$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft File: lX5Qp1--UC844-2_P0qq5mWuFIs.mft (raw, json) Hash identifier: OioePYcVbppl3NhKrLRW/UD4HCzFKwPTSRpuEIaXI6I= Subject key identifier: CF:2B:BC:A2:5B:83:19:98:54:F4:FE:10:F5:14:1F:E3:E6:50:C3:C7 Authority key identifier: 95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B Certificate issuer: /CN=A91D0B0E/serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft Manifest number: 1D Signing time: Thu 21 Nov 2024 05:56:49 +0000 Manifest this update: Thu 21 Nov 2024 05:56:48 +0000 Manifest next update: Thu 28 Nov 2024 05:56:48 +0000 Files and hashes: 1: lX5Qp1--UC844-2_P0qq5mWuFIs.crl (hash: NYkdDOELtmJCfPz6nJ0RDA/skIMinFcrpKNvVd0XPN4=) 2: A0A9D60C807511EFAD8C4257C4F9AE02.roa (hash: QmeMLe3zHSz7gk9gq16CkmBIAgYCod6kVBmzDpdZxiM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B0E/serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Validity Not Before: Nov 21 05:56:48 2024 GMT Not After : Nov 28 05:56:48 2024 GMT Subject: CN=673ecba1-46fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:19:9b:89:51:a7:39:cd:a7:f4:5d:c3:73:b6: 6a:59:a9:32:1d:d5:c7:66:88:59:c8:a6:54:86:9b: 94:a7:f5:2b:59:ac:05:11:79:c8:e3:68:dd:06:6b: 2f:d5:b1:d0:1e:7b:7f:32:06:e0:68:e0:30:a3:a6: 74:17:22:8f:98:05:5a:ec:05:f8:d5:61:4b:d8:de: 02:52:fb:d9:6e:cd:5a:36:bc:3f:9b:3d:fe:ab:5d: 3a:a0:24:f6:9f:89:33:68:e8:38:7e:2f:8f:eb:ef: ee:9c:59:c3:e2:07:37:8c:48:db:b0:8c:b6:8c:d2: 68:3f:2f:f7:84:46:24:d9:91:51:ea:2d:20:ae:84: 50:a7:ed:c4:8a:20:eb:62:77:4a:c3:e9:39:b7:e5: 10:5d:c6:7e:95:03:ab:2c:63:39:82:a9:3d:ab:59: e3:14:33:04:80:0c:97:37:5a:1a:4e:63:0e:17:8e: f7:51:4b:48:d0:7c:e3:18:bd:55:e6:77:90:b9:71: 16:d0:a0:ec:82:b4:05:ef:0c:c4:ca:28:f1:ef:e1: f1:b0:03:f7:48:cf:cc:43:52:a6:1c:71:1e:f2:60: 7d:51:b0:22:dc:1e:0c:b7:0a:28:8c:fe:da:47:0f: c2:49:21:4e:e9:fa:72:b2:04:bd:c7:d1:24:35:8d: f5:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:2B:BC:A2:5B:83:19:98:54:F4:FE:10:F5:14:1F:E3:E6:50:C3:C7 X509v3 Authority Key Identifier: keyid:95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:3e:83:0a:48:7d:81:9d:03:7b:b1:9a:45:9f:0d:99:8e:23: eb:0c:2e:e8:c4:71:43:d6:8a:a2:5f:1d:3b:78:30:6a:86:8b: 57:04:7c:a6:9a:5b:aa:10:8f:47:ea:20:47:29:37:41:a6:d7: 71:d6:0d:19:2d:70:5b:dc:e1:4e:a9:20:96:5f:8e:b2:d5:f8: 89:95:f6:80:48:c0:9e:34:12:bb:d2:c8:fe:bb:0f:08:0e:0c: ba:2b:b0:a9:16:cf:a1:02:88:85:e0:6c:6c:59:f2:95:23:b9: 9a:30:40:58:a3:4c:74:0b:a1:c8:70:f2:53:47:fe:98:1a:40: 14:24:95:47:f3:36:11:7c:16:e8:ed:e0:d3:c3:3b:c8:6c:93: 61:d4:be:1a:db:30:8a:b2:4a:de:6e:ae:81:17:65:ce:7d:3c: 3c:4c:c5:06:a9:28:f3:52:21:18:65:2f:c8:a7:e4:21:a7:8f: 3f:e9:9c:55:d3:de:24:3f:70:dc:d4:6a:53:de:d7:0f:0b:71: b0:9c:a0:fb:2e:5c:0d:fa:ce:ff:a7:8f:57:28:5b:77:ce:4c: 4d:06:35:09:83:60:9c:ea:de:af:aa:ef:b2:32:c2:02:66:ee: 8d:47:41:4f:0c:c2:50:05:00:86:ad:7b:88:c0:7c:d4:1c:4d: f7:a6:8e:c7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEIwRTExMC8GA1UEBRMoOTU3RTUwQTc1RkJFNTAyRjM4RTNFREJGM0Y0QUFBRTY2 NUFFMTQ4QjAeFw0yNDExMjEwNTU2NDhaFw0yNDExMjgwNTU2NDhaMBgxFjAUBgNV BAMTDTY3M2VjYmExLTQ2ZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnGZuJUac5zaf0XcNztmpZqTId1cdmiFnIplSGm5Sn9StZrAURecjjaN0Gay/V sdAee38yBuBo4DCjpnQXIo+YBVrsBfjVYUvY3gJS+9luzVo2vD+bPf6rXTqgJPaf iTNo6Dh+L4/r7+6cWcPiBzeMSNuwjLaM0mg/L/eERiTZkVHqLSCuhFCn7cSKIOti d0rD6Tm35RBdxn6VA6ssYzmCqT2rWeMUMwSADJc3WhpOYw4XjvdRS0jQfOMYvVXm d5C5cRbQoOyCtAXvDMTKKPHv4fGwA/dIz8xDUqYccR7yYH1RsCLcHgy3CiiM/tpH D8JJIU7p+nKyBL3H0SQ1jfX7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzyu8oluD GZhU9P4Q9RQf4+ZQw8cwHwYDVR0jBBgwFoAUlX5Qp1++UC844+2/P0qq5mWuFIsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQjBFLzRFNkNCNEY2ODA2 OTExRUY4ODdCNzAzQ0M0RjlBRTAyL2xYNVFwMS0tVUM4NDQtMl9QMHFxNW1XdUZJ cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbFg1UXAxLS1VQzg0NC0yX1AwcXE1bVd1RklzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw QjBFLzRFNkNCNEY2ODA2OTExRUY4ODdCNzAzQ0M0RjlBRTAyL2xYNVFwMS0tVUM4 NDQtMl9QMHFxNW1XdUZJcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJc+gwpIfYGdA3uxmkWfDZmOI+sMLujEcUPWiqJfHTt4MGqGi1cEfKaa W6oQj0fqIEcpN0Gm13HWDRktcFvc4U6pIJZfjrLV+ImV9oBIwJ40ErvSyP67DwgO DLorsKkWz6ECiIXgbGxZ8pUjuZowQFijTHQLochw8lNH/pgaQBQklUfzNhF8Fujt 4NPDO8hsk2HUvhrbMIqySt5uroEXZc59PDxMxQapKPNSIRhlL8in5CGnjz/pnFXT 3iQ/cNzUalPe1w8LcbCcoPsuXA36zv+nj1coW3fOTE0GNQmDYJzq3q+q77IywgJm 7o1HQU8MwlAFAIate4jAfNQcTfemjsc= -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:50 2024 by rpki-client on console-fra.rpki-client.org