$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft File: 09eD7kxpu1Bj-1z1smKLx77DdIo.mft (raw, json) Hash identifier: YYKRtQlwuDLe6va1MZHmnhyCODJtLjHCm8F48I+MXeI= Subject key identifier: 4D:1C:8B:A6:5B:5C:6B:7D:1E:23:92:7F:76:9D:FA:F1:A9:23:74:DB Authority key identifier: D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A Certificate issuer: /CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft Manifest number: 20 Signing time: Thu 21 Nov 2024 01:27:50 +0000 Manifest this update: Thu 21 Nov 2024 01:27:49 +0000 Manifest next update: Thu 28 Nov 2024 01:27:49 +0000 Files and hashes: 1: 09eD7kxpu1Bj-1z1smKLx77DdIo.crl (hash: zldw1jYmCLzl6AY7CFeXGaQ75tZA/U0P67NTlsFZKTw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Validity Not Before: Nov 21 01:27:49 2024 GMT Not After : Nov 28 01:27:49 2024 GMT Subject: CN=673e8c96-98d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:53:f1:df:b4:ea:ea:c1:c2:59:58:a0:30:ed: 3c:be:bc:bb:f5:6f:ac:25:56:3f:4c:82:cc:08:ef: f6:98:a0:75:cf:77:70:db:17:23:2d:0e:b1:21:b0: b8:7c:13:c5:ff:27:e0:46:79:70:ac:31:c3:7e:2f: 7c:fa:7c:25:99:b0:bc:e4:b3:c5:2b:d2:a0:0c:60: 3c:9d:64:ac:24:b9:a7:c4:5a:58:af:c2:4b:ff:82: ff:84:30:c0:93:4f:a9:31:ee:13:ca:c6:6e:60:61: 37:59:44:37:83:f8:25:db:72:b1:b8:91:5d:c5:3a: 22:1b:ed:a7:6e:8c:54:ea:08:50:01:4b:16:53:b2: 15:24:25:a7:a0:f8:95:bc:43:1a:fe:af:cb:ef:dd: f1:dc:8e:17:55:c7:74:fb:ad:16:f2:3b:2b:0f:b2: 70:13:65:17:a5:e7:6f:a7:60:cd:82:4e:a5:ff:fd: d8:d6:88:50:36:b9:1c:0c:bf:42:c7:17:d6:3e:a9: 00:64:1b:b2:a0:fa:f5:eb:41:9f:64:fa:b9:cf:d4: e6:ca:d1:d3:c6:6f:a8:c8:36:55:97:04:22:0f:ef: 70:50:c3:9b:15:50:ee:15:e5:29:62:5d:83:79:d7: 39:f5:9f:68:15:55:1e:3a:9f:d4:ed:3d:a1:93:09: b0:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:1C:8B:A6:5B:5C:6B:7D:1E:23:92:7F:76:9D:FA:F1:A9:23:74:DB X509v3 Authority Key Identifier: keyid:D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:0e:28:a7:89:d5:34:d4:d1:63:68:b8:b1:74:e1:7f:56:d3: 6e:6e:3d:ee:d4:49:83:be:80:6d:ea:c6:fe:68:40:63:2c:8b: 9f:83:a0:5d:9d:34:ac:09:a1:b1:92:c3:a3:4d:40:c5:9e:20: 8f:50:65:86:7b:ca:df:32:3c:50:39:aa:c1:8a:30:b0:39:44: c9:1a:40:ff:80:67:a7:58:68:5b:d0:2f:6a:e2:3e:04:b4:7a: 29:b0:3b:cc:82:41:08:ab:73:4f:ab:2f:d6:dd:38:66:1b:fc: 40:c6:17:8c:f8:86:de:ad:79:b7:2d:26:4c:36:71:8d:6c:a3: 33:51:07:07:6e:7e:cd:06:47:93:9c:95:55:c9:ee:7d:30:34: f4:9e:a1:1f:d2:61:43:93:4c:44:0f:32:26:3c:0a:0a:b0:67: 30:69:37:51:15:33:c7:66:f2:0f:ec:4a:16:ee:a6:a9:43:c9: 31:5a:24:3a:72:69:ab:ef:95:7c:2e:6a:17:ce:08:68:b5:7a: 15:7e:87:77:ef:79:db:d8:dc:09:5d:4e:a8:52:b2:3a:da:77: a3:45:02:ec:cb:a9:43:e8:21:9e:06:9c:43:06:ea:f9:21:a1: 51:a4:1d:ca:e6:f6:95:54:9c:d6:ed:6b:3a:2c:b6:45:43:fd: db:87:6d:2e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC OUE3NzExMC8GA1UEBRMoRDNENzgzRUU0QzY5QkI1MDYzRkI1Q0Y1QjI2MjhCQzdC RUMzNzQ4QTAeFw0yNDExMjEwMTI3NDlaFw0yNDExMjgwMTI3NDlaMBgxFjAUBgNV BAMTDTY3M2U4Yzk2LTk4ZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD4U/HftOrqwcJZWKAw7Ty+vLv1b6wlVj9MgswI7/aYoHXPd3DbFyMtDrEhsLh8 E8X/J+BGeXCsMcN+L3z6fCWZsLzks8Ur0qAMYDydZKwkuafEWlivwkv/gv+EMMCT T6kx7hPKxm5gYTdZRDeD+CXbcrG4kV3FOiIb7adujFTqCFABSxZTshUkJaeg+JW8 Qxr+r8vv3fHcjhdVx3T7rRbyOysPsnATZRel52+nYM2CTqX//djWiFA2uRwMv0LH F9Y+qQBkG7Kg+vXrQZ9k+rnP1ObK0dPGb6jINlWXBCIP73BQw5sVUO4V5SliXYN5 1zn1n2gVVR46n9TtPaGTCbCnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTRyLpltc a30eI5J/dp368akjdNswHwYDVR0jBBgwFoAU09eD7kxpu1Bj+1z1smKLx77DdIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5QTc3L0FCODUzNDQwN0Ez RjExRUZBMUMwRTAxNkM0RjlBRTAyLzA5ZUQ3a3hwdTFCai0xejFzbUtMeDc3RGRJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDllRDdreHB1MUJqLTF6MXNtS0x4NzdEZElvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5 QTc3L0FCODUzNDQwN0EzRjExRUZBMUMwRTAxNkM0RjlBRTAyLzA5ZUQ3a3hwdTFC ai0xejFzbUtMeDc3RGRJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALAOKKeJ1TTU0WNouLF04X9W025uPe7USYO+gG3qxv5oQGMsi5+DoF2d NKwJobGSw6NNQMWeII9QZYZ7yt8yPFA5qsGKMLA5RMkaQP+AZ6dYaFvQL2riPgS0 eimwO8yCQQirc0+rL9bdOGYb/EDGF4z4ht6tebctJkw2cY1sozNRBwdufs0GR5Oc lVXJ7n0wNPSeoR/SYUOTTEQPMiY8CgqwZzBpN1EVM8dm8g/sShbupqlDyTFaJDpy aavvlXwuahfOCGi1ehV+h3fvedvY3AldTqhSsjrad6NFAuzLqUPoIZ4GnEMG6vkh oVGkHcrm9pVUnNbtazostkVD/duHbS4= -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:03 2024 by rpki-client on console-fra.rpki-client.org