$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: rF3KiKL9koNZV0+GfZ1uKE/IuyrxNSgy5HHfUV1l0hE= Subject key identifier: 20:CD:66:66:FB:CC:DF:1F:4F:F3:2E:EA:11:22:13:A0:FD:65:B7:6D Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 077E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 074A Signing time: Fri 22 Nov 2024 21:18:40 +0000 Manifest this update: Fri 22 Nov 2024 21:18:39 +0000 Manifest next update: Fri 29 Nov 2024 21:18:39 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: VmmqCUvqPpAyN2gjQoq2MF8ZMdflwLce2tnV0U5oPxc=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: Z0HHcyxz7rmGLBYwcIWDSL9D03AdZbtYiS469aOTikg=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: AOyufc93Chw9bEWHvFa0LDI+LOdW3FqSZFo43ILQvd0=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: S+zmz0lzc9XhqMVgirIgdwAZVw1zr2aY+glnbB9byB4=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: ftDRlCPQKF+Ib5B7VJZrq540hqlVUdTm8Q2C4Ih+cM8=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HxA8u7nmZWUr6BPYIZAwMw8J3pQQtwxfZZvWeTi7tWI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: YABaqUWE/JPdcjinbFv0PWoHHYymCq6aO+ylU5Xzjo0=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: XhE6x9E/aZ957HcPZHgLlj7Fv56GEXE7hy1IWMNgX6M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1918 (0x77e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Nov 22 21:18:39 2024 GMT Not After : Nov 29 21:18:39 2024 GMT Subject: CN=6740f530-9a62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1b:89:90:4d:ed:46:b1:e4:07:02:80:57:01: fa:9f:6f:c2:c6:69:5e:41:a3:f7:66:a5:78:a8:26: 2e:91:fb:f5:57:7c:6a:d6:58:1d:4b:40:3e:c0:ec: 50:79:a4:89:62:be:d5:8e:c3:63:d3:8b:6e:29:82: d8:44:eb:45:23:d0:b0:1c:32:c0:71:b2:55:06:9c: f2:3e:4c:2e:8e:2c:31:c2:c7:d4:87:80:75:7a:da: c3:82:f6:12:36:5c:a3:66:b7:a0:23:6e:5d:42:2e: 16:61:28:6b:60:42:54:5c:44:3a:5c:e8:3e:68:dc: 57:55:1d:08:79:60:49:c6:9f:a5:22:ad:bb:d7:2f: c4:2f:87:5a:74:cc:da:84:b0:8a:93:a4:f1:f6:bc: e1:73:af:8e:d8:9d:e9:12:40:e8:09:51:c7:0c:22: 32:98:d7:4a:86:d2:7a:af:c4:ba:e0:f7:96:8e:c7: 82:09:54:73:00:33:72:ca:dc:70:ab:4a:47:ca:09: 38:68:58:fd:2a:90:29:59:75:7d:dd:78:6c:a0:2c: 8d:b8:33:73:c8:1a:23:24:13:c5:05:c8:07:1e:75: 64:6a:b2:b5:53:5a:4c:71:ce:b2:f7:5d:1d:4f:0f: 6b:0b:c8:31:b3:0d:ca:fa:75:cd:ae:85:cc:df:83: 91:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:CD:66:66:FB:CC:DF:1F:4F:F3:2E:EA:11:22:13:A0:FD:65:B7:6D X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:92:09:a4:92:90:a1:5e:3c:f4:86:09:3a:4e:8e:9b:b6:73: c2:f0:3a:d3:da:48:70:d6:53:67:85:c6:12:ed:76:41:dd:58: a1:5c:fc:5b:75:ec:2a:53:99:3f:71:71:0a:5e:1b:09:b7:15: 4f:29:e1:2f:de:b7:4a:ae:55:a5:f5:eb:e4:93:7d:3a:92:8b: bb:fb:31:97:03:22:1b:24:c6:2f:22:8f:ba:f4:bd:dd:0b:e8: 1d:d2:b8:40:e9:6c:fc:ac:de:1b:1b:6c:5c:c3:9e:d9:36:ba: 8e:f9:8d:f7:b6:a7:d8:bb:2f:14:00:e7:19:3d:b9:57:61:24: ee:62:59:b1:05:bc:c2:ab:23:b6:80:6d:f2:2e:32:5a:89:13: 26:4f:56:ac:67:85:a2:7d:e3:3c:8f:f4:0c:24:f1:c2:c7:3e: 9f:4e:06:8c:05:88:85:17:cd:ca:96:ed:ef:f0:f1:42:95:cb: 22:fd:f7:49:23:e1:a8:24:29:6b:95:f7:a2:c1:82:38:63:e5: 66:c9:30:c9:f5:54:49:fb:70:1d:bc:b9:7e:f0:e2:c2:12:5d: cc:49:5c:a1:07:97:bf:cb:16:91:9d:14:e8:a8:bf:3b:85:21: a5:a4:9f:92:2a:3d:73:03:75:54:85:88:be:51:3c:db:64:04: 4d:b7:c3:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjQxMTIyMjExODM5WhcNMjQxMTI5MjExODM5WjAYMRYwFAYD VQQDEw02NzQwZjUzMC05YTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArxuJkE3tRrHkBwKAVwH6n2/CxmleQaP3ZqV4qCYukfv1V3xq1lgdS0A+wOxQ eaSJYr7VjsNj04tuKYLYROtFI9CwHDLAcbJVBpzyPkwujiwxwsfUh4B1etrDgvYS NlyjZregI25dQi4WYShrYEJUXEQ6XOg+aNxXVR0IeWBJxp+lIq271y/EL4dadMza hLCKk6Tx9rzhc6+O2J3pEkDoCVHHDCIymNdKhtJ6r8S64PeWjseCCVRzADNyytxw q0pHygk4aFj9KpApWXV93XhsoCyNuDNzyBojJBPFBcgHHnVkarK1U1pMcc6y910d Tw9rC8gxsw3K+nXNroXM34OR+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDNZmb7 zN8fT/Mu6hEiE6D9ZbdtMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGkgmkkpChXjz0hgk6To6btnPC8DrT2khw1lNnhcYS7XZB3VihXPxb dewqU5k/cXEKXhsJtxVPKeEv3rdKrlWl9evkk306kou7+zGXAyIbJMYvIo+69L3d C+gd0rhA6Wz8rN4bG2xcw57ZNrqO+Y33tqfYuy8UAOcZPblXYSTuYlmxBbzCqyO2 gG3yLjJaiRMmT1asZ4WifeM8j/QMJPHCxz6fTgaMBYiFF83Klu3v8PFClcsi/fdJ I+GoJClrlfeiwYI4Y+VmyTDJ9VRJ+3AdvLl+8OLCEl3MSVyhB5e/yxaRnRToqL87 hSGlpJ+SKj1zA3VUhYi+UTzbZARNt8Ow -----END CERTIFICATE-----Generated at Fri Nov 22 22:24:11 2024 by rpki-client on console-fra.rpki-client.org