$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft File: MGcPYbflDgsLiOclHeh4TAPJ5GI.mft (raw, json) Hash identifier: 4N/7JVRQSwWkAsUDAVxGM5nO/vaEQReKoh/7LJjaAc8= Subject key identifier: CC:1E:4E:7A:48:0B:0F:AF:9C:57:B5:1E:E5:F2:CF:D8:88:DA:EF:41 Authority key identifier: 30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 Certificate issuer: /CN=A91CE6EC/serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft Manifest number: 58 Signing time: Fri 22 Nov 2024 15:45:24 +0000 Manifest this update: Fri 22 Nov 2024 15:45:23 +0000 Manifest next update: Fri 29 Nov 2024 15:45:23 +0000 Files and hashes: 1: MGcPYbflDgsLiOclHeh4TAPJ5GI.crl (hash: NBZAA1bnxbr1issJoYJueaKKsWVugvfV09poG60C+fk=) 2: 038610FC2D1E11EFA25C6D16C4F9AE02.roa (hash: nEx36xMYEspoRTHpBzsjyglWKve6HGzaUV9gJlWDtWQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:45:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC/serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Validity Not Before: Nov 22 15:45:23 2024 GMT Not After : Nov 29 15:45:23 2024 GMT Subject: CN=6740a714-188e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:cb:dc:a3:1f:00:8f:4f:d9:61:e0:97:c5:27: 0c:ce:ce:f7:a7:30:d1:4f:57:19:c4:03:d3:c2:b2: 66:55:fd:32:e1:d0:52:f5:61:f9:67:a5:f6:ed:f4: 7e:3e:db:75:56:07:1f:eb:3e:30:2e:70:53:a1:91: 47:eb:91:55:0e:f4:e2:12:89:7f:92:2b:65:8a:06: 9d:ed:dc:a3:7e:c0:9a:84:10:4b:e7:ca:27:78:10: c3:c7:b2:fb:12:cd:6c:7b:62:27:c4:35:ef:b4:8f: da:62:e4:cb:76:b8:58:36:2a:80:6d:52:26:fe:21: 0b:17:74:69:c7:c6:0b:47:c7:5e:ea:03:90:ec:3e: ed:ba:77:bf:ad:20:29:b3:47:c3:e3:45:13:10:50: f5:3b:c1:20:7e:d3:14:8e:34:81:a9:c4:38:0a:b1: b5:e8:d5:61:a3:ed:22:ff:6f:67:9a:75:d7:ca:70: 9f:ea:c5:c2:94:dc:02:a8:30:08:3b:df:e1:52:4e: ea:b9:69:11:e5:f6:d8:38:ed:eb:69:3c:7e:f5:ae: df:fd:89:40:0f:2e:96:82:a4:27:0e:b4:01:10:6c: fe:cb:ec:d4:99:74:8d:8d:ec:14:91:2b:28:59:b1: d7:b2:bd:a9:77:10:43:a7:17:59:77:56:1c:b7:a3: 12:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:1E:4E:7A:48:0B:0F:AF:9C:57:B5:1E:E5:F2:CF:D8:88:DA:EF:41 X509v3 Authority Key Identifier: keyid:30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:86:8d:3b:15:3d:39:b4:76:fe:cf:36:61:f3:78:43:64:7f: 78:91:6e:d9:ba:2b:1a:25:ef:30:0c:86:d9:34:dd:b3:b8:1e: 01:70:4d:b2:48:ba:30:7f:2a:90:e7:53:d7:29:13:bd:cf:cb: 4f:a3:d7:8f:00:bc:7a:73:96:17:8b:19:22:1d:87:cc:b7:d7: b3:70:c5:6a:ad:91:ae:f2:55:c7:fb:4d:8d:9c:8b:5d:17:f5: 18:f3:15:9d:5d:4c:a3:8d:2a:4e:9e:4c:43:fa:9e:b0:29:34: 7c:9d:88:11:f2:45:ce:e4:be:4b:07:f0:0b:25:3e:66:d8:61: 3e:e5:c8:c9:f4:c5:a9:61:8a:70:ff:21:97:ee:39:10:49:20: e8:e6:1f:df:f9:87:8b:76:0c:f1:f9:e9:40:7b:fa:b7:db:30: 9f:40:04:d3:b8:dd:0d:d8:37:e3:90:32:ea:51:ad:02:5e:0c: d0:01:9d:e2:bd:e1:79:fd:9e:c7:16:b9:6a:81:e1:7e:ea:1d: 07:a1:93:0b:97:c1:ef:92:6e:05:74:5a:45:cc:bc:1a:64:c1: 38:95:74:1c:eb:92:6e:54:cb:50:90:5b:97:84:10:d3:a2:aa: 6e:de:81:bb:f2:b9:84:d8:f6:1d:13:ac:b4:dd:de:26:12:29: c9:e8:77:4f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTZFQzExMC8GA1UEBRMoMzA2NzBGNjFCN0U1MEUwQjBCODhFNzI1MURFODc4NEMw M0M5RTQ2MjAeFw0yNDExMjIxNTQ1MjNaFw0yNDExMjkxNTQ1MjNaMBgxFjAUBgNV BAMTDTY3NDBhNzE0LTE4OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxy9yjHwCPT9lh4JfFJwzOzvenMNFPVxnEA9PCsmZV/TLh0FL1Yflnpfbt9H4+ 23VWBx/rPjAucFOhkUfrkVUO9OISiX+SK2WKBp3t3KN+wJqEEEvnyid4EMPHsvsS zWx7YifENe+0j9pi5Mt2uFg2KoBtUib+IQsXdGnHxgtHx17qA5DsPu26d7+tICmz R8PjRRMQUPU7wSB+0xSONIGpxDgKsbXo1WGj7SL/b2eaddfKcJ/qxcKU3AKoMAg7 3+FSTuq5aRHl9tg47etpPH71rt/9iUAPLpaCpCcOtAEQbP7L7NSZdI2N7BSRKyhZ sdeyval3EEOnF1l3Vhy3oxKDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzB5OekgL D6+cV7Ue5fLP2Ija70EwHwYDVR0jBBgwFoAUMGcPYbflDgsLiOclHeh4TAPJ5GIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFNkVDLzA4MkE4OUYwMkEy OTExRUY4ODk1RjExQ0M0RjlBRTAyL01HY1BZYmZsRGdzTGlPY2xIZWg0VEFQSjVH SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTUdjUFliZmxEZ3NMaU9jbEhlaDRUQVBKNUdJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF NkVDLzA4MkE4OUYwMkEyOTExRUY4ODk1RjExQ0M0RjlBRTAyL01HY1BZYmZsRGdz TGlPY2xIZWg0VEFQSjVHSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFSGjTsVPTm0dv7PNmHzeENkf3iRbtm6Kxol7zAMhtk03bO4HgFwTbJI ujB/KpDnU9cpE73Py0+j148AvHpzlheLGSIdh8y317NwxWqtka7yVcf7TY2ci10X 9RjzFZ1dTKONKk6eTEP6nrApNHydiBHyRc7kvksH8AslPmbYYT7lyMn0xalhinD/ IZfuORBJIOjmH9/5h4t2DPH56UB7+rfbMJ9ABNO43Q3YN+OQMupRrQJeDNABneK9 4Xn9nscWuWqB4X7qHQehkwuXwe+SbgV0WkXMvBpkwTiVdBzrkm5Uy1CQW5eEENOi qm7egbvyuYTY9h0TrLTd3iYSKcnod08= -----END CERTIFICATE-----Generated at Fri Nov 22 17:56:20 2024 by rpki-client on console-fra.rpki-client.org