$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft File: 5CHll4Srb9cADNFZcQHsNg3ZQGY.mft (raw, json) Hash identifier: BaRlkXriERwGglqydqWko9DzEMpiOvLI60CAGOpFcMA= Subject key identifier: 38:05:D1:74:A3:49:85:60:42:2B:33:0C:83:6A:12:3F:B2:47:41:79 Authority key identifier: E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66 Certificate issuer: /CN=A91A1E1C/serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft Manifest number: 13 Signing time: Thu 21 Nov 2024 06:08:11 +0000 Manifest this update: Thu 21 Nov 2024 06:08:10 +0000 Manifest next update: Thu 28 Nov 2024 06:08:10 +0000 Files and hashes: 1: 5CHll4Srb9cADNFZcQHsNg3ZQGY.crl (hash: 5U8ydJGmYVTNq6kjFMjYJYN+fQP8bmATgeN2CsrcKaQ=) 2: 5BC18D6C9A6C11EF8C656668C4F9AE02.roa (hash: 1ljn9MSckdlGvWQ7HkpY2v8ly/0oxPt9z/n6V7MEeDM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.crl rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1E1C/serialNumber=E421E59784AB6FD7000CD1597101EC360DD94066 Validity Not Before: Nov 21 06:08:10 2024 GMT Not After : Nov 28 06:08:10 2024 GMT Subject: CN=673ece4b-e25c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:26:0f:c2:8d:61:7d:28:f4:2a:ff:c4:41:cd: 7a:5f:67:90:c6:9e:22:41:14:64:8c:c4:fe:1f:bb: 04:bc:ca:21:e9:61:e4:70:0c:14:1e:1d:8f:d2:fe: ac:6b:fb:1d:4e:03:63:80:b5:55:76:4b:ae:df:8c: fd:f9:8d:ac:d5:1b:11:6e:42:1b:1d:ec:8b:27:31: b3:a3:25:a3:80:c4:56:74:a9:65:e1:a6:7c:35:4f: 0a:11:d0:ff:0b:a1:1f:8a:3d:6f:33:51:4c:8c:f9: b0:14:bc:2a:c8:cd:25:7e:bd:d8:8f:bf:4a:57:65: 32:0a:45:f5:91:6d:bb:ee:a5:98:c0:57:0a:e2:8a: 09:22:19:be:46:99:37:15:7b:1c:bc:b3:b8:dd:54: b8:ba:79:80:28:9d:a3:25:d2:27:47:dc:55:bc:5c: 10:22:40:99:c0:cf:47:62:62:54:5a:08:4c:e1:a0: cd:30:81:b2:70:89:7a:bb:2b:1b:47:88:2e:93:59: f4:54:9f:43:1c:b5:c6:df:a2:83:e7:49:85:56:a9: 11:bc:26:56:20:cd:df:81:f4:fd:18:80:1b:55:b1: 31:39:4a:0c:74:ac:e6:29:dc:0a:e2:57:fb:3d:77: 6b:85:9f:de:91:39:4f:c4:de:62:7c:a2:1e:35:a6: e0:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:05:D1:74:A3:49:85:60:42:2B:33:0C:83:6A:12:3F:B2:47:41:79 X509v3 Authority Key Identifier: keyid:E4:21:E5:97:84:AB:6F:D7:00:0C:D1:59:71:01:EC:36:0D:D9:40:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CHll4Srb9cADNFZcQHsNg3ZQGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1E1C/25222D80920011EF9E0C3D6BC4F9AE02/5CHll4Srb9cADNFZcQHsNg3ZQGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:e4:41:39:d3:f2:28:e9:95:9d:a3:55:07:de:24:8d:50:b2: