$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft File: yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft (raw, json) Hash identifier: nxml29mBGqtWMdTTWObw1JekF1Nuwaxk6fxxtkyOZ98= Subject key identifier: 71:9D:66:B3:1E:4F:4D:B5:FB:0D:F9:E4:BB:67:49:52:64:13:BB:52 Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Certificate serial: 0556 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft Manifest number: 0541 Signing time: Wed 20 Nov 2024 23:05:36 +0000 Manifest this update: Wed 20 Nov 2024 23:05:36 +0000 Manifest next update: Wed 27 Nov 2024 23:05:36 +0000 Files and hashes: 1: yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl (hash: NTI2Tc5aF4gY4hMgTStI8dRNqsFwLVN5p9hzc1r9aJg=) 2: 5FA1BF8802DD11EE86865A23C4F9AE02.roa (hash: ei7I36a/n68cmPMmbMaIHsQLIaODPqloNYHBMw6AioQ=) 3: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (hash: iS2kCadt9EPztCML62YjpO3iZQeKW9op8orLhEYixVE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1366 (0x556) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701 Validity Not Before: Nov 20 23:05:36 2024 GMT Not After : Nov 27 23:05:36 2024 GMT Subject: CN=673e6b40-d465 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4a:c1:fd:fe:ed:87:05:d7:fe:48:f2:82:02: 5e:8a:48:51:78:2e:c6:34:f3:a6:43:06:18:77:4e: f6:6a:a8:90:ea:f8:21:d2:2f:ff:87:fe:33:b9:04: 2d:be:39:5a:77:c5:6e:31:56:5a:be:2f:5c:a7:c1: 57:b6:41:5b:ec:6c:e9:71:e0:f3:82:1c:33:6c:8b: 6a:e7:56:c2:08:ac:28:de:05:e0:1e:d0:12:5f:80: 32:a3:52:99:f0:13:3d:9c:d4:48:ec:8c:22:b2:08: 05:32:ed:19:0b:62:77:8d:4d:f7:fc:11:3a:5e:e7: 95:fc:b1:88:d8:cd:b0:cd:1c:7d:cd:99:21:ec:a3: 6e:1c:49:d9:10:3f:ef:92:3d:13:92:b7:53:43:fa: 71:a4:b4:4c:b5:b3:db:39:c4:8b:69:cd:d6:04:10: 4d:52:81:b4:b8:ae:d4:79:e9:78:4a:f7:f1:29:af: 7c:34:da:0e:24:1a:85:56:39:99:c7:3d:d1:18:5e: 7e:5d:9d:a5:36:83:65:ba:36:22:28:19:2c:12:7b: ef:03:1e:b8:de:52:da:38:28:64:7d:9b:ba:99:cd: a6:9e:3f:25:f2:15:44:6a:8a:4b:5f:d2:1e:72:3c: 1f:f6:69:cf:67:96:cf:fe:df:64:ca:70:bc:aa:db: 23:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:9D:66:B3:1E:4F:4D:B5:FB:0D:F9:E4:BB:67:49:52:64:13:BB:52 X509v3 Authority Key Identifier: keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:99:8b:17:89:c7:56:ab:b0:a8:02:97:e1:3d:11:78:88:0d: 11:d4:82:c4:5e:93:14:f5:76:89:62:4b:8e:a8:f7:a7:aa:ff: b8:24:89:5e:47:30:36:0e:de:4d:7f:ae:79:ad:4c:fb:81:95: e0:34:42:fc:cc:dc:c6:e4:b5:18:21:60:09:83:61:30:47:90: e0:f3:12:73:ec:cb:ca:1b:e0:45:e0:c9:18:77:87:fa:44:df: 9e:3a:f2:25:05:57:25:c7:34:18:80:01:5b:73:7a:0b:2a:4a: 00:ab:1e:48:1c:5b:54:ff:f1:0b:f8:3b:4b:90:b8:64:cd:e0: 13:7f:35:74:3d:b5:05:05:56:34:fa:58:ce:b8:c3:cb:75:07: 77:50:07:98:bf:61:aa:a9:2f:a4:8f:c3:bd:02:4e:97:3e:fc: 31:76:59:4a:b9:61:e9:e1:b4:11:ed:71:d2:b3:6f:9e:27:47: f5:c8:f8:1c:d4:58:a4:3c:38:ac:53:a0:ed:02:56:fb:22:79: f3:9b:98:fa:f2:e2:12:f9:12:f8:fb:17:be:ff:47:88:1d:1b: 6c:cd:eb:1e:a6:4c:3d:fd:a5:32:ce:d9:1b:3d:5a:81:e5:8c: 7b:2b:d9:d4:4b:0f:18:31:6d:bc:7b:e0:25:ab:1d:f1:ac:8c: 8b:03:43:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF Qjk4RkY3MDEwHhcNMjQxMTIwMjMwNTM2WhcNMjQxMTI3MjMwNTM2WjAYMRYwFAYD VQQDEw02NzNlNmI0MC1kNDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr0rB/f7thwXX/kjyggJeikhReC7GNPOmQwYYd072aqiQ6vgh0i//h/4zuQQt vjlad8VuMVZavi9cp8FXtkFb7GzpceDzghwzbItq51bCCKwo3gXgHtASX4Ayo1KZ 8BM9nNRI7IwisggFMu0ZC2J3jU33/BE6XueV/LGI2M2wzRx9zZkh7KNuHEnZED/v kj0TkrdTQ/pxpLRMtbPbOcSLac3WBBBNUoG0uK7Ueel4SvfxKa98NNoOJBqFVjmZ xz3RGF5+XZ2lNoNlujYiKBksEnvvAx643lLaOChkfZu6mc2mnj8l8hVEaopLX9Ie cjwf9mnPZ5bP/t9kynC8qtsj3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHGdZrMe T021+w355LtnSVJkE7tSMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5 d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9CMDIwMkQzMkQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1Vm LUs3ZURlRERZSDdybVA5d0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrmYsXicdWq7CoApfhPRF4iA0R1ILEXpMU9XaJYkuOqPenqv+4JIle RzA2Dt5Nf655rUz7gZXgNEL8zNzG5LUYIWAJg2EwR5Dg8xJz7MvKG+BF4MkYd4f6 RN+eOvIlBVclxzQYgAFbc3oLKkoAqx5IHFtU//EL+DtLkLhkzeATfzV0PbUFBVY0 +ljOuMPLdQd3UAeYv2GqqS+kj8O9Ak6XPvwxdllKuWHp4bQR7XHSs2+eJ0f1yPgc 1FikPDisU6DtAlb7Innzm5j68uIS+RL4+xe+/0eIHRtszesepkw9/aUyztkbPVqB 5Yx7K9nUSw8YMW28e+Alqx3xrIyLA0Nq -----END CERTIFICATE-----Generated at Thu Nov 21 01:26:06 2024 by rpki-client on console-ams.rpki-client.org