$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: Sgj0iWrxCd2ZIN40Y9Kq/vYZjEAs3OXb7slvZA1HtZs= Subject key identifier: BC:29:77:90:E6:A5:16:F0:9E:2F:D1:B6:D0:6C:6F:87:F6:0F:DB:16 Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 0431 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 0418 Signing time: Wed 20 Nov 2024 23:56:02 +0000 Manifest this update: Wed 20 Nov 2024 23:56:01 +0000 Manifest next update: Wed 27 Nov 2024 23:56:01 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: 0c1pLJZiTpCHyNp04ewYLp7uT/q3dYkWWGN8jvtrAp0=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: 4by10ick3aOPoEwL9MxmYZych/O61DB95JCCfpjs2l0=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: zdWwyK62ezTqtldMx3AFhd08v1ee56JEEEGh/b+1bK8=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: yt5ul2v37If2OMAgvwlcXNvNlpOeU9vk4N82gRjp7ro=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: tkC8VFhPaMMB7xHukmlTC8vVY5Lai1noTB/JDIdLAEc=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: ofwlwfDv/f2slgSdPa6hT78BUtn3LBZ837QvOITSXas=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: y6Yo94bVO58GlNbuqBWAfuC5sCH6iiyxweKo6sloNrk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1073 (0x431) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Validity Not Before: Nov 20 23:56:01 2024 GMT Not After : Nov 27 23:56:01 2024 GMT Subject: CN=673e7712-7dc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:68:5e:3c:f9:20:fc:81:1e:1d:00:c7:9e:87: c3:ef:25:57:ce:37:19:eb:8d:63:1b:8c:8b:d5:3c: e9:4a:02:bf:bd:71:8e:0e:50:8c:47:dc:f6:37:90: 7e:83:65:15:42:ce:a1:84:d2:63:f7:2e:5c:36:8f: c5:cd:5b:70:f3:f9:75:72:49:88:66:77:b3:df:85: 87:8a:7d:4a:5b:5a:f1:30:58:68:2e:93:c7:6d:e8: 06:11:6e:b4:cd:5f:0f:d3:dd:85:fc:b0:68:3f:4d: c6:8b:59:15:a3:11:e7:d6:c3:3c:8f:01:5a:61:f7: 72:b3:a7:3f:ec:3d:a1:8f:6c:0d:b2:77:e4:47:32: 9c:55:f9:2c:eb:2c:8e:bb:df:fb:24:ad:be:86:52: 98:66:dc:92:37:35:f2:f2:be:1c:ef:c0:c9:49:37: 50:da:80:e4:8c:b1:d8:8b:61:5c:93:ac:b4:3c:1e: 3a:bd:40:91:df:0d:c7:26:05:18:10:32:4b:af:e5: 14:63:00:4d:9d:77:80:ed:be:b9:1d:b6:53:4a:36: 75:81:4b:fd:da:94:18:e7:38:56:27:09:3f:8b:02: df:23:0c:42:6f:38:58:3a:15:57:f0:db:3e:30:5c: 10:b5:19:7c:66:68:17:4d:b6:9b:c9:8a:1e:70:ab: 28:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:29:77:90:E6:A5:16:F0:9E:2F:D1:B6:D0:6C:6F:87:F6:0F:DB:16 X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:75:24:74:69:e2:2e:5f:64:8e:d4:ed:a2:95:3a:75:b2:79: f1:d1:b7:a1:91:e4:86:83:bf:97:7d:4f:e2:37:84:52:38:44: 04:8d:96:4d:99:22:ed:17:f2:bf:c5:e4:42:ba:6a:45:b1:2c: 30:bc:59:00:7a:3d:50:61:a9:98:da:1a:dc:de:c0:37:e5:49: 15:a5:94:cc:ac:1d:5d:c5:32:02:83:58:91:59:37:9f:22:5d: 63:b4:3d:cc:49:4f:e3:0c:f5:85:26:15:14:61:f7:49:f0:7c: bb:43:73:06:26:ab:6f:40:b1:e9:8a:cf:25:05:69:d8:2d:e6: c3:dd:73:22:1e:34:57:a5:32:d6:7b:55:75:0d:8e:bf:6f:d8: 95:fc:64:df:15:19:d5:79:ea:b2:ab:94:7f:41:de:61:c7:47: 1d:c5:43:60:43:17:2a:ea:13:8d:e0:99:19:2b:73:1b:a9:fd: 33:c1:ee:05:ec:57:04:3b:38:1b:e7:5e:96:72:df:ff:c0:9b: 02:95:b9:03:e7:2c:a7:21:d4:8e:ff:79:92:0b:a8:d3:97:31: a8:69:c9:e1:d0:b3:5c:bc:0b:84:ee:b8:31:5e:9c:49:a4:5a: 9c:0f:ce:9d:ab:be:2a:b2:ff:9a:ec:ac:b4:38:45:5e:be:b9: d1:5c:da:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjQxMTIwMjM1NjAxWhcNMjQxMTI3MjM1NjAxWjAYMRYwFAYD VQQDEw02NzNlNzcxMi03ZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqmhePPkg/IEeHQDHnofD7yVXzjcZ641jG4yL1TzpSgK/vXGODlCMR9z2N5B+ g2UVQs6hhNJj9y5cNo/FzVtw8/l1ckmIZnez34WHin1KW1rxMFhoLpPHbegGEW60 zV8P092F/LBoP03Gi1kVoxHn1sM8jwFaYfdys6c/7D2hj2wNsnfkRzKcVfks6yyO u9/7JK2+hlKYZtySNzXy8r4c78DJSTdQ2oDkjLHYi2Fck6y0PB46vUCR3w3HJgUY EDJLr+UUYwBNnXeA7b65HbZTSjZ1gUv92pQY5zhWJwk/iwLfIwxCbzhYOhVX8Ns+ MFwQtRl8ZmgXTbabyYoecKso1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLwpd5Dm pRbwni/RttBsb4f2D9sWMB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2dSR0aeIuX2SO1O2ilTp1snnx0behkeSGg7+XfU/iN4RSOEQEjZZN mSLtF/K/xeRCumpFsSwwvFkAej1QYamY2hrc3sA35UkVpZTMrB1dxTICg1iRWTef Il1jtD3MSU/jDPWFJhUUYfdJ8Hy7Q3MGJqtvQLHpis8lBWnYLebD3XMiHjRXpTLW e1V1DY6/b9iV/GTfFRnVeeqyq5R/Qd5hx0cdxUNgQxcq6hON4JkZK3Mbqf0zwe4F 7FcEOzgb516Wct//wJsClbkD5yynIdSO/3mSC6jTlzGoacnh0LNcvAuE7rgxXpxJ pFqcD86dq74qsv+a7Ky0OEVevrnRXNqn -----END CERTIFICATE-----Generated at Thu Nov 21 01:26:04 2024 by rpki-client on console-ams.rpki-client.org