$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: MTp+L+GWz84Ms4SAm6BeHkL3bjUZRVI4Tl0ydU2VquE= Subject key identifier: 62:41:13:C3:2B:0C:9B:80:67:58:63:F3:47:D0:70:06:BB:95:21:A3 Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: 11 Signing time: Wed 23 Oct 2024 06:42:00 +0000 Manifest this update: Wed 23 Oct 2024 06:41:59 +0000 Manifest next update: Wed 30 Oct 2024 06:41:59 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: NJ3ghc6tgC1LE+gLf2+R9AcdOqmD/gh0MF1MycPQKqg=) 2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: Y94sd9E5GlcMt+lxymyuqjd3AEApdFlcMVQYEZaGYA0=) 3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: jUEy/iUbesTw/bKzIqKbuM3aQtOsfpKNSiK5hvDoL0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Oct 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Oct 23 06:41:59 2024 GMT Not After : Oct 30 06:41:59 2024 GMT Subject: CN=67189ab7-d481 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0c:6a:79:5c:b6:9a:9e:3c:de:d1:f3:39:42: 81:ba:97:d2:2a:29:f4:6b:b8:02:cf:44:e3:87:f4: 6f:89:3a:9c:a6:85:63:c0:0b:f1:e6:f7:32:bd:18: 3b:4e:ca:9f:47:af:e8:9b:1a:ff:84:7d:10:14:cf: 38:c6:ee:4a:de:ff:fd:5d:fd:7b:17:30:93:6c:aa: d7:77:cc:c6:39:ba:5c:50:43:4d:11:65:b0:50:f1: ec:f9:d7:e8:26:f7:ec:e0:5b:64:52:41:7c:5c:9e: 6f:dd:1a:88:2c:31:04:70:8b:76:b9:1f:ba:0c:f1: 5f:c9:4a:26:0b:7c:36:83:78:28:fc:85:6a:3c:a2: 48:7e:57:15:80:18:b8:b3:85:94:cb:79:9c:6b:57: 2f:a4:38:f0:c0:f3:fc:04:99:5b:c4:d7:ad:ec:fe: 96:e3:6c:45:45:a6:ca:83:d2:b0:7e:4b:7e:17:62: c3:ca:31:ed:8b:f3:a6:4e:33:ce:8f:e1:a9:9b:b3: e1:54:b9:93:40:b8:44:7a:a9:59:ce:08:f6:27:cd: 16:2a:80:33:c6:60:43:b9:fe:41:89:22:71:15:5b: 74:d8:2d:08:46:ee:f1:1c:79:9a:c8:36:1a:81:05: f9:9b:7d:82:66:14:56:60:e2:a5:d7:62:5b:78:8a: 63:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:41:13:C3:2B:0C:9B:80:67:58:63:F3:47:D0:70:06:BB:95:21:A3 X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:c7:05:1b:25:8c:d6:43:76:ae:0b:b7:f1:d5:99:50:39:65: ac:fb:64:6f:e3:a6:2e:66:6e:43:01:65:b0:98:51:65:07:af: 25:03:09:44:ad:27:87:5b:a1:6c:7b:4a:51:45:41:6f:5a:63: c7:e7:18:56:c2:c2:2a:fb:b6:c9:89:69:b8:9a:1e:16:1f:65: e1:2f:8f:be:f6:f2:7c:a9:c2:aa:e8:aa:45:f1:39:ad:27:93: 46:e7:f8:e7:fd:b3:dc:17:74:9b:69:38:cb:91:88:45:ac:96: 9b:ca:9a:b6:fc:38:1d:a2:29:5d:34:51:81:d2:c3:de:51:85: 5e:43:64:74:db:a0:75:87:10:e1:42:75:61:a0:00:d9:4f:75: 0c:ba:48:f7:5a:b2:4e:e8:97:a2:d3:c2:93:7c:db:19:08:7d: 1e:49:f3:6c:2c:8b:5f:2a:e4:66:d3:b5:29:e3:ea:c9:ec:11: 85:d5:76:05:cc:bb:31:23:0f:d9:db:96:32:5b:fc:2b:f8:0f: 21:7b:f0:a4:ad:6a:06:4a:0f:54:22:23:1d:48:a2:bc:78:26: e2:df:a1:5c:30:f3:74:a6:e6:e4:e2:da:ad:36:64:28:9e:64: c3:8c:28:a0:94:0d:00:6c:24:cd:73:26:86:6c:0f:44:d8:a5: 76:3d:3c:95 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MUU1NTExMC8GA1UEBRMoREQ3QzhEMEY0NzhGOUJFNkFCRjczOUMwNEY1QjVCRTRE QzlGNjFGODAeFw0yNDEwMjMwNjQxNTlaFw0yNDEwMzAwNjQxNTlaMBgxFjAUBgNV BAMTDTY3MTg5YWI3LWQ0ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDKDGp5XLaanjze0fM5QoG6l9IqKfRruALPROOH9G+JOpymhWPAC/Hm9zK9GDtO yp9Hr+ibGv+EfRAUzzjG7kre//1d/XsXMJNsqtd3zMY5ulxQQ00RZbBQ8ez51+gm 9+zgW2RSQXxcnm/dGogsMQRwi3a5H7oM8V/JSiYLfDaDeCj8hWo8okh+VxWAGLiz hZTLeZxrVy+kOPDA8/wEmVvE163s/pbjbEVFpsqD0rB+S34XYsPKMe2L86ZOM86P 4ambs+FUuZNAuER6qVnOCPYnzRYqgDPGYEO5/kGJInEVW3TYLQhG7vEceZrINhqB BfmbfYJmFFZg4qXXYlt4imNVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYkETwysM m4BnWGPzR9BwBruVIaMwHwYDVR0jBBgwFoAU3XyND0ePm+ar9znAT1tb5NyfYfgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxRTU1LzRDMDk4NjJFNzhG QTExRUZBNDRGRTU4NkM0RjlBRTAyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55Zllm Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM1h5TkQwZVBtLWFyOXpuQVQxdGI1TnlmWWZnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIx RTU1LzRDMDk4NjJFNzhGQTExRUZBNDRGRTU4NkM0RjlBRTAyLzNYeU5EMGVQbS1h cjl6bkFUMXRiNU55ZllmZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJvHBRsljNZDdq4Lt/HVmVA5Zaz7ZG/jpi5mbkMBZbCYUWUHryUDCUSt J4dboWx7SlFFQW9aY8fnGFbCwir7tsmJabiaHhYfZeEvj7728nypwqroqkXxOa0n k0bn+Of9s9wXdJtpOMuRiEWslpvKmrb8OB2iKV00UYHSw95RhV5DZHTboHWHEOFC dWGgANlPdQy6SPdask7ol6LTwpN82xkIfR5J82wsi18q5GbTtSnj6snsEYXVdgXM uzEjD9nbljJb/Cv4DyF78KStagZKD1QiIx1Iorx4JuLfoVww83Sm5uTi2q02ZCie ZMOMKKCUDQBsJM1zJoZsD0TYpXY9PJU= -----END CERTIFICATE-----Generated at Wed Oct 23 07:33:24 2024 by rpki-client on console-fra.rpki-client.org