$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.mft File: LHtdhHIAPPNDas_lth6J7Isa2Ks.mft (raw, json) Hash identifier: vntoXmTmG+Ft+vK+T/bkMDy3qx/pFoTaiGByhWd7Hv0= Subject key identifier: 2A:C9:E1:95:6D:E8:83:A3:AD:A0:DF:11:69:02:8C:8B:39:D7:5F:09 Authority key identifier: 2C:7B:5D:84:72:00:3C:F3:43:6A:CF:E5:B6:1E:89:EC:8B:1A:D8:AB Certificate issuer: /CN=A91E0CA1/serialNumber=2C7B5D8472003CF3436ACFE5B61E89EC8B1AD8AB Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LHtdhHIAPPNDas_lth6J7Isa2Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.mft Manifest number: 25 Signing time: Wed 20 Nov 2024 19:25:11 +0000 Manifest this update: Wed 20 Nov 2024 19:25:11 +0000 Manifest next update: Wed 27 Nov 2024 19:25:11 +0000 Files and hashes: 1: LHtdhHIAPPNDas_lth6J7Isa2Ks.crl (hash: GzWvq143TNlxzjJfqKqBry30iFGQYtCuCkA7+C8TqiI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.crl rsync://rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LHtdhHIAPPNDas_lth6J7Isa2Ks.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 15:22:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0CA1/serialNumber=2C7B5D8472003CF3436ACFE5B61E89EC8B1AD8AB Validity Not Before: Nov 20 19:25:11 2024 GMT Not After : Nov 27 19:25:11 2024 GMT Subject: CN=673e3797-c124 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5a:37:5b:25:07:06:2e:cb:6a:38:fa:86:2e: b1:bd:4f:5d:32:26:e4:c6:28:8b:be:ab:22:e4:63: b8:8a:da:7c:21:b9:61:d9:04:b6:37:35:60:a5:e0: ff:16:c1:5b:8e:e2:58:86:a6:50:54:2b:99:2c:12: 69:57:f5:d3:98:83:42:5b:5a:f5:96:1c:24:2b:9e: 06:63:06:e7:1e:44:23:f9:70:81:0e:2d:14:02:84: dc:0c:c4:54:c7:fa:47:b3:17:b4:59:ea:bd:9d:d7: c2:57:d9:0e:3e:12:6d:c8:7d:b5:7a:93:b3:3c:6f: 42:7b:74:bf:02:3c:df:b3:ea:84:1a:96:02:3c:fa: e7:4e:03:6f:7d:92:7d:bb:8b:f2:c8:e1:0b:97:9a: fb:b6:c7:fa:48:2d:a3:75:99:ba:75:1e:da:a7:0b: 66:60:1b:bb:e9:9f:c7:1b:e9:b5:73:bd:57:9a:72: 20:97:be:7c:1b:e5:02:26:2f:7f:bc:2b:65:e4:ff: a0:72:93:0d:78:1f:3c:5c:9a:33:ed:a7:9d:b3:75: d8:8f:c6:ea:43:42:0d:82:70:5a:9e:12:9f:8c:8e: d8:7d:69:12:d5:c4:0c:d1:ab:7a:b6:c2:61:52:07: 30:ec:ad:fc:b1:b5:5f:b4:51:16:0f:7f:f3:d1:81: ec:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:C9:E1:95:6D:E8:83:A3:AD:A0:DF:11:69:02:8C:8B:39:D7:5F:09 X509v3 Authority Key Identifier: keyid:2C:7B:5D:84:72:00:3C:F3:43:6A:CF:E5:B6:1E:89:EC:8B:1A:D8:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/LHtdhHIAPPNDas_lth6J7Isa2Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/4E11F4D6719011EF83C4BF7AC4F9AE02/LHtdhHIAPPNDas_lth6J7Isa2Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:ff:78:30:4a:2d:07:3b:c1:88:f1:c1:1c:25:2f:63:c1:65: 