$ rpki-client -vvf rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft File: jYqA7HIK5-1T_SED6OachVWtD4Y.mft (raw, json) Hash identifier: pgH78RaXFYnlYZtSvG/T+TZ3Yyq9RBttZrRYFnhCKrY= Subject key identifier: 7F:BA:CD:A4:92:9A:5D:F4:CA:24:83:C2:4E:2D:76:08:C4:09:A8:A9 Authority key identifier: 8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86 Certificate issuer: /CN=A91BECBA/serialNumber=8D8A80EC720AE7ED53FD2103E8E69C8555AD0F86 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft Manifest number: 2A Signing time: Sat 23 Nov 2024 05:40:31 +0000 Manifest this update: Sat 23 Nov 2024 05:40:30 +0000 Manifest next update: Sat 30 Nov 2024 05:40:30 +0000 Files and hashes: 1: jYqA7HIK5-1T_SED6OachVWtD4Y.crl (hash: j5AaVr9YiR2PE1LkTBrSHBjt49QcQGf5nly+PMak5II=) 2: A0142C706B6611EF88C61580C4F9AE02.roa (hash: uRfLzHpH3w0wMyUP2zmc3m4Xrb+iDgFHWZZPu7gk9FI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.crl rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BECBA/serialNumber=8D8A80EC720AE7ED53FD2103E8E69C8555AD0F86 Validity Not Before: Nov 23 05:40:30 2024 GMT Not After : Nov 30 05:40:30 2024 GMT Subject: CN=67416acf-9d9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8a:3c:39:e5:42:ad:c8:b7:80:b6:99:21:9e: 9f:d2:18:16:dc:7d:3a:dd:91:7a:f0:a5:86:98:7f: 0b:75:08:92:69:50:f6:ad:ab:c2:b4:8a:f2:09:92: 91:fb:dc:fb:c4:8a:19:55:ac:77:44:58:22:4c:70: 1b:19:62:78:79:2a:6f:44:4e:8e:d8:4a:be:fa:5e: 09:d5:87:b1:be:04:45:00:5f:bc:4d:2f:c8:6a:52: ab:18:99:b3:fd:15:b6:aa:4f:96:99:11:f9:8c:78: e2:30:57:83:f5:c6:8d:8a:0a:99:f1:4f:24:c4:f5: 9c:ee:c8:39:51:f5:39:d2:b0:4e:3f:5a:4a:59:55: c9:c7:2f:9a:7d:e0:e6:88:9a:74:7a:cc:a9:6a:ed: 53:ea:4b:03:8e:52:7c:3c:39:b4:e4:21:17:9f:03: 41:04:89:77:15:4d:e3:eb:f7:4d:cf:0f:7c:3b:b5: c5:65:5b:d7:ec:a3:62:0c:15:78:dd:2c:5c:28:bc: 97:4c:a3:0b:9f:d4:26:f0:5d:97:26:99:77:07:06: c0:ce:a6:1c:82:a7:38:45:c5:89:43:5e:ad:0e:ed: dc:f9:62:c4:78:ff:99:f9:95:59:37:dc:96:54:c8: 53:52:a0:01:38:9c:92:8d:d5:64:3d:7d:e1:78:fc: 58:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:BA:CD:A4:92:9A:5D:F4:CA:24:83:C2:4E:2D:76:08:C4:09:A8:A9 X509v3 Authority Key Identifier: keyid:8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:52:28:48:67:b8:f9:ce:fb:ff:30:ca:0e:3e:ca:64:26:3a: d2:89:3a:1d:97:cf:57:ae:04:e2:19:d7:29:2f:73:7a:7d:ba: 