$ rpki-client -vvf rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft File: GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft (raw, json) Hash identifier: eWFd82G7rvHB1/xwD3qOik+i7KJjodue14bXWIPhQCQ= Subject key identifier: 84:1E:93:DA:07:FB:BB:19:80:EA:D0:21:C1:D9:50:2D:63:60:82:E7 Authority key identifier: 18:81:5B:34:C8:69:28:4B:43:23:C9:16:99:36:77:0F:DD:0B:42:36 Certificate issuer: /CN=A91DACA7/serialNumber=18815B34C869284B4323C9169936770FDD0B4236 Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft Manifest number: 42 Signing time: Sat 23 Nov 2024 05:21:55 +0000 Manifest this update: Sat 23 Nov 2024 05:21:54 +0000 Manifest next update: Sat 30 Nov 2024 05:21:54 +0000 Files and hashes: 1: GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl (hash: adOnscj3mGhiXyRnh7lXD4fAalPOLbgCtgS5b9Nv1SE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DACA7/serialNumber=18815B34C869284B4323C9169936770FDD0B4236 Validity Not Before: Nov 23 05:21:54 2024 GMT Not After : Nov 30 05:21:54 2024 GMT Subject: CN=67416673-fe19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:88:94:d0:d9:4a:a5:fa:2f:30:cc:c2:e8:c4: 6b:97:29:05:bc:ac:a9:d2:a5:88:b9:0b:71:c5:71: e3:a0:1f:3b:d3:86:95:b9:e5:2a:68:f2:3d:c6:47: f5:1a:fa:a8:09:b7:d9:5d:e9:a6:52:ef:56:c6:b3: 75:8c:7e:3b:54:4e:92:b3:fd:b4:67:3a:56:dc:df: 4c:e1:99:14:89:87:ed:a0:f5:83:5d:b6:5a:49:03: d7:a9:00:af:e5:0f:42:86:e0:81:e0:b1:22:d2:a3: 64:f0:9d:83:0d:27:8e:2e:ab:a1:e3:10:94:ca:0d: e2:42:f6:4c:a6:9c:6d:1f:5c:80:f4:c4:fc:79:58: a7:fe:94:3f:6f:0c:11:cf:0e:7d:c6:d2:76:29:09: 07:20:48:1a:a5:b6:4d:b9:df:49:bd:04:59:92:09: f8:ce:e2:e4:52:7c:2c:52:d1:5c:7b:15:49:d2:da: 20:b3:18:3d:2e:92:14:78:fc:59:3e:35:3c:02:16: 11:d5:de:0e:c9:69:04:dc:43:15:98:b4:15:07:6d: 14:b3:64:28:e8:cf:c7:5a:28:5e:df:88:88:37:32: cb:db:df:49:a6:20:6a:ad:21:55:83:50:90:0d:e7: a9:eb:9d:32:23:da:8a:aa:50:23:60:07:66:c5:49: c4:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:1E:93:DA:07:FB:BB:19:80:EA:D0:21:C1:D9:50:2D:63:60:82:E7 X509v3 Authority Key Identifier: keyid:18:81:5B:34:C8:69:28:4B:43:23:C9:16:99:36:77:0F:DD:0B:42:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:83:33:44:fe:a3:99:c4:88:68:82:6a:74:fd:66:70:0d:5f: 49:51:44:e4:e5:c2:60:52:a6:87:a0:25:b7:9b:b1:26:18:37: