$ rpki-client -vvf rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft File: 4AJb-TLnFuGh-K-QECEcQRCE_J0.mft (raw, json) Hash identifier: TMDtfAWec2sFVUivy/RHlSNPtIJj86lbRJ8O8/UVgW8= Subject key identifier: 38:3E:22:8A:99:76:F9:92:03:67:6B:AB:C8:13:37:1B:FF:9A:7A:7D Authority key identifier: E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D Certificate issuer: /CN=A9197FDB/serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Certificate serial: 052C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft Manifest number: 0526 Signing time: Fri 22 Nov 2024 23:07:48 +0000 Manifest this update: Fri 22 Nov 2024 23:07:47 +0000 Manifest next update: Fri 29 Nov 2024 23:07:47 +0000 Files and hashes: 1: 4AJb-TLnFuGh-K-QECEcQRCE_J0.crl (hash: /NTRhH/p6QuIAomnv8UwZ9eyn6ThW+dgrhZfsBYUQk8=) 2: 0A1FAC405BB211EEAD06B243C4F9AE02.roa (hash: tgnIyxqnM5e1e77M6KmIsMUhPNhnEFkzQfcV1nAwP9g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1324 (0x52c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197FDB/serialNumber=E0025BF932E716E1A1F8AF9010211C411084FC9D Validity Not Before: Nov 22 23:07:47 2024 GMT Not After : Nov 29 23:07:47 2024 GMT Subject: CN=67410ec3-cd2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:aa:d7:7b:b6:59:cc:2c:41:5e:6c:40:38:ea: e9:2c:fc:b0:2d:db:45:e4:66:1a:c6:f3:75:c5:6c: d1:56:f6:1b:d6:97:8a:90:fe:28:e2:90:ae:22:90: 4f:d3:7c:72:bf:ee:1a:f8:cb:38:b3:9c:b2:0d:d4: 61:44:5b:c6:15:67:82:63:ce:6e:ee:ec:d5:1a:35: ae:0d:53:65:7a:ea:2e:24:d6:c6:06:f5:cd:22:92: 0c:c3:c4:fd:56:8e:54:74:8d:b2:5e:4c:77:5e:d7: 66:a9:8c:00:8c:26:a1:d9:80:b3:9e:f1:f8:5c:83: 69:ed:ea:85:e4:22:d9:a6:9c:7a:f8:44:5a:b3:4a: 2c:2e:e4:c3:1e:a0:b3:04:ad:a2:66:b5:87:27:1e: 42:c4:c4:06:80:26:a6:27:b7:68:2d:4d:f4:56:60: 90:52:6a:63:a8:a9:3a:fd:5b:d8:45:e8:0a:0f:66: c1:22:3c:e3:78:d0:dd:1b:c1:1f:c0:25:3d:36:df: a7:b9:48:20:3d:37:63:05:b5:54:c6:ed:fd:07:97: ea:80:75:33:b5:c5:da:66:b9:a7:1d:fc:f8:2d:b5: f7:9b:b3:7e:27:7f:25:5d:c8:34:66:4f:30:26:8d: 27:1d:7a:1e:79:2b:5a:67:d3:ce:fa:df:76:ef:ff: 2b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:3E:22:8A:99:76:F9:92:03:67:6B:AB:C8:13:37:1B:FF:9A:7A:7D X509v3 Authority Key Identifier: keyid:E0:02:5B:F9:32:E7:16:E1:A1:F8:AF:90:10:21:1C:41:10:84:FC:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4AJb-TLnFuGh-K-QECEcQRCE_J0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197FDB/657E4074DA3611EB84E6A349C4F9AE02/4AJb-TLnFuGh-K-QECEcQRCE_J0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:1f:41:d6:1e:1b:0a:e1:15:39:ab:83:13:9a:cb:f0:b2:73: