$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft File: onKsr-j6pPKpcApvwRQlkIx0PUs.mft (raw, json) Hash identifier: u9SXHoC5V4nfj8PEffesBVwe/L3bABbGpu9A+U4jcr4= Subject key identifier: 8F:06:10:E9:7B:72:4C:A9:D0:77:70:A3:AD:54:CE:AD:3C:06:3C:60 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0A38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft Manifest number: 09F2 Signing time: Fri 22 Nov 2024 06:18:27 +0000 Manifest this update: Fri 22 Nov 2024 06:18:26 +0000 Manifest next update: Fri 29 Nov 2024 06:18:26 +0000 Files and hashes: 1: onKsr-j6pPKpcApvwRQlkIx0PUs.crl (hash: PYKTG9X2f3au3XGqNk9uzhrnCYRk9hjyvIXRo+6wrKI=) 2: B379B0346F4711EA81200366C4F9AE02.roa (hash: FuocMJExMkUp16L3R6FsGdSdFiq3mtbQ0I+3NIZrReg=) 3: 7BB34CF0902B11EFA6CE1B54C4F9AE02.roa (hash: l9x6FIaFuZN5Pq5zzX5mei4/jjI9QD4zwCRUXOSB8yw=) 4: F5943602A73111EFB3C1D127C4F9AE02.roa (hash: q75a4TKNtA4WizlQf+XSA0yd7AMzDpfJfJo8B54FqMM=) 5: 95BD9D90A56A11EFA5ABDC46C4F9AE02.roa (hash: OSzx+tHbv8GS0QRL7lJHUONIT8BBObbjKgYazgGJOB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2616 (0xa38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Nov 22 06:18:26 2024 GMT Not After : Nov 29 06:18:26 2024 GMT Subject: CN=67402232-479d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0f:1d:8b:ac:04:60:bd:91:14:ad:7c:cb:fe: 3c:df:85:08:35:4a:5d:a8:6e:09:08:02:ea:15:92: 75:d6:31:10:f0:73:ca:56:a7:58:b9:a7:c4:b0:4c: af:3e:36:a0:46:5e:7a:a0:f8:23:33:7b:84:c5:75: c9:68:bd:3d:f7:3a:bc:c9:86:78:8f:a7:ee:9c:9d: 05:b2:ea:2c:0c:71:2a:46:72:d0:dd:a7:06:ba:4a: e2:f8:5c:10:df:f2:f6:48:4c:d6:c3:4c:6a:6a:8a: bf:e2:45:f4:8c:4f:bb:cc:8e:82:c8:6a:9c:a2:19: e8:09:9b:a4:9f:61:c3:90:39:27:b5:8b:e3:14:cd: ce:ba:ab:81:ec:07:5e:f7:00:13:b3:38:64:c2:82: 6a:2c:0a:82:90:31:62:3d:92:71:99:0b:e2:d9:51: 62:69:ae:eb:e3:c5:4b:e6:eb:0e:14:94:db:fc:fc: ff:88:38:81:ed:99:e5:05:ef:de:49:56:65:49:26: 81:29:2b:5f:af:04:49:b1:f8:48:e0:31:95:4a:64: 62:3b:b5:e4:ef:2c:8e:ec:31:1f:2e:be:72:dc:f7: da:33:af:16:50:88:e0:65:33:6b:62:99:c7:9e:e9: 46:cb:45:6a:31:a0:48:5e:d9:24:ee:0d:38:0a:56: 21:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:06:10:E9:7B:72:4C:A9:D0:77:70:A3:AD:54:CE:AD:3C:06:3C:60 X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:fa:39:14:2a:17:c9:1c:c4:79:85:75:8f:8a:b7:e9:58:12: f0:d3:5f:dd:b5:69:cb:db:57:0e:0b:e3:0e:27:01:26:fc:34: 8e:97:2f:74:c3:14:79:c9:e1:4c:c4:21:ad:f7:20:b6:8e:7b: 1f:55:90:a7:d3:ba:6b:0b:a1:bc:9e:40:0a:6f:c0:13:7b:7e: cd:27:f5:2e:72:94:57:05:8b:c2:8c:af:f6:e2:0c:69:17:ea: 28:71:3f:6d:42:b8:da:66:df:23:9a:28:9a:a3:22:e6:f6:79: fa:53:54:b2:d6:68:23:a7:c8:b0:05:4f:a6:9c:27:a2:54:39: 63:7f:46:c1:13:47:c2:9b:fa:6d:fd:c3:51:63:a5:ff:e0:24: b0:73:82:2f:30:b1:77:ca:02:e5:b5:75:7a:24:29:e0:71:a4: a6:63:e5:9e:d1:06:fa:8e:83:a2:6f:72:3f:86:a4:ac:1f:96: 55:6c:99:e6:2d:72:7a:48:da:d1:32:c9:21:3e:20:4c:c0:c4: dd:25:56:f9:db:35:59:5c:ba:72:bb:5d:2c:f3:6e:90:07:05: 93:ef:9d:39:d5:5e:18:81:77:8a:37:78:99:0d:db:42:55:0d: c1:1e:24:93:60:94:b4:bf:c4:2c:0f:a4:f4:51:7f:54:49:ae: 35:08:8b:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjQxMTIyMDYxODI2WhcNMjQxMTI5MDYxODI2WjAYMRYwFAYD VQQDEw02NzQwMjIzMi00NzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyA8di6wEYL2RFK18y/4834UINUpdqG4JCALqFZJ11jEQ8HPKVqdYuafEsEyv PjagRl56oPgjM3uExXXJaL099zq8yYZ4j6funJ0FsuosDHEqRnLQ3acGukri+FwQ 3/L2SEzWw0xqaoq/4kX0jE+7zI6CyGqcohnoCZukn2HDkDkntYvjFM3OuquB7Ade 9wATszhkwoJqLAqCkDFiPZJxmQvi2VFiaa7r48VL5usOFJTb/Pz/iDiB7ZnlBe/e SVZlSSaBKStfrwRJsfhI4DGVSmRiO7Xk7yyO7DEfLr5y3PfaM68WUIjgZTNrYpnH nulGy0VqMaBIXtkk7g04ClYh+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI8GEOl7 ckyp0Hdwo61Uzq08BjxgMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0UyNy9GMzg4ODc2NjZGM0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQ S3BjQXB2d1JRbGtJeDBQVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBp+jkUKhfJHMR5hXWPirfpWBLw01/dtWnL21cOC+MOJwEm/DSOly90 wxR5yeFMxCGt9yC2jnsfVZCn07prC6G8nkAKb8ATe37NJ/UucpRXBYvCjK/24gxp F+oocT9tQrjaZt8jmiiaoyLm9nn6U1Sy1mgjp8iwBU+mnCeiVDljf0bBE0fCm/pt /cNRY6X/4CSwc4IvMLF3ygLltXV6JCngcaSmY+We0Qb6joOib3I/hqSsH5ZVbJnm LXJ6SNrRMskhPiBMwMTdJVb52zVZXLpyu10s826QBwWT75051V4YgXeKN3iZDdtC VQ3BHiSTYJS0v8QsD6T0UX9USa41CItj -----END CERTIFICATE-----Generated at Fri Nov 22 06:58:20 2024 by rpki-client on console-fra.rpki-client.org