$ rpki-client -vvf rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft File: 23LIuvHa9pOYGFLuAyIwMF7ICRA.mft (raw, json) Hash identifier: xpdLzo1eozRdqeZ3VICh8AeazWhufMCEsLxLCE43fkY= Subject key identifier: 89:3E:ED:AB:41:80:52:E4:42:0E:01:9E:E2:B9:94:15:39:5D:B1:B2 Authority key identifier: DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 Certificate issuer: /CN=A91B289C/serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Certificate serial: 0839 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft Manifest number: 0832 Signing time: Wed 20 Nov 2024 20:26:58 +0000 Manifest this update: Wed 20 Nov 2024 20:26:58 +0000 Manifest next update: Wed 27 Nov 2024 20:26:58 +0000 Files and hashes: 1: 23LIuvHa9pOYGFLuAyIwMF7ICRA.crl (hash: my4+wrcR8LzE+waPPdXqDYvqh1cvOfcHb6IMEI23q0s=) 2: E6F3687CBCE711EAACD6466CC4F9AE02.roa (hash: jrXgAGT3lqn2oPe4fiJJc8FiNv+5i0XvozNfLQNBQxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2105 (0x839) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B289C/serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Validity Not Before: Nov 20 20:26:58 2024 GMT Not After : Nov 27 20:26:58 2024 GMT Subject: CN=673e4612-d08f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ad:09:24:66:0b:5a:2f:6d:b6:ae:51:f7:3b: 02:ba:a8:1f:e3:c6:a8:7f:ff:77:64:8b:96:45:32: fe:6d:8a:73:74:bf:f5:db:a6:16:67:32:65:39:4c: 60:c1:ff:10:d5:b7:7d:44:4d:10:d6:1b:6b:c0:98: f4:bb:1b:18:f1:2b:ed:c8:94:1b:34:3b:58:ab:3f: 62:48:1f:d1:88:69:92:af:78:3e:a0:4e:26:ec:66: 36:73:7e:08:e9:0b:c0:94:a5:e7:3e:78:eb:fd:34: 04:b2:b4:b4:00:2b:7b:fe:de:2e:4c:67:98:79:08: bf:08:d8:e3:26:b4:b9:df:18:10:a4:4c:f5:31:e5: a6:ea:43:1a:4d:15:ed:81:5f:6f:d1:3d:ba:53:12: 3f:2d:0e:32:4e:4b:14:8e:ee:db:d9:0b:26:8f:64: 39:f5:ed:a3:ea:c5:1a:32:5d:a1:1c:63:25:a0:5d: 37:38:14:e9:fa:8f:b2:bb:4d:7a:39:a7:92:7d:ab: 75:f8:a5:e9:e8:28:c9:ac:b7:4f:6a:b4:94:13:94: f3:a3:94:10:07:49:a1:0f:ed:c2:20:36:ea:96:ba: 2f:e1:00:1d:00:3c:a8:28:3a:51:64:39:b9:7f:fc: 83:15:8c:38:30:9b:c6:84:ab:7d:5b:fb:6b:21:c7: f5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3E:ED:AB:41:80:52:E4:42:0E:01:9E:E2:B9:94:15:39:5D:B1:B2 X509v3 Authority Key Identifier: keyid:DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:78:3c:50:63:d9:e9:5c:31:d7:1b:4c:d9:ee:f8:6b:82:0c: 85:d9:94:33:99:52:3d:e3:7b:35:ca:cb:b8:75:e7:05:39:27: bb:e2:ab:54:df:ea:58:9f:b8:a0:a0:59:a7:0d:45:29:07:88: 7e:75:fd:f8:76:1c:12:b3:f4:98:ff:58:9f:c1:92:4c:12:48: d7:b6:ce:49:74:34:af:35:07:27:7a:c6:47:26:49:08:e9:c1: 18:e7:b3:e8:4a:b6:36:d5:b8:9c:d6:95:99:e2:e0:2b:80:7b: 15:79:9b:6f:c1:08:4e:08:cb:c3:4c:b2:c4:61:7d:67:7c:7a: 72:56:f5:43:97:fd:7d:7b:5d:ea:69:b3:ed:8d:c6:61:47:5c: 49:15:96:50:f1:d2:43:ab:79:65:c7:0c:e8:f9:67:c4:26:81: ed:ef:45:63:46:6b:2d:0e:5a:34:7a:ae:aa:b6:7a:39:21:ed: bd:46:99:c2:70:40:7a:7d:fc:e5:6c:f2:9b:1f:e8:0a:0f:fa: 29:74:ed:76:cf:9f:e8:11:76:98:80:78:d5:d5:a5:df:38:59: db:d6:db:a3:f6:3a:67:6f:89:19:1c:c3:19:1f:6e:d7:c5:b8: c4:0c:07:12:60:9e:8c:b0:6e:65:d1:4d:bb:93:aa:17:85:77: 73:39:24:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI4OUMxMTAvBgNVBAUTKERCNzJDOEJBRjFEQUY2OTM5ODE4NTJFRTAzMjIzMDMw NUVDODA5MTAwHhcNMjQxMTIwMjAyNjU4WhcNMjQxMTI3MjAyNjU4WjAYMRYwFAYD VQQDEw02NzNlNDYxMi1kMDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu60JJGYLWi9ttq5R9zsCuqgf48aof/93ZIuWRTL+bYpzdL/126YWZzJlOUxg wf8Q1bd9RE0Q1htrwJj0uxsY8SvtyJQbNDtYqz9iSB/RiGmSr3g+oE4m7GY2c34I 6QvAlKXnPnjr/TQEsrS0ACt7/t4uTGeYeQi/CNjjJrS53xgQpEz1MeWm6kMaTRXt gV9v0T26UxI/LQ4yTksUju7b2Qsmj2Q59e2j6sUaMl2hHGMloF03OBTp+o+yu016 OaeSfat1+KXp6CjJrLdParSUE5Tzo5QQB0mhD+3CIDbqlrov4QAdADyoKDpRZDm5 f/yDFYw4MJvGhKt9W/trIcf1jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIk+7atB gFLkQg4BnuK5lBU5XbGyMB8GA1UdIwQYMBaAFNtyyLrx2vaTmBhS7gMiMDBeyAkQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjg5Qy8zQUIxRTJEQ0JD RTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlwT1lHRkx1QXlJd01GN0lD UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzIzTEl1dkhhOXBPWUdGTHVBeUl3TUY3SUNSQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Mjg5Qy8zQUIxRTJEQ0JDRTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlw T1lHRkx1QXlJd01GN0lDUkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyeDxQY9npXDHXG0zZ7vhrggyF2ZQzmVI943s1ysu4decFOSe74qtU 3+pYn7igoFmnDUUpB4h+df34dhwSs/SY/1ifwZJMEkjXts5JdDSvNQcnesZHJkkI 6cEY57PoSrY21bic1pWZ4uArgHsVeZtvwQhOCMvDTLLEYX1nfHpyVvVDl/19e13q abPtjcZhR1xJFZZQ8dJDq3llxwzo+WfEJoHt70VjRmstDlo0eq6qtno5Ie29RpnC cEB6ffzlbPKbH+gKD/opdO12z5/oEXaYgHjV1aXfOFnb1tuj9jpnb4kZHMMZH27X xbjEDAcSYJ6MsG5l0U27k6oXhXdzOSRa -----END CERTIFICATE-----Generated at Wed Nov 20 21:34:57 2024 by rpki-client on console-ams.rpki-client.org