5a:31:74:0b:db:ba:38:95:4c:ee:1d:6a:83:6c:a4:3e:ad:4f: e7:cb:12:0c:f7:db:27:2a:db:f4:e3:8e:24:e3:46:c1:b3:01: d1:48:ba:61:c2:57:30:fd:6f:e0:25:53:19:ae:56:0f:a1:b7: 7f:e7:9b:34:63:5d:30:4f:af:43:09:25:51:ce:ec:8a:50:87: a3:71:ef:e2:5d:cc:46:1e:1e:5e:89:ff:d5:08:8e:31:f0:3a: 70:f9:ec:9c:f7:ab:bf:5e:fe:54:e2:8b:4f:71:3f:1a:32:ff: 54:a8:5e:a2:33:64:b5:96:dd:39:8c:27:40:28:5b:16:16:54: 50:d2:05:d3:62:28:a6:47:ac:94:d6:e5:28:c7:b1:e1:fc:fe: 8a:49:fa:e7:69:f0:a3:60:48:6c:cb:12:cf:e9:a8:b5:28:2e: d7:95:0d:50:bc:d7:83:cc:66:cd:4a:30:5b:d0:1a:ed:14:af: 4d:d9:7d:5f:13:f3:fa:b6:cd:00:67:11:2a:bb:d9:d2:5c:fd: c4:ff:36:6f:81:64:4b:9a:4f:62:57:b2:29:d5:8e:d4:48:e3: fe:d2:41:54 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUNCQTExMC8GA1UEBRMoOEQ4QTgwRUM3MjBBRTdFRDUzRkQyMTAzRThFNjlDODU1 NUFEMEY4NjAeFw0yNDExMjMwNTQwMzBaFw0yNDExMzAwNTQwMzBaMBgxFjAUBgNV BAMTDTY3NDE2YWNmLTlkOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0ijw55UKtyLeAtpkhnp/SGBbcfTrdkXrwpYaYfwt1CJJpUPatq8K0ivIJkpH7 3PvEihlVrHdEWCJMcBsZYnh5Km9ETo7YSr76XgnVh7G+BEUAX7xNL8hqUqsYmbP9 FbaqT5aZEfmMeOIwV4P1xo2KCpnxTyTE9ZzuyDlR9TnSsE4/WkpZVcnHL5p94OaI mnR6zKlq7VPqSwOOUnw8ObTkIRefA0EEiXcVTePr903PD3w7tcVlW9fso2IMFXjd LFwovJdMowuf1CbwXZcmmXcHBsDOphyCpzhFxYlDXq0O7dz5YsR4/5n5lVk33JZU yFNSoAE4nJKN1WQ9feF4/FhDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUf7rNpJKa XfTKJIPCTi12CMQJqKkwHwYDVR0jBBgwFoAUjYqA7HIK5+1T/SED6OachVWtD4Yw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFQ0JBLzU4M0UyQjlBNkI2 NTExRUZBODU3RTgwQ0M0RjlBRTAyL2pZcUE3SElLNS0xVF9TRUQ2T2FjaFZXdEQ0 WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvallxQTdISUs1LTFUX1NFRDZPYWNoVld0RDRZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF Q0JBLzU4M0UyQjlBNkI2NTExRUZBODU3RTgwQ0M0RjlBRTAyL2pZcUE3SElLNS0x VF9TRUQ2T2FjaFZXdEQ0WS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFJSKEhnuPnO+/8wyg4+ymQmOtKJOh2Xz1euBOIZ1ykvc3p9uloxdAvb ujiVTO4daoNspD6tT+fLEgz32ycq2/TjjiTjRsGzAdFIumHCVzD9b+AlUxmuVg+h t3/nmzRjXTBPr0MJJVHO7IpQh6Nx7+JdzEYeHl6J/9UIjjHwOnD57Jz3q79e/lTi i09xPxoy/1SoXqIzZLWW3TmMJ0AoWxYWVFDSBdNiKKZHrJTW5SjHseH8/opJ+udp 8KNgSGzLEs/pqLUoLteVDVC814PMZs1KMFvQGu0Ur03ZfV8T8/q2zQBnESq72dJc /cT/Nm+BZEuaT2JXsinVjtRI4/7SQVQ= -----END CERTIFICATE-----Generated at Sat Nov 23 07:45:05 2024 by rpki-client on console-ams.rpki-client.org