$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft File: lfCdXluLzW9LTWm1yTbJEvd9LP0.mft (raw, json) Hash identifier: dnEQKzVZPmmFizucrMPuzQDcXetanyq+LGCkTazXLwI= Subject key identifier: 87:9F:73:DB:2E:7F:2C:CA:D6:C6:DE:F6:4C:B9:54:F1:48:F4:96:CE Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD Certificate issuer: /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft Manifest number: 30 Signing time: Thu 21 Nov 2024 05:46:42 +0000 Manifest this update: Thu 21 Nov 2024 05:46:42 +0000 Manifest next update: Thu 28 Nov 2024 05:46:42 +0000 Files and hashes: 1: lfCdXluLzW9LTWm1yTbJEvd9LP0.crl (hash: rLqDhez+vWgZWgKSt2/G1wMAXm3E+0EQIKxskE5cz4U=) 2: B23569E2756511EFB018F20DC4F9AE02.roa (hash: r6mTJvt8SukGGtNb+WgynqBgaxV1KBCRpaFxjoCbFH8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Validity Not Before: Nov 21 05:46:42 2024 GMT Not After : Nov 28 05:46:42 2024 GMT Subject: CN=673ec942-e1f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b6:ab:97:fc:a4:94:ee:32:cf:ef:3f:a9:7f: 78:b5:4c:ff:43:f3:01:9c:17:91:90:52:33:0a:f2: 04:cd:78:cc:ff:e8:ed:fc:b4:3b:75:74:2c:ad:19: 7b:26:a3:64:0c:5c:d0:1c:29:9a:1a:35:d3:b8:35: c2:e7:54:08:63:c0:b1:bf:a3:b9:b2:33:0d:6c:90: 88:9e:2c:27:c7:5d:45:5e:38:fe:4d:60:35:60:a1: 86:62:bb:d5:3c:4f:53:1a:b6:2f:a1:41:79:d7:73: 78:30:f8:6f:f3:7c:52:76:93:31:a1:52:e5:32:38: c5:04:a5:ad:d8:35:65:87:5b:ff:97:1f:2e:90:36: 1d:3e:3c:12:9f:2b:82:01:5e:b6:54:d6:01:d5:56: a5:ba:c4:7a:bf:49:1a:28:ef:2a:6f:99:ef:c0:8d: 71:fb:ab:72:7b:10:f7:fc:03:f4:fd:27:77:64:04: 72:fc:0b:01:dd:ea:7b:6a:dc:db:35:72:c4:1e:bf: d4:45:49:bc:d2:a7:bc:c3:e6:f8:8b:ed:69:e6:67: fe:05:de:5c:2d:11:ff:6f:46:48:fb:8c:99:d4:fc: 0f:bb:0c:a7:9d:f4:1e:fa:17:ee:38:ea:27:c5:c5: 3b:d0:d2:45:9a:d1:36:e1:06:13:01:fa:32:ce:30: 61:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:9F:73:DB:2E:7F:2C:CA:D6:C6:DE:F6:4C:B9:54:F1:48:F4:96:CE X509v3 Authority Key Identifier: keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:0e:25:57:77:ee:53:28:83:d2:8c:93:88:8f:e6:f9:b6:b6: 94:81:0b:6c:18:af:fa:2c:e1:f4:4b:5d:14:66:eb:f7:02:ab: a3:11:72:5f:cf:26:d4:6a:6e:8b:b9:3d:0e:eb:ff:8f:22:e7: 85:21:4f:b5:3a:77:ca:8d:c0:a4:f2:01:0a:cd:5d:20:dd:79: f2:6d:ee:05:ac:cb:68:cb:db:98:07:0f:36:05:01:c4:4e:9f: 5b:7b:d1:73:64:60:fb:84:24:d5:60:06:b3:a2:2b:d0:d8:ca: fb:b1:48:99:71:a9:71:0c:70:9d:45:63:50:36:b9:e8:7a:4b: 96:d4:a9:61:4e:6c:9b:b7:5d:ab:90:85:c3:a3:f9:de:99:d7: a4:b4:ba:4d:53:84:a6:25:aa:0b:ad:4a:7b:54:11:5f:97:96: f0:fb:75:dd:49:c5:37:57:e8:e1:7a:c5:97:05:4c:b3:b7:65: 36:b7:4f:8e:e0:f8:b6:df:57:b3:1f:74:b5:7c:2a:ab:3b:36: 22:eb:dd:73:11:d1:e3:58:d1:6b:ab:8f:e1:63:09:d4:07:01: 7a:9f:cc:03:47:d6:9d:fb:0c:08:3e:f9:fa:8f:69:97:85:57: b7:14:f6:93:27:14:66:8b:98:7e:f3:13:ad:57:33:76:93:63: 95:59:ea:d6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NDRCRTExMC8GA1UEBRMoOTVGMDlENUU1QjhCQ0Q2RjRCNEQ2OUI1QzkzNkM5MTJG NzdEMkNGRDAeFw0yNDExMjEwNTQ2NDJaFw0yNDExMjgwNTQ2NDJaMBgxFjAUBgNV BAMTDTY3M2VjOTQyLWUxZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8tquX/KSU7jLP7z+pf3i1TP9D8wGcF5GQUjMK8gTNeMz/6O38tDt1dCytGXsm o2QMXNAcKZoaNdO4NcLnVAhjwLG/o7myMw1skIieLCfHXUVeOP5NYDVgoYZiu9U8 T1Mati+hQXnXc3gw+G/zfFJ2kzGhUuUyOMUEpa3YNWWHW/+XHy6QNh0+PBKfK4IB XrZU1gHVVqW6xHq/SRoo7ypvme/AjXH7q3J7EPf8A/T9J3dkBHL8CwHd6ntq3Ns1 csQev9RFSbzSp7zD5viL7WnmZ/4F3lwtEf9vRkj7jJnU/A+7DKed9B76F+446ifF xTvQ0kWa0TbhBhMB+jLOMGErAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUh59z2y5/ LMrWxt72TLlU8Uj0ls4wHwYDVR0jBBgwFoAUlfCdXluLzW9LTWm1yTbJEvd9LP0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0NEJFLzAyOEFCRTQyNjky MjExRUZCRjg3QkIwRUM0RjlBRTAyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQ MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbGZDZFhsdUx6VzlMVFdtMXlUYkpFdmQ5TFAwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0 NEJFLzAyOEFCRTQyNjkyMjExRUZCRjg3QkIwRUM0RjlBRTAyL2xmQ2RYbHVMelc5 TFRXbTF5VGJKRXZkOUxQMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIwOJVd37lMog9KMk4iP5vm2tpSBC2wYr/os4fRLXRRm6/cCq6MRcl/P JtRqbou5PQ7r/48i54UhT7U6d8qNwKTyAQrNXSDdefJt7gWsy2jL25gHDzYFAcRO n1t70XNkYPuEJNVgBrOiK9DYyvuxSJlxqXEMcJ1FY1A2ueh6S5bUqWFObJu3XauQ hcOj+d6Z16S0uk1ThKYlqgutSntUEV+XlvD7dd1JxTdX6OF6xZcFTLO3ZTa3T47g +LbfV7MfdLV8Kqs7NiLr3XMR0eNY0Wurj+FjCdQHAXqfzANH1p37DAg++fqPaZeF V7cU9pMnFGaLmH7zE61XM3aTY5VZ6tY= -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:39 2024 by rpki-client on console-ams.rpki-client.org