fc:70:a0:92:70:4f:28:7e:2f:47:f2:c7:a2:df:90:83:8b:77: a9:fc:e0:fb:ef:46:bc:04:2c:b9:e4:09:a1:9b:21:83:06:20: 60:db:27:1c:08:50:dd:11:fe:b9:02:15:31:12:f4:1f:d3:5a: a4:3b:b8:09:59:3f:d9:24:00:a1:6c:5d:cc:a6:4a:ef:f8:eb: 37:c7:9e:22:92:b2:e9:b0:9f:9f:ee:13:d6:90:a7:2a:af:a6: 2d:cd:63:e3:e7:c4:c0:80:b5:4f:62:bc:19:19:c0:c9:3b:90: fe:6f:0d:2f:10:70:eb:68:50:1f:c4:17:10:8c:c5:66:8d:ad: 14:cb:4f:db:65:7a:a1:c8:31:37:a5:cd:ed:a1:b3:08:6a:d9: 7f:3f:85:e0:8f:9d:83:bd:ed:dc:ac:86:0a:94:a2:8e:8e:4a: 32:7c:16:fb:29:75:ea:85:14:1c:9e:82:19:f6:a6:15:8b:c5: 94:05:fe:52:7a:8f:9e:69:7e:3c:3b:43:39:3d:57:4e:ea:4d: cb:89:f4:84:43:5f:80:88:34:4f:33:dd:af:6e:f9:77:98:fa: ae:01:c1:41 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QUNBNzExMC8GA1UEBRMoMTg4MTVCMzRDODY5Mjg0QjQzMjNDOTE2OTkzNjc3MEZE RDBCNDIzNjAeFw0yNDExMjMwNTIxNTRaFw0yNDExMzAwNTIxNTRaMBgxFjAUBgNV BAMTDTY3NDE2NjczLWZlMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCaiJTQ2Uql+i8wzMLoxGuXKQW8rKnSpYi5C3HFceOgHzvThpW55Spo8j3GR/Ua +qgJt9ld6aZS71bGs3WMfjtUTpKz/bRnOlbc30zhmRSJh+2g9YNdtlpJA9epAK/l D0KG4IHgsSLSo2TwnYMNJ44uq6HjEJTKDeJC9kymnG0fXID0xPx5WKf+lD9vDBHP Dn3G0nYpCQcgSBqltk2530m9BFmSCfjO4uRSfCxS0Vx7FUnS2iCzGD0ukhR4/Fk+ NTwCFhHV3g7JaQTcQxWYtBUHbRSzZCjoz8daKF7fiIg3Msvb30mmIGqtIVWDUJAN 56nrnTIj2oqqUCNgB2bFScSvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhB6T2gf7 uxmA6tAhwdlQLWNggucwHwYDVR0jBBgwFoAUGIFbNMhpKEtDI8kWmTZ3D90LQjYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBQ0E3LzU5Qjk0MTg2NDVC MjExRUZBNURGNkQxOUM0RjlBRTAyL0dJRmJOTWhwS0V0REk4a1dtVFozRDkwTFFq WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvR0lGYk5NaHBLRXRESThrV21UWjNEOTBMUWpZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURB Q0E3LzU5Qjk0MTg2NDVCMjExRUZBNURGNkQxOUM0RjlBRTAyL0dJRmJOTWhwS0V0 REk4a1dtVFozRDkwTFFqWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADKDM0T+o5nEiGiCanT9ZnANX0lRROTlwmBSpoegJbebsSYYN/xwoJJw Tyh+L0fyx6LfkIOLd6n84PvvRrwELLnkCaGbIYMGIGDbJxwIUN0R/rkCFTES9B/T WqQ7uAlZP9kkAKFsXcymSu/46zfHniKSsumwn5/uE9aQpyqvpi3NY+PnxMCAtU9i vBkZwMk7kP5vDS8QcOtoUB/EFxCMxWaNrRTLT9tleqHIMTelze2hswhq2X8/heCP nYO97dyshgqUoo6OSjJ8FvspdeqFFByeghn2phWLxZQF/lJ6j55pfjw7Qzk9V07q TcuJ9IRDX4CINE8z3a9u+XeY+q4BwUE= -----END CERTIFICATE-----Generated at Sat Nov 23 06:21:30 2024 by rpki-client on console-fra.rpki-client.org