$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft File: h7HuPp7irRoRPyeipU4sC41a-zQ.mft (raw, json) Hash identifier: weTJ1ommVbmjTKPmL90+HiG0Sv1jCvLKHr7esAY+gFU= Subject key identifier: 12:5B:F6:0D:13:12:C0:22:86:7A:EF:D8:77:24:CB:78:BF:34:FC:14 Authority key identifier: 87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 Certificate issuer: /CN=A91CF9F5/serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft Manifest number: 14 Signing time: Thu 19 Sep 2024 06:19:19 +0000 Manifest this update: Thu 19 Sep 2024 06:19:18 +0000 Manifest next update: Thu 26 Sep 2024 06:19:18 +0000 Files and hashes: 1: h7HuPp7irRoRPyeipU4sC41a-zQ.crl (hash: PU6qzKK8biGQs2Yzyhgz5GAV7zGw9Ph5xTvzG7KsGfI=) 2: D4FC5DAE5B9E11EF9205B45BC4F9AE02.roa (hash: CgPRx4xYkJ9MsNRxqHiEwCH23g8u+Rv2yHcGrJnrP8g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Sep 2024 06:11:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9F5/serialNumber=87B1EE3E9EE2AD1A113F27A2A54E2C0B8D5AFB34 Validity Not Before: Sep 19 06:19:18 2024 GMT Not After : Sep 26 06:19:18 2024 GMT Subject: CN=66ebc267-91bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:98:6f:ea:ae:30:e6:d4:4b:d0:71:20:19:45: bf:8c:2b:69:e8:58:df:79:9f:7c:59:3e:f0:7c:64: a1:a3:ac:59:35:17:0f:49:f7:94:ed:5d:8f:16:5e: eb:f2:fa:64:7b:82:3c:d4:63:b2:23:65:b2:b5:f0: f2:c3:4d:b7:f4:84:0a:fb:2d:4c:1f:d5:d2:d9:32: a2:76:7b:d9:31:ee:9c:f5:9d:55:d3:37:85:bb:72: ca:f4:41:14:a8:0d:ac:3b:84:b1:b0:f5:af:cf:55: 92:76:85:83:03:8e:89:44:a3:e0:28:23:4a:d7:ca: 78:6f:00:e1:21:3a:be:dc:31:58:b0:ea:5f:b8:e2: d6:c9:27:c0:1f:e4:09:1d:01:8a:af:1a:27:dd:36: 1d:cb:6a:61:e8:85:e3:04:7c:00:ee:30:83:e5:2e: 8b:b9:2b:0c:42:3e:52:50:87:c1:35:91:55:2f:58: a1:83:22:bc:d8:46:4b:db:e5:34:8b:d8:4e:7c:de: 8f:3f:69:07:2f:89:a9:97:68:c6:b5:af:78:0e:71: 01:0b:0d:5e:99:c5:c2:47:00:75:b7:3c:85:78:e0: d3:cc:9b:90:37:d0:f5:30:95:5c:76:88:4f:a5:b7: d6:ec:4a:e5:63:3f:3c:df:ba:a7:8d:16:9f:bc:7d: e8:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:5B:F6:0D:13:12:C0:22:86:7A:EF:D8:77:24:CB:78:BF:34:FC:14 X509v3 Authority Key Identifier: keyid:87:B1:EE:3E:9E:E2:AD:1A:11:3F:27:A2:A5:4E:2C:0B:8D:5A:FB:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7HuPp7irRoRPyeipU4sC41a-zQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9F5/8B926D2A5B9E11EF8BF9175BC4F9AE02/h7HuPp7irRoRPyeipU4sC41a-zQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:af:35:4c:46:69:eb:15:f4:89:a2:e7:d1:64:32:29:d8:6d: 