$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: Ve1MXej7h3ugF1StQOqhDGoGKj1RxGBh2V9CwufZHt4= Subject key identifier: 87:03:58:74:99:00:E0:CB:7C:9C:62:B0:89:26:27:3D:8B:4B:7E:63 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0D45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0D0D Signing time: Fri 22 Nov 2024 18:02:11 +0000 Manifest this update: Fri 22 Nov 2024 18:02:10 +0000 Manifest next update: Fri 29 Nov 2024 18:02:10 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: O6+XYldCG2BDAC8+d3VNvcjMkFWPsPAxmx2p7Kxr2JE=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: XkIqls/Uu/v5bFyNG53wML1hM6Bigkh8ONNsNS0FAFM=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: teS196GOIZT4ALLG0mGVFJBt9VHCuAp9QaaTbuShiyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3397 (0xd45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Nov 22 18:02:10 2024 GMT Not After : Nov 29 18:02:10 2024 GMT Subject: CN=6740c723-4466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:86:a2:b8:af:d7:73:01:22:72:87:a4:f1:3a: be:84:de:6e:7d:58:b6:ab:05:f5:3b:4f:17:a6:0e: d5:cf:c6:94:ae:b3:18:3a:4c:6f:b4:61:49:63:36: b2:62:0a:03:9b:f5:cc:3b:6b:0f:fd:bb:05:e6:2f: 35:76:04:6e:d2:9a:c0:1c:d5:2f:01:cc:b8:2f:81: 23:28:39:cf:e8:14:56:9b:9d:19:66:3a:f5:5a:59: 34:66:4b:01:05:a9:5a:bc:51:20:3b:3d:17:49:4b: d9:fb:61:60:b9:5a:a4:1d:e1:1b:a5:0a:9e:0e:85: 0f:de:07:3a:30:c4:da:b2:ef:fb:5b:d0:09:73:29: 5e:8d:b7:36:10:28:2c:9d:73:f3:d8:77:d4:fe:e4: 35:b8:76:d0:88:58:cc:3f:52:24:70:e5:13:94:0d: 04:32:06:f5:dc:47:5d:4d:a8:6b:54:c2:99:bb:ce: 36:ab:e6:1f:a8:c2:c5:39:07:13:b1:b3:16:e6:2b: 9d:61:4f:ca:8a:dd:d1:4d:aa:b0:bf:91:d9:2c:4f: 2b:68:77:93:d5:0e:cc:36:66:0f:d2:9a:08:37:11: 50:3b:65:4f:a6:48:04:67:c8:a2:05:b3:54:e8:80: 20:a2:d3:be:35:14:c8:6f:4e:f1:d3:63:94:bf:b9: 79:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:03:58:74:99:00:E0:CB:7C:9C:62:B0:89:26:27:3D:8B:4B:7E:63 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:5f:7b:b8:f3:60:f3:31:8e:86:be:fd:be:97:8a:f9:95:b9: 29:07:2e:cd:95:f8:53:f9:1b:9d:2a:6b:90:ce:de:9f:ff:62: 26:3d:7e:aa:85:a3:1c:53:ec:72:d7:b7:6a:89:94:d9:06:b4: 8b:f4:10:e3:c4:65:3c:99:f6:1e:8f:ee:82:2d:01:89:33:ef: 47:6b:1b:94:5d:f8:fd:ec:c5:87:d5:3d:a2:ab:13:35:3d:2e: c8:12:56:3e:24:31:f6:49:8a:c5:5d:e7:11:43:01:34:38:f2: 99:d5:77:68:b0:c2:29:f5:d9:a3:6a:e9:32:63:92:70:7a:25: 7b:da:d2:e4:ed:b5:eb:aa:82:0d:60:39:8c:2d:c5:7d:a9:a7: 06:04:de:81:4c:d2:a8:85:5d:25:fe:8f:46:e6:d7:db:6e:60: 11:70:59:cd:c2:81:fa:d5:3a:d0:3e:34:b5:c1:5b:64:b9:95: ed:12:58:00:0f:34:1b:ae:f6:de:d5:eb:91:81:aa:8f:1f:54: 85:8a:55:1f:73:02:3d:6c:e5:5e:35:c9:c2:b9:08:89:3e:d6: 48:e2:14:1f:3c:d2:cf:8a:4d:4f:86:cc:44:18:40:13:b5:e8: 1a:9d:d3:e3:bc:c6:08:12:26:0e:a0:b9:ef:89:b0:42:15:5a: d0:1e:f0:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjQxMTIyMTgwMjEwWhcNMjQxMTI5MTgwMjEwWjAYMRYwFAYD VQQDEw02NzQwYzcyMy00NDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0YaiuK/XcwEicoek8Tq+hN5ufVi2qwX1O08Xpg7Vz8aUrrMYOkxvtGFJYzay YgoDm/XMO2sP/bsF5i81dgRu0prAHNUvAcy4L4EjKDnP6BRWm50ZZjr1Wlk0ZksB BalavFEgOz0XSUvZ+2FguVqkHeEbpQqeDoUP3gc6MMTasu/7W9AJcylejbc2ECgs nXPz2HfU/uQ1uHbQiFjMP1IkcOUTlA0EMgb13EddTahrVMKZu842q+YfqMLFOQcT sbMW5iudYU/Kit3RTaqwv5HZLE8raHeT1Q7MNmYP0poINxFQO2VPpkgEZ8iiBbNU 6IAgotO+NRTIb07x02OUv7l5qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIcDWHSZ AODLfJxisIkmJz2LS35jMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0X3u482DzMY6Gvv2+l4r5lbkpBy7NlfhT+RudKmuQzt6f/2ImPX6q haMcU+xy17dqiZTZBrSL9BDjxGU8mfYej+6CLQGJM+9HaxuUXfj97MWH1T2iqxM1 PS7IElY+JDH2SYrFXecRQwE0OPKZ1XdosMIp9dmjaukyY5JweiV72tLk7bXrqoIN YDmMLcV9qacGBN6BTNKohV0l/o9G5tfbbmARcFnNwoH61TrQPjS1wVtkuZXtElgA DzQbrvbe1euRgaqPH1SFilUfcwI9bOVeNcnCuQiJPtZI4hQfPNLPik1PhsxEGEAT tegandPjvMYIEiYOoLnvibBCFVrQHvBW -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:04 2024 by rpki-client on console-fra.rpki-client.org