f7:43:e8:8c:1b:c7:22:35:bd:98:ee:bd:a2:c0:dc:df:1b:19: 33:d6:ee:13:3c:a6:da:64:cc:a0:da:98:ef:88:1d:0a:4f:f4: 65:dd:62:85:04:db:7d:d2:57:9c:24:f9:8a:c0:b7:2f:51:6e: 74:09:ed:41:60:27:dd:a8:02:54:0e:2f:90:b2:32:80:43:f0: 76:fd:b5:f5:74:10:71:63:97:3b:8d:59:09:c0:e5:88:03:60: 25:c7:a0:0d:be:e0:db:27:ad:1e:1a:c8:5c:24:c8:c6:a0:d3: 5e:04:0d:6a:86:bd:b5:c3:9d:53:b3:61:74:75:80:76:d8:a9: 5c:2f:52:86:ab:52:3c:09:a6:9d:09:ea:3c:d6:7b:06:90:ad: f7:61:ff:a1:e0:cd:ec:01:1b:4f:8b:58:f9:43:15:ab:e0:d3: 9a:0a:26:3f:68:f1:22:1c:dc:64:1d:08:91:1c:2d:12:53:53: 17:5d:62:6b:80:69:50:0e:15:ae:ff:53:8a:cd:2b:15:e4:f4: e2:b2:ab:7e:82:dc:a0:4a:50:14:58:0f:52:64:55:49:2a:3b: 20:f3:e5:7d:06:18:c2:ca:71:de:8e:ac:d1:e1:d1:dd:cf:9a: 34:ed:b7:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTdGREIxMTAvBgNVBAUTKEUwMDI1QkY5MzJFNzE2RTFBMUY4QUY5MDEwMjExQzQx MTA4NEZDOUQwHhcNMjQxMTIyMjMwNzQ3WhcNMjQxMTI5MjMwNzQ3WjAYMRYwFAYD VQQDEw02NzQxMGVjMy1jZDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr6rXe7ZZzCxBXmxAOOrpLPywLdtF5GYaxvN1xWzRVvYb1peKkP4o4pCuIpBP 03xyv+4a+Ms4s5yyDdRhRFvGFWeCY85u7uzVGjWuDVNleuouJNbGBvXNIpIMw8T9 Vo5UdI2yXkx3XtdmqYwAjCah2YCznvH4XINp7eqF5CLZppx6+ERas0osLuTDHqCz BK2iZrWHJx5CxMQGgCamJ7doLU30VmCQUmpjqKk6/VvYRegKD2bBIjzjeNDdG8Ef wCU9Nt+nuUggPTdjBbVUxu39B5fqgHUztcXaZrmnHfz4LbX3m7N+J38lXcg0Zk8w Jo0nHXoeeStaZ9PO+t927/8rvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDg+IoqZ dvmSA2drq8gTNxv/mnp9MB8GA1UdIwQYMBaAFOACW/ky5xbhofivkBAhHEEQhPyd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5N0ZEQi82NTdFNDA3NERB MzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1R2gtSy1RRUNFY1FSQ0Vf SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRBSmItVExuRnVHaC1LLVFFQ0VjUVJDRV9KMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 N0ZEQi82NTdFNDA3NERBMzYxMUVCODRFNkEzNDlDNEY5QUUwMi80QUpiLVRMbkZ1 R2gtSy1RRUNFY1FSQ0VfSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/H0HWHhsK4RU5q4MTmsvwsnP3Q+iMG8ciNb2Y7r2iwNzfGxkz1u4T PKbaZMyg2pjviB0KT/Rl3WKFBNt90lecJPmKwLcvUW50Ce1BYCfdqAJUDi+QsjKA Q/B2/bX1dBBxY5c7jVkJwOWIA2Alx6ANvuDbJ60eGshcJMjGoNNeBA1qhr21w51T s2F0dYB22KlcL1KGq1I8CaadCeo81nsGkK33Yf+h4M3sARtPi1j5QxWr4NOaCiY/ aPEiHNxkHQiRHC0SU1MXXWJrgGlQDhWu/1OKzSsV5PTisqt+gtygSlAUWA9SZFVJ Kjsg8+V9BhjCynHejqzR4dHdz5o07bdV -----END CERTIFICATE-----Generated at Sat Nov 23 00:49:36 2024 by rpki-client on console-fra.rpki-client.org