98:41:e8:e5:2b:a5:8a:f0:8d:40:cb:76:d7:78:3f:4e:1f:cb: ca:f5:d0:f9:77:5c:ce:1c:7d:01:f4:9c:7d:2c:b5:c0:03:e9: 7e:a9:15:2c:1f:fa:7f:0b:a2:82:85:2f:de:6a:8b:3a:c8:a4: 81:ce:23:77:5d:f8:05:3c:d9:7a:8a:64:70:4c:f4:30:e8:20: 2a:c5:ba:cb:43:01:30:35:51:29:3b:2d:1f:9c:a5:a3:9a:5d: ff:83:20:4d:8e:46:6d:b1:b4:6b:7f:d4:2e:f3:65:7e:99:1e: 9a:d9:8e:10:87:5c:aa:45:5f:d7:4b:e3:04:c6:03:f6:3c:73: ca:07:b5:f3:ce:a5:39:e9:e0:1b:46:18:30:2f:33:c4:e0:5f: 45:22:74:cd:c3:02:c0:2b:fb:d7:72:8c:d2:f9:cb:dd:44:8f: 55:c7:78:95:9f:f7:cb:f4:5c:a4:ac:08:7a:08:8a:9e:eb:fa: 16:c1:1c:76:71:45:6b:98:94:1e:fc:2d:b7:8c:48:9f:93:cd: 84:39:35:26:f6:f7:92:bf:0d:ea:15:72:13:60:22:81:ee:9e: 2c:c6:74:13:4f:73:1e:d5:a0:1f:86:ba:72:00:c5:cf:c3:54: fe:f6:4d:18 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MENBMTExMC8GA1UEBRMoMkM3QjVEODQ3MjAwM0NGMzQzNkFDRkU1QjYxRTg5RUM4 QjFBRDhBQjAeFw0yNDExMjAxOTI1MTFaFw0yNDExMjcxOTI1MTFaMBgxFjAUBgNV BAMTDTY3M2UzNzk3LWMxMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJWjdbJQcGLstqOPqGLrG9T10yJuTGKIu+qyLkY7iK2nwhuWHZBLY3NWCl4P8W wVuO4liGplBUK5ksEmlX9dOYg0JbWvWWHCQrngZjBuceRCP5cIEOLRQChNwMxFTH +kezF7RZ6r2d18JX2Q4+Em3IfbV6k7M8b0J7dL8CPN+z6oQalgI8+udOA299kn27 i/LI4QuXmvu2x/pILaN1mbp1HtqnC2ZgG7vpn8cb6bVzvVeaciCXvnwb5QImL3+8 K2Xk/6Bykw14HzxcmjPtp52zddiPxupDQg2CcFqeEp+Mjth9aRLVxAzRq3q2wmFS BzDsrfyxtV+0URYPf/PRgez/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKsnhlW3o g6OtoN8RaQKMiznXXwkwHwYDVR0jBBgwFoAULHtdhHIAPPNDas/lth6J7Isa2Ksw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUwQ0ExLzRFMTFGNEQ2NzE5 MDExRUY4M0M0QkY3QUM0RjlBRTAyL0xIdGRoSElBUFBORGFzX2x0aDZKN0lzYTJL cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTEh0ZGhISUFQUE5EYXNfbHRoNko3SXNhMktzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUw Q0ExLzRFMTFGNEQ2NzE5MDExRUY4M0M0QkY3QUM0RjlBRTAyL0xIdGRoSElBUFBO RGFzX2x0aDZKN0lzYTJLcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIL/eDBKLQc7wYjxwRwlL2PBZZhB6OUrpYrwjUDLdtd4P04fy8r10Pl3 XM4cfQH0nH0stcAD6X6pFSwf+n8LooKFL95qizrIpIHOI3dd+AU82XqKZHBM9DDo ICrFustDATA1USk7LR+cpaOaXf+DIE2ORm2xtGt/1C7zZX6ZHprZjhCHXKpFX9dL 4wTGA/Y8c8oHtfPOpTnp4BtGGDAvM8TgX0UidM3DAsAr+9dyjNL5y91Ej1XHeJWf 98v0XKSsCHoIip7r+hbBHHZxRWuYlB78LbeMSJ+TzYQ5NSb295K/DeoVchNgIoHu nizGdBNPcx7VoB+GunIAxc/DVP72TRg= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:28 2024 by rpki-client on console-fra.rpki-client.org