$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft File: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json) Hash identifier: uiYjH1ulAyaCZpH/tM2yiZ8Ernb+O7cAOirwBeiBPk4= Subject key identifier: FD:0A:C7:02:86:07:C1:D4:13:8A:6C:D9:CC:8F:E0:7B:5E:1E:6B:C1 Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 Certificate issuer: /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Certificate serial: 0995 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft Manifest number: 098A Signing time: Fri 22 Nov 2024 19:50:35 +0000 Manifest this update: Fri 22 Nov 2024 19:50:34 +0000 Manifest next update: Fri 29 Nov 2024 19:50:34 +0000 Files and hashes: 1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: zs5YYqtLJ/xjD+0+KkcXx+m0c6GG1UAZZ+gy8Q7n2i8=) 2: 5B5A8050DDBC11EC8378E737C4F9AE02.roa (hash: kuaeWW5XDtEss8OMi7KAX48faILNgvVIFP8CkKJ2iU4=) 3: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: +hSvjMhozV6jQZDqNkt9a1+7X0UawZcr6mRFLa7AaGc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:50:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2453 (0x995) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1 Validity Not Before: Nov 22 19:50:34 2024 GMT Not After : Nov 29 19:50:34 2024 GMT Subject: CN=6740e08b-3fdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:14:d5:4b:b4:03:a1:9d:9b:ac:b1:0e:d9:6e: 5c:9f:2a:9f:ce:89:2c:1f:64:43:51:51:2e:19:c7: 31:63:ad:56:f1:f9:47:29:60:d7:f0:24:8e:24:f6: ab:d9:4e:65:8c:17:f9:6c:90:11:77:31:66:db:33: 71:e4:99:20:9d:98:4b:3a:fe:b8:84:30:95:86:da: 29:f5:e5:fb:5b:49:d3:e0:e6:77:c5:e9:9d:94:86: 2c:9a:d6:7b:ba:0a:95:79:64:93:93:cb:87:3c:8a: 49:42:6e:79:93:67:8b:98:ea:d6:a2:ed:3d:5c:36: ad:28:b0:45:0b:ad:e9:f3:56:a6:fe:d0:03:b6:c8: 9f:f9:10:9b:fc:93:17:15:2b:9e:7d:d4:e6:cd:c6: 76:c2:5f:35:be:21:d2:80:c7:80:9f:5c:38:84:1e: 7c:19:26:19:8d:36:f9:bc:56:a7:38:bf:3d:eb:0a: fc:39:f1:e7:f1:c9:3e:40:18:23:ad:f4:94:52:b0: 61:87:1a:c6:dd:7a:81:4f:58:85:59:af:0b:b2:4d: db:c8:67:e9:94:89:43:cf:a9:b1:81:18:d3:ce:a8: d1:bc:02:2b:91:fc:07:7e:8a:72:51:53:36:08:89: 5c:41:e5:bd:86:2f:63:40:aa:73:dd:7b:1b:f0:ce: c0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:0A:C7:02:86:07:C1:D4:13:8A:6C:D9:CC:8F:E0:7B:5E:1E:6B:C1 X509v3 Authority Key Identifier: keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:6e:67:bb:36:26:0d:3a:aa:dc:c9:ff:e1:e4:38:fd:26:c9: 28:78:90:97:bb:56:fc:c5:a9:f9:8f:76:d6:2b:82:c4:eb:bb: 27:f4:a3:82:41:55:cf:c4:c8:5e:19:00:db:f8:f2:b7:e6:e0: 84:e9:ad:95:95:df:ed:67:b7:c4:1b:0a:c1:6b:d4:32:01:f8: 6e:c4:1f:7e:ca:f6:3f:4e:0e:c4:4f:9f:fa:ca:61:81:5a:51: 11:19:5d:39:2d:e1:d4:6d:af:0d:25:c0:c9:01:f0:ef:66:4e: 89:c9:41:45:28:de:53:b7:07:99:7f:5e:c0:40:fe:da:fb:95: a9:88:95:6b:5c:10:d5:3c:be:fb:4f:1b:00:6d:08:a2:04:d6: 0e:45:c8:34:03:76:d7:14:64:fc:35:21:fe:bc:aa:4e:5c:af: 02:73:c0:64:6b:70:25:b8:90:6f:2c:ac:c2:98:1a:2d:ae:49: 5b:50:6c:bd:8e:cf:22:51:0d:b6:12:80:13:be:f6:06:70:89: 27:ac:8e:fa:a5:f2:1d:1e:e4:20:75:06:ee:98:c4:d7:05:2b: 68:3b:ad:d2:49:a4:e7:c3:fd:c1:e3:5c:60:c5:2a:1b:ac:45: a0:05:fe:5c:b0:b7:f4:b6:09:12:a5:20:dd:62:e1:91:cd:f2: 76:ac:f1:58 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG NTE2NzlBRjEwHhcNMjQxMTIyMTk1MDM0WhcNMjQxMTI5MTk1MDM0WjAYMRYwFAYD VQQDEw02NzQwZTA4Yi0zZmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyhTVS7QDoZ2brLEO2W5cnyqfzoksH2RDUVEuGccxY61W8flHKWDX8CSOJPar 2U5ljBf5bJARdzFm2zNx5JkgnZhLOv64hDCVhtop9eX7W0nT4OZ3xemdlIYsmtZ7 ugqVeWSTk8uHPIpJQm55k2eLmOrWou09XDatKLBFC63p81am/tADtsif+RCb/JMX FSuefdTmzcZ2wl81viHSgMeAn1w4hB58GSYZjTb5vFanOL896wr8OfHn8ck+QBgj rfSUUrBhhxrG3XqBT1iFWa8Lsk3byGfplIlDz6mxgRjTzqjRvAIrkfwHfopyUVM2 CIlcQeW9hi9jQKpz3Xsb8M7AmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP0KxwKG B8HUE4ps2cyP4HteHmvBMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK aTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7bme7NiYNOqrcyf/h5Dj9JskoeJCXu1b8xan5j3bWK4LE67sn9KOC QVXPxMheGQDb+PK35uCE6a2Vld/tZ7fEGwrBa9QyAfhuxB9+yvY/Tg7ET5/6ymGB WlERGV05LeHUba8NJcDJAfDvZk6JyUFFKN5TtweZf17AQP7a+5WpiJVrXBDVPL77 TxsAbQiiBNYORcg0A3bXFGT8NSH+vKpOXK8Cc8Bka3AluJBvLKzCmBotrklbUGy9 js8iUQ22EoATvvYGcIknrI76pfIdHuQgdQbumMTXBStoO63SSaTnw/3B41xgxSob rEWgBf5csLf0tgkSpSDdYuGRzfJ2rPFY -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:31 2024 by rpki-client on console-fra.rpki-client.org