue0DDZV5LgpgrvZBTfEzjvdit5lBt/Hd mGPQYrxY1o1y3FRDZ1Q5qlyLdgxvWkvYy1da+2jVzsI/3/XbZknMEMCnLEfZXh+g TJ36DhnB3xMuCLtQpQuVK1znZpozH34AvKXjf7lOnQapkFKqedaKWMKYCzvL/Dt7 ZRBpCbJhh0GdsGuPsKS4GQhikfXKfJdYi+WUYz9wOAHl49+iYSUHiIsBJ+3TES5v lpcLhAyAOHGzPvcI7is7K58bRHc/rai8Meb+0lh58RVBBEqX2ELY1fO7ucqbfI1W GImPMr3sWL7paps5++eG4DKjKO+eF3pv -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org