$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft File: u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft (raw, json) Hash identifier: JrsiVOQLxka1E8PwPuNa44GiR1ykVI9UT1dnHGJ09Uk= Subject key identifier: 5D:AA:A5:A1:30:DA:80:BC:E0:F9:D8:05:16:A5:BB:D2:00:14:F9:EC Authority key identifier: BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0 Certificate issuer: /CN=A91CEE85/serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0 Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft Manifest number: 22 Signing time: Sun 15 Sep 2024 10:20:26 +0000 Manifest this update: Sun 15 Sep 2024 10:20:25 +0000 Manifest next update: Sun 22 Sep 2024 10:20:25 +0000 Files and hashes: 1: u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl (hash: 9+BMvlpZH9Qm8BBV9aDUsDmzVl96K09vOS7a7tcoG/k=) 2: 4D189DD4728311EFA9CECE43C4F9AE02.roa (hash: P4IIy61smLYU2tRECRiNr+Llnp12HyUuxQYTt0cXgxo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Sep 2024 02:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEE85/serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0 Validity Not Before: Sep 15 10:20:25 2024 GMT Not After : Sep 22 10:20:25 2024 GMT Subject: CN=66e6b4e9-7600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:bc:d2:00:f9:3e:ee:b2:89:f6:16:81:6a:47: 19:7e:54:8b:02:7a:db:4c:c5:fb:f4:fa:c2:b9:11: 94:2f:ac:ff:fc:f7:3b:13:60:b9:78:e9:bd:00:42: cc:d1:0f:14:1c:76:c1:c9:ab:5d:bd:34:df:6e:f5: e8:ec:6f:7a:56:7e:9a:52:5d:4c:25:3f:73:39:b7: be:10:74:0d:03:9a:ca:a6:ac:ab:78:61:dc:58:46: 00:4e:48:a5:1c:29:dd:c6:c0:25:33:26:90:3a:0f: 06:df:f6:a8:c0:4b:6f:61:df:73:14:f4:41:89:bd: 70:8e:ba:e0:72:31:e3:74:0b:71:de:70:7e:14:4f: 60:e5:5e:2d:bf:6b:7c:2a:48:24:d5:93:ab:a0:36: e2:aa:e0:c9:0a:e4:b3:4d:d9:5d:ce:a1:69:35:3c: bc:0f:51:0e:4b:46:74:c2:c4:65:15:0a:cd:e0:e5: 68:77:c2:fa:74:bd:6e:de:bc:12:fc:08:05:3c:9c: 06:fd:9e:5b:06:e0:61:70:48:0b:2f:cf:1a:3a:66: e8:cd:16:49:48:89:73:31:e0:8c:95:24:e0:ce:8a: a6:ba:c3:2c:e6:d7:4c:c0:af:aa:ee:5d:30:c6:ed: 1a:25:6e:72:72:1f:83:a4:6a:f4:28:32:e5:31:7b: 65:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:AA:A5:A1:30:DA:80:BC:E0:F9:D8:05:16:A5:BB:D2:00:14:F9:EC X509v3 Authority Key Identifier: keyid:BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:ee:3b:a9:eb:8a:07:98:6c:43:19:c6:71:a3:62:c9:94:de: 38:9f:f2:68:9b:fd:5d:8c:2d:d8:66:19:85:e5:e5:71:e6:a8: c0:2d:34:07:eb:88:d9:f7:e1:ab:22:ed:07:5b:07:ea:0e:32: f6:21:06:c2:54:ed:10:b0:db:bf:ae:8a:2c:8b:4a:b1:85:e2: ab:1b:97:85:07:56:a5:2e:af:f3:b3:73:02:cb:c6:73:58:04: ba:64:09:73:be:fe:8f:0b:55:dd:0c:0d:b0:42:e5:f1:1c:38: 1f:92:9f:1e:e9:c0:e5:9f:91:ab:a1:b5:8c:f5:e5:56:3f:7a: fe:a2:fd:c4:04:4b:33:f8:bd:31:7d:1d:77:d3:c6:37:97:49: 23:97:45:04:8c:e9:ff:63:bb:f4:25:9b:5d:0b:35:c9:41:29: 6d:10:ad:0d:8d:96:f4:b5:01:12:47:22:d4:71:b7:04:1a:7c: 37:2e:fa:d5:40:9c:94:9f:53:84:df:06:c3:94:f9:78:40:e3: a1:25:e6:be:ad:cb:93:db:92:e2:8c:64:d0:21:65:dc:99:ac: f7:18:91:de:54:38:1f:87:9f:5d:01:3b:73:ef:5a:1e:0c:ac: 4e:b4:74:76:b6:a3:4f:78:c8:68:eb:1f:2c:43:6e:9c:3a:b3: 56:1a:58:3a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RUU4NTExMC8GA1UEBRMoQkJFODAzRkI3NTdFMEM0N0QzMjA0NTQ1MjE4N0I3NEFF MjcxMTFGMDAeFw0yNDA5MTUxMDIwMjVaFw0yNDA5MjIxMDIwMjVaMBgxFjAUBgNV BAMTDTY2ZTZiNGU5LTc2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYvNIA+T7uson2FoFqRxl+VIsCettMxfv0+sK5EZQvrP/89zsTYLl46b0AQszR DxQcdsHJq129NN9u9ejsb3pWfppSXUwlP3M5t74QdA0DmsqmrKt4YdxYRgBOSKUc Kd3GwCUzJpA6Dwbf9qjAS29h33MU9EGJvXCOuuByMeN0C3HecH4UT2DlXi2/a3wq SCTVk6ugNuKq4MkK5LNN2V3OoWk1PLwPUQ5LRnTCxGUVCs3g5Wh3wvp0vW7evBL8 CAU8nAb9nlsG4GFwSAsvzxo6ZujNFklIiXMx4IyVJODOiqa6wyzm10zAr6ruXTDG 7RolbnJyH4OkavQoMuUxe2XVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXaqloTDa gLzg+dgFFqW70gAU+ewwHwYDVR0jBBgwFoAUu+gD+3V+DEfTIEVFIYe3SuJxEfAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFRTg1LzA1QTdDRTY4NDVB RTExRUZCNDM1RUI2RkM0RjlBRTAyL3UtZ0QtM1YtREVmVElFVkZJWWUzU3VKeEVm QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdS1nRC0zVi1ERWZUSUVWRklZZTNTdUp4RWZBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF RTg1LzA1QTdDRTY4NDVBRTExRUZCNDM1RUI2RkM0RjlBRTAyL3UtZ0QtM1YtREVm VElFVkZJWWUzU3VKeEVmQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJvuO6nrigeYbEMZxnGjYsmU3jif8mib/V2MLdhmGYXl5XHmqMAtNAfr iNn34asi7QdbB+oOMvYhBsJU7RCw27+uiiyLSrGF4qsbl4UHVqUur/OzcwLLxnNY BLpkCXO+/o8LVd0MDbBC5fEcOB+Snx7pwOWfkauhtYz15VY/ev6i/cQESzP4vTF9 HXfTxjeXSSOXRQSM6f9ju/Qlm10LNclBKW0QrQ2NlvS1ARJHItRxtwQafDcu+tVA nJSfU4TfBsOU+XhA46El5r6ty5PbkuKMZNAhZdyZrPcYkd5UOB+Hn10BO3PvWh4M rE60dHa2o094yGjrHyxDbpw6s1YaWDo= -----END CERTIFICATE-----Generated at Sun Sep 15 12:30:36 2024 by rpki-client on console-ams.rpki-client.org