$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: 2s24qLWUnR23wTJGndlEUgURc6BpgcsK8YMu6vjbAy4= Subject key identifier: A3:6B:13:94:AE:00:8B:D8:C5:30:B2:71:FD:49:A7:0E:49:20:23:B7 Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 03E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 03E2 Signing time: Sat 23 Nov 2024 00:08:23 +0000 Manifest this update: Sat 23 Nov 2024 00:08:22 +0000 Manifest next update: Sat 30 Nov 2024 00:08:22 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: pkPUsoDNMrN3BH9zua1qtnKCMoZX7QgrhyBwq+KK/tU=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: rtjJ+8YJHm8TD9MmHexSEIl8L6PhSApOF2kwezSiIRs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 999 (0x3e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Nov 23 00:08:22 2024 GMT Not After : Nov 30 00:08:22 2024 GMT Subject: CN=67411cf6-752d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f4:95:39:80:11:a4:08:46:65:f4:6d:6c:3a: 0e:df:33:38:31:2d:84:c6:99:f3:20:3c:82:c1:51: da:8b:72:a8:2a:60:dd:0f:01:c0:59:1f:d9:e0:b5: 52:75:b4:54:19:e8:5d:7b:44:39:f6:df:af:06:2a: d6:c7:b5:d7:a4:95:1c:40:c2:75:d2:30:ee:f4:22: e0:4d:05:bc:11:97:ab:a2:8d:c6:dd:b6:68:5f:73: 35:0f:81:15:97:4b:8d:3c:6e:87:2f:3e:5c:5e:7e: d7:4d:31:ec:e5:39:07:4a:e8:8d:56:03:e9:7e:3c: 4f:10:27:0a:bd:cf:0f:98:cd:e4:ad:41:72:e8:cd: 96:26:c9:08:df:bf:12:cf:10:83:6c:76:9a:a6:27: 22:83:e0:ce:be:36:b6:b5:35:a5:45:0f:2a:b1:21: 04:09:5f:0e:9b:eb:f4:b2:8d:78:7e:37:5b:d7:2c: 22:93:a7:99:6b:74:1d:ac:02:68:20:1a:a0:1e:2b: c9:f0:6b:fa:7d:80:c2:1b:a1:8a:1e:d4:9f:7f:03: 9e:80:3d:58:41:cb:2d:9b:1c:97:c4:14:26:ab:f0: 78:14:f4:af:b3:b4:f0:b3:8a:b7:10:d5:10:88:03: e8:60:82:5b:2a:27:4f:58:84:7e:0d:ff:9c:4b:f3: 27:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6B:13:94:AE:00:8B:D8:C5:30:B2:71:FD:49:A7:0E:49:20:23:B7 X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:b6:fd:45:0c:4f:49:7e:89:29:a5:1a:65:36:3a:6a:69:c7: 12:20:f4:9a:6b:4d:c2:17:3e:5a:c9:2e:07:e5:34:68:7d:ff: 0b:97:bc:e2:2f:25:05:ab:5f:a5:c7:a6:38:07:da:c4:12:e9: f0:09:fc:25:54:c5:14:25:44:07:e5:b2:57:6e:b3:6b:dc:79: ce:56:3a:e2:8f:db:e4:80:9f:37:77:6b:9e:af:03:ce:01:3a: ae:f4:a6:5a:03:34:94:94:56:e9:e2:b9:29:3a:d4:32:b2:34: 27:7a:b5:6f:02:5e:31:b3:d0:c9:98:41:ee:f9:92:81:e0:0c: 9f:28:ad:1f:3e:4a:61:70:3c:c1:75:fc:5f:de:f9:aa:8f:80: bf:eb:19:5c:f4:39:71:e3:22:d1:8f:a8:d0:3f:e4:69:e1:11: 6c:f3:38:fc:a5:21:d5:04:a6:32:90:b9:fa:a9:4c:f1:c7:d3: 5f:21:61:01:7b:4d:7b:6b:56:b4:94:a7:c4:bd:b6:9d:f5:e3: 36:bc:2a:4d:60:dd:a3:72:0f:01:a1:6c:01:f9:c8:fc:97:46: 01:a2:31:74:16:de:65:5d:a0:c3:00:6e:68:b6:fc:d4:3e:eb: 26:db:29:b9:b4:04:34:fa:55:ea:9f:c7:ba:72:3d:99:f3:97: 65:24:39:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjQxMTIzMDAwODIyWhcNMjQxMTMwMDAwODIyWjAYMRYwFAYD VQQDEw02NzQxMWNmNi03NTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/SVOYARpAhGZfRtbDoO3zM4MS2ExpnzIDyCwVHai3KoKmDdDwHAWR/Z4LVS dbRUGehde0Q59t+vBirWx7XXpJUcQMJ10jDu9CLgTQW8EZeroo3G3bZoX3M1D4EV l0uNPG6HLz5cXn7XTTHs5TkHSuiNVgPpfjxPECcKvc8PmM3krUFy6M2WJskI378S zxCDbHaapicig+DOvja2tTWlRQ8qsSEECV8Om+v0so14fjdb1ywik6eZa3QdrAJo IBqgHivJ8Gv6fYDCG6GKHtSffwOegD1YQcstmxyXxBQmq/B4FPSvs7Tws4q3ENUQ iAPoYIJbKidPWIR+Df+cS/MnBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKNrE5Su AIvYxTCycf1Jpw5JICO3MB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYtv1FDE9JfokppRplNjpqaccSIPSaa03CFz5ayS4H5TRoff8Ll7zi LyUFq1+lx6Y4B9rEEunwCfwlVMUUJUQH5bJXbrNr3HnOVjrij9vkgJ83d2uerwPO ATqu9KZaAzSUlFbp4rkpOtQysjQnerVvAl4xs9DJmEHu+ZKB4AyfKK0fPkphcDzB dfxf3vmqj4C/6xlc9Dlx4yLRj6jQP+Rp4RFs8zj8pSHVBKYykLn6qUzxx9NfIWEB e017a1a0lKfEvbad9eM2vCpNYN2jcg8BoWwB+cj8l0YBojF0Ft5lXaDDAG5otvzU Pusm2ym5tAQ0+lXqn8e6cj2Z85dlJDng -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:27 2024 by rpki-client on console-ams.rpki-client.org