$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: DV0BDmL8m13TixrbWaaL7+cascvaF8p50WUDpz+vN1c= Subject key identifier: D6:95:60:CA:B7:DB:3E:4E:16:4B:9D:2E:2F:8A:3E:3E:60:ED:77:9E Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: 20 Signing time: Thu 21 Nov 2024 05:53:42 +0000 Manifest this update: Thu 21 Nov 2024 05:53:41 +0000 Manifest next update: Thu 28 Nov 2024 05:53:41 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: gOUaM47ws4r1hGaxPxLCs5zQOORTJxwirAqqTg+BLjg=) 2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: Y94sd9E5GlcMt+lxymyuqjd3AEApdFlcMVQYEZaGYA0=) 3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: jUEy/iUbesTw/bKzIqKbuM3aQtOsfpKNSiK5hvDoL0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Nov 21 05:53:41 2024 GMT Not After : Nov 28 05:53:41 2024 GMT Subject: CN=673ecae6-02c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:2a:7e:99:f1:18:9b:0d:9b:4d:e9:d3:59:4a: 9c:0b:c5:81:db:f5:d2:65:d3:4c:e5:c4:cd:3e:3e: 5e:2e:c8:64:ef:bc:47:10:04:7b:82:81:e8:49:2a: c7:45:40:b4:0c:64:9b:2f:11:0f:fd:0f:85:f3:7e: 6a:d9:92:63:cb:1b:54:7e:05:6e:43:d3:7a:1e:6c: de:71:2b:50:25:94:8e:84:4d:61:c1:59:82:1a:36: 63:2c:dd:da:3a:cb:b5:b1:d8:fc:f2:ff:e4:c8:7f: 1c:d1:d5:35:be:e5:cb:f4:11:1d:cc:05:de:45:22: b9:2c:f0:8f:c2:29:46:ba:00:54:af:87:61:e0:39: 46:26:4d:7a:24:7a:8b:3d:7d:04:25:1f:59:3b:55: d3:c7:ae:72:78:db:46:85:a3:fb:8e:30:b6:fa:49: 10:07:44:80:46:11:79:16:84:44:05:f5:54:86:09: e2:22:e6:a3:b9:b5:ba:ae:75:fa:37:b5:4e:43:5a: 6b:c7:75:b0:30:c6:98:68:0c:4d:18:5f:8f:fd:b5: 69:a8:7c:f4:a1:88:eb:15:15:f3:50:3d:19:bd:fa: 4c:87:d0:1f:5a:c7:58:05:50:5b:41:ce:1a:1b:6e: 5a:de:e1:35:3c:3b:e3:ee:2f:c1:86:8a:bc:4f:db: 36:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:95:60:CA:B7:DB:3E:4E:16:4B:9D:2E:2F:8A:3E:3E:60:ED:77:9E X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:9d:ed:a8:0c:4d:48:63:19:d3:1d:9b:9c:04:68:05:1e:77: 42:21:32:e6:53:b8:1f:e3:54:ef:ae:b2:bf:36:67:dd:65:c9: 16:bc:cc:0b:39:92:d4:e1:63:8f:79:75:46:6e:75:5f:44:b1: 82:c3:3b:bc:b1:15:33:4e:fd:30:59:44:52:db:64:41:7a:a7: ba:6a:98:bc:a3:20:b6:40:3e:e6:78:bd:51:69:ea:80:be:9f: 0d:c8:4d:a1:5d:6b:98:51:b0:3d:a3:33:cd:fe:8b:e7:4f:f6: 7f:fd:ba:ae:44:30:b9:4c:ae:03:ea:54:7b:e4:a0:45:07:dd: cc:a1:22:e0:8b:1f:c7:b2:29:e4:bd:b8:94:58:b8:8b:e0:f4: b8:21:86:95:73:e1:66:62:fc:ec:75:f1:48:0f:21:21:71:ca: b4:f1:b8:bd:ac:c3:95:0e:65:c5:ef:f9:14:b9:92:f0:8f:99: df:ee:0a:f0:96:19:04:5d:fd:60:3c:f9:ee:8f:5d:c9:a3:58: 41:2a:45:93:d6:32:f5:37:37:ff:d8:bb:51:b8:f7:34:04:7d: fd:4c:2d:1b:b0:6b:1b:82:86:37:c0:0e:50:17:d0:4a:6d:e1: 23:b3:a5:1e:ad:7b:0a:57:17:ae:b6:b0:78:c0:5e:cc:90:3f: d6:20:4a:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MUU1NTExMC8GA1UEBRMoREQ3QzhEMEY0NzhGOUJFNkFCRjczOUMwNEY1QjVCRTRE QzlGNjFGODAeFw0yNDExMjEwNTUzNDFaFw0yNDExMjgwNTUzNDFaMBgxFjAUBgNV BAMTDTY3M2VjYWU2LTAyYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCeKn6Z8RibDZtN6dNZSpwLxYHb9dJl00zlxM0+Pl4uyGTvvEcQBHuCgehJKsdF QLQMZJsvEQ/9D4XzfmrZkmPLG1R+BW5D03oebN5xK1AllI6ETWHBWYIaNmMs3do6 y7Wx2Pzy/+TIfxzR1TW+5cv0ER3MBd5FIrks8I/CKUa6AFSvh2HgOUYmTXokeos9 fQQlH1k7VdPHrnJ420aFo/uOMLb6SRAHRIBGEXkWhEQF9VSGCeIi5qO5tbqudfo3 tU5DWmvHdbAwxphoDE0YX4/9tWmofPShiOsVFfNQPRm9+kyH0B9ax1gFUFtBzhob blre4TU8O+PuL8GGirxP2zYNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1pVgyrfb Pk4WS50uL4o+PmDtd54wHwYDVR0jBBgwFoAU3XyND0ePm+ar9znAT1tb5NyfYfgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxRTU1LzRDMDk4NjJFNzhG QTExRUZBNDRGRTU4NkM0RjlBRTAyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55Zllm Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM1h5TkQwZVBtLWFyOXpuQVQxdGI1TnlmWWZnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIx RTU1LzRDMDk4NjJFNzhGQTExRUZBNDRGRTU4NkM0RjlBRTAyLzNYeU5EMGVQbS1h cjl6bkFUMXRiNU55ZllmZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFqd7agMTUhjGdMdm5wEaAUed0IhMuZTuB/jVO+usr82Z91lyRa8zAs5 ktThY495dUZudV9EsYLDO7yxFTNO/TBZRFLbZEF6p7pqmLyjILZAPuZ4vVFp6oC+ nw3ITaFda5hRsD2jM83+i+dP9n/9uq5EMLlMrgPqVHvkoEUH3cyhIuCLH8eyKeS9 uJRYuIvg9LghhpVz4WZi/Ox18UgPISFxyrTxuL2sw5UOZcXv+RS5kvCPmd/uCvCW GQRd/WA8+e6PXcmjWEEqRZPWMvU3N//Yu1G49zQEff1MLRuwaxuChjfADlAX0Ept 4SOzpR6tewpXF662sHjAXsyQP9YgSoA= -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:48 2024 by rpki-client on console-fra.rpki-client.org