cb:05:75:cc:28:76:43:08:4c:5e:69:7a:27:dc:30:f9:6b:69: 59:ec:4c:18:d7:b4:34:61:98:94:8d:c1:f6:fa:0a:9d:22:22: 33:c5:6c:aa:2e:db:94:f4:e3:c9:5b:1f:f7:c9:28:e8:34:0b: cc:8f:30:a4:4c:ed:1e:35:9a:00:c5:8c:6b:98:c6:d2:14:36: 64:40:ab:f5:7b:8c:5d:dd:ea:2f:25:cc:8a:94:75:40:fb:d9: d8:3c:8b:cb:34:9c:d7:ac:60:28:bd:01:3b:3a:b5:93:9b:43: bb:a7:5e:1f:e5:3f:bc:15:3b:28:30:6c:e5:84:5d:c0:ca:4b: 6c:ec:83:f2:f6:58:26:a0:a6:96:55:68:96:d9:39:12:6d:89: b8:c1:00:6d:ee:92:d1:d8:c8:35:8f:23:93:67:2c:44:1a:41: ae:46:47:36:11:2a:db:25:fc:30:98:d5:f1:1a:28:b2:1f:3b: 8c:6c:55:ec:9b:7e:39:13:f6:32:14:6d:ef:2f:23:70:6d:79: a4:b5:e5:36:fe:32:8a:29:b7:63:db:37:d5:d0:f2:74:c0:06: 70:f7:51:a8:19:ff:00:91:df:e4:bc:09:61:6a:c5:84:8d:cb: 62:64:41:f8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MUUxQzExMC8GA1UEBRMoRTQyMUU1OTc4NEFCNkZENzAwMENEMTU5NzEwMUVDMzYw REQ5NDA2NjAeFw0yNDExMjEwNjA4MTBaFw0yNDExMjgwNjA4MTBaMBgxFjAUBgNV BAMTDTY3M2VjZTRiLWUyNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnJg/CjWF9KPQq/8RBzXpfZ5DGniJBFGSMxP4fuwS8yiHpYeRwDBQeHY/S/qxr +x1OA2OAtVV2S67fjP35jazVGxFuQhsd7IsnMbOjJaOAxFZ0qWXhpnw1TwoR0P8L oR+KPW8zUUyM+bAUvCrIzSV+vdiPv0pXZTIKRfWRbbvupZjAVwriigkiGb5GmTcV exy8s7jdVLi6eYAonaMl0idH3FW8XBAiQJnAz0diYlRaCEzhoM0wgbJwiXq7KxtH iC6TWfRUn0MctcbfooPnSYVWqRG8JlYgzd+B9P0YgBtVsTE5Sgx0rOYp3AriV/s9 d2uFn96ROU/E3mJ8oh41puBnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOAXRdKNJ hWBCKzMMg2oSP7JHQXkwHwYDVR0jBBgwFoAU5CHll4Srb9cADNFZcQHsNg3ZQGYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExRTFDLzI1MjIyRDgwOTIw MDExRUY5RTBDM0Q2QkM0RjlBRTAyLzVDSGxsNFNyYjljQURORlpjUUhzTmczWlFH WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNUNIbGw0U3JiOWNBRE5GWmNRSHNOZzNaUUdZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEx RTFDLzI1MjIyRDgwOTIwMDExRUY5RTBDM0Q2QkM0RjlBRTAyLzVDSGxsNFNyYjlj QURORlpjUUhzTmczWlFHWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEDkQTnT8ijplZ2jVQfeJI1QsssFdcwodkMITF5peifcMPlraVnsTBjX tDRhmJSNwfb6Cp0iIjPFbKou25T048lbH/fJKOg0C8yPMKRM7R41mgDFjGuYxtIU NmRAq/V7jF3d6i8lzIqUdUD72dg8i8s0nNesYCi9ATs6tZObQ7unXh/lP7wVOygw bOWEXcDKS2zsg/L2WCagppZVaJbZORJtibjBAG3uktHYyDWPI5NnLEQaQa5GRzYR Ktsl/DCY1fEaKLIfO4xsVeybfjkT9jIUbe8vI3BteaS15Tb+Moopt2PbN9XQ8nTA BnD3UagZ/wCR3+S8CWFqxYSNy2JkQfg= -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:37 2024 by rpki-client on console-ams.rpki-client.org