$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft File: aGr0G8M9rvgo-rSuSjoNWHutDT8.mft (raw, json) Hash identifier: CDe2UkLKx5l8YRX0BbcnzksnBmkV/rfcR4CTuMgIadM= Subject key identifier: 46:E1:C8:93:A7:6F:92:76:CE:C2:93:3D:20:11:8B:E3:61:18:40:A7 Authority key identifier: 68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F Certificate issuer: /CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Certificate serial: 0540 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft Manifest number: 0531 Signing time: Wed 20 Nov 2024 23:05:34 +0000 Manifest this update: Wed 20 Nov 2024 23:05:34 +0000 Manifest next update: Wed 27 Nov 2024 23:05:34 +0000 Files and hashes: 1: aGr0G8M9rvgo-rSuSjoNWHutDT8.crl (hash: hc26uL4r8MGp7WXIg4Ai6ByOYEq6J+isj6o4JAosFo0=) 2: 63FEB4F8D97411EBB8CC3F40C4F9AE02.roa (hash: UFB8SexISoRuGEO0g4DLDULSBBr/BItnnDdRm0FdCQc=) 3: 40310456D8D211EB97FF5586C4F9AE02.roa (hash: UL1/BTKdHNpqlzZukRDIdNL4bhNFFc5wuy8V2rTyjr0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1344 (0x540) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Validity Not Before: Nov 20 23:05:34 2024 GMT Not After : Nov 27 23:05:34 2024 GMT Subject: CN=673e6b3e-1500 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:91:d6:45:1d:85:c6:36:43:8d:af:61:63:a7: 57:40:f7:d7:79:e2:a9:23:47:f4:bb:0b:f4:1b:15: 37:7d:b9:59:a8:18:6f:76:05:56:13:30:6c:4c:88: 8e:89:dc:49:b3:ab:b4:5d:29:68:c5:26:f2:11:15: e2:ea:7e:ad:86:d9:07:bd:77:5b:01:ba:7f:8f:14: 9a:69:bb:60:0d:3b:79:91:8c:5d:f8:09:bc:ff:d0: 7c:a9:fc:eb:b0:29:d6:48:25:89:4c:f4:63:01:29: 17:03:74:09:76:e0:9a:51:de:dd:b4:27:ce:9b:b2: fd:f6:9b:8f:51:03:ca:da:40:9e:82:b8:6c:00:9c: a7:c2:0a:36:4d:59:02:9e:24:73:c8:9a:49:49:cb: 93:5b:6a:b2:b7:af:36:ec:a3:b5:d1:b8:d0:40:1b: b9:71:3c:c0:84:b8:40:f9:ad:3b:80:66:3b:e9:6f: 71:f2:d5:dc:55:bd:13:49:0b:fc:64:e2:63:82:15: 3a:d0:14:3b:f4:b8:77:9e:81:8a:52:20:30:1b:1a: e0:57:d0:6e:ca:99:74:dc:19:72:a4:04:de:c7:3f: 33:68:c6:b8:8c:2a:7b:6d:54:b6:bd:d6:75:50:c1: 8e:ab:db:e0:b9:ed:fc:1f:70:a7:c2:a7:f8:a0:72: 49:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:E1:C8:93:A7:6F:92:76:CE:C2:93:3D:20:11:8B:E3:61:18:40:A7 X509v3 Authority Key Identifier: keyid:68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:3b:af:5f:0d:7e:c8:9a:5b:6f:93:0c:78:ba:d5:bf:45:9f: c6:55:b6:af:53:23:66:46:f4:b7:b8:77:05:e7:c3:62:66:f6: ec:1d:f3:36:44:17:1f:5f:71:54:2c:1b:fb:0e:4a:e9:08:78: 1d:f5:88:7f:a6:20:73:4e:27:00:4a:04:ab:42:bb:de:e9:9e: 50:e6:a9:c1:fe:ab:72:45:82:5e:7a:4f:a2:53:e3:d5:e2:5a: 98:d8:e6:77:f1:90:ea:e3:7e:c0:93:07:23:ac:54:67:f5:2a: 24:3d:36:b9:da:4e:87:60:f8:a6:4b:1a:9c:04:a8:9b:f5:5e: b2:3d:4e:31:0b:4f:c7:83:37:3b:97:e9:7f:83:2e:70:26:2e: 29:6e:54:b5:a1:73:c0:c2:62:6c:a7:96:50:f0:02:d5:6d:0f: a8:3b:a0:02:9a:69:ed:05:6b:bb:3a:2e:66:19:3f:c4:37:e9: ea:60:07:38:36:c6:61:52:44:4e:8e:cf:2e:99:a6:83:9a:01: 31:d9:8e:a0:06:4e:09:27:1a:10:57:98:8c:a0:35:b8:8c:42: 47:a8:b7:e1:39:63:5d:71:58:71:27:b6:13:3e:64:dd:3d:f2: 5a:98:93:8c:a7:e9:a9:1c:8f:39:89:cb:ab:7e:90:99:6d:14: a1:c4:63:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKDY4NkFGNDFCQzMzREFFRjgyOEZBQjRBRTRBM0EwRDU4 N0JBRDBEM0YwHhcNMjQxMTIwMjMwNTM0WhcNMjQxMTI3MjMwNTM0WjAYMRYwFAYD VQQDEw02NzNlNmIzZS0xNTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvpHWRR2FxjZDja9hY6dXQPfXeeKpI0f0uwv0GxU3fblZqBhvdgVWEzBsTIiO idxJs6u0XSloxSbyERXi6n6thtkHvXdbAbp/jxSaabtgDTt5kYxd+Am8/9B8qfzr sCnWSCWJTPRjASkXA3QJduCaUd7dtCfOm7L99puPUQPK2kCegrhsAJynwgo2TVkC niRzyJpJScuTW2qyt6827KO10bjQQBu5cTzAhLhA+a07gGY76W9x8tXcVb0TSQv8 ZOJjghU60BQ79Lh3noGKUiAwGxrgV9Buypl03BlypATexz8zaMa4jCp7bVS2vdZ1 UMGOq9vgue38H3Cnwqf4oHJJbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEbhyJOn b5J2zsKTPSARi+NhGECnMB8GA1UdIwQYMBaAFGhq9BvDPa74KPq0rko6DVh7rQ0/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9BNzBBOEZFRUQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2Z28tclN1U2pvTldIdXRE VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2FHcjBHOE05cnZnby1yU3VTam9OV0h1dERUOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9BNzBBOEZFRUQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2 Z28tclN1U2pvTldIdXREVDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtO69fDX7Imltvkwx4utW/RZ/GVbavUyNmRvS3uHcF58NiZvbsHfM2 RBcfX3FULBv7DkrpCHgd9Yh/piBzTicASgSrQrve6Z5Q5qnB/qtyRYJeek+iU+PV 4lqY2OZ38ZDq437AkwcjrFRn9SokPTa52k6HYPimSxqcBKib9V6yPU4xC0/Hgzc7 l+l/gy5wJi4pblS1oXPAwmJsp5ZQ8ALVbQ+oO6ACmmntBWu7Oi5mGT/EN+nqYAc4 NsZhUkROjs8umaaDmgEx2Y6gBk4JJxoQV5iMoDW4jEJHqLfhOWNdcVhxJ7YTPmTd PfJamJOMp+mpHI85icurfpCZbRShxGNn -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:25 2024 by rpki-client on console-fra.rpki-client.org