1c:8e:b9:65:98:53:92:3f:0e:f6:a7:07:35:6e:ab:1e:03:5a: 08:f0:30:99:7e:9e:3b:7a:b8:27:6e:4f:37:cf:e1:c2:43:60: 3e:8e:76:50:40:cf:3b:a8:3b:14:f2:a7:e2:e6:4b:44:68:18: 1f:d0:d9:93:2c:0c:c4:20:41:4e:73:63:62:e8:f6:0d:04:ce: 65:6e:74:2a:5c:dc:48:e6:a1:9e:08:9f:99:6a:1e:ce:74:92: 37:ad:74:f2:a9:ee:b4:5a:32:d6:c7:44:b6:de:a6:ff:3a:74: af:42:9f:2c:e4:c7:00:00:40:82:de:56:e4:4a:f2:df:5f:9d: 8a:a1:6d:9d:a0:13:12:17:96:a2:4b:fe:d3:25:22:e9:f9:10: 0e:d7:49:4b:e2:9c:be:93:30:4b:1d:8c:e0:c4:4f:45:e8:2a: d3:f2:8f:27:37:36:7c:b3:6c:3e:33:fe:6e:fa:e2:2a:74:59: 7f:31:74:ff:85:4a:c5:df:c7:48:0c:94:08:4e:60:28:8b:21: e2:96:b3:86:b7:8e:d0:48:a5:83:d1:d2:2e:27:87:b3:eb:b6: 67:0a:a2:54:8c:9a:12:2d:71:aa:c4:59:e2:f6:b9:6a:df:fa: 45:ff:8e:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RjlGNTExMC8GA1UEBRMoODdCMUVFM0U5RUUyQUQxQTExM0YyN0EyQTU0RTJDMEI4 RDVBRkIzNDAeFw0yNDA5MTkwNjE5MThaFw0yNDA5MjYwNjE5MThaMBgxFjAUBgNV BAMTDTY2ZWJjMjY3LTkxYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTmG/qrjDm1EvQcSAZRb+MK2noWN95n3xZPvB8ZKGjrFk1Fw9J95TtXY8WXuvy +mR7gjzUY7IjZbK18PLDTbf0hAr7LUwf1dLZMqJ2e9kx7pz1nVXTN4W7csr0QRSo Daw7hLGw9a/PVZJ2hYMDjolEo+AoI0rXynhvAOEhOr7cMViw6l+44tbJJ8Af5Akd AYqvGifdNh3LamHoheMEfADuMIPlLou5KwxCPlJQh8E1kVUvWKGDIrzYRkvb5TSL 2E583o8/aQcviamXaMa1r3gOcQELDV6ZxcJHAHW3PIV44NPMm5A30PUwlVx2iE+l t9bsSuVjPzzfuqeNFp+8fejjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUElv2DRMS wCKGeu/YdyTLeL80/BQwHwYDVR0jBBgwFoAUh7HuPp7irRoRPyeipU4sC41a+zQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGOUY1LzhCOTI2RDJBNUI5 RTExRUY4QkY5MTc1QkM0RjlBRTAyL2g3SHVQcDdpclJvUlB5ZWlwVTRzQzQxYS16 US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDdIdVBwN2lyUm9SUHllaXBVNHNDNDFhLXpRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG OUY1LzhCOTI2RDJBNUI5RTExRUY4QkY5MTc1QkM0RjlBRTAyL2g3SHVQcDdpclJv UlB5ZWlwVTRzQzQxYS16US5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKavNUxGaesV9Imi59FkMinYbRyOuWWYU5I/DvanBzVuqx4DWgjwMJl+ njt6uCduTzfP4cJDYD6OdlBAzzuoOxTyp+LmS0RoGB/Q2ZMsDMQgQU5zY2Lo9g0E zmVudCpc3EjmoZ4In5lqHs50kjetdPKp7rRaMtbHRLbepv86dK9CnyzkxwAAQILe VuRK8t9fnYqhbZ2gExIXlqJL/tMlIun5EA7XSUvinL6TMEsdjODET0XoKtPyjyc3 NnyzbD4z/m764ip0WX8xdP+FSsXfx0gMlAhOYCiLIeKWs4a3jtBIpYPR0i4nh7Pr tmcKolSMmhItcarEWeL2uWrf+kX/jpc= -----END CERTIFICATE-----Generated at Thu Sep 19 07:14:23 2024 by rpki-client on console-fra.rpki-client.org