$ rpki-client -vvf rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft File: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft (raw, json) Hash identifier: e/cBQzdLKXz9GF+dpsXXQpANy9EvSVWYeHqHGabmh+w= Subject key identifier: A5:D2:C4:47:8F:91:FF:34:3F:C9:6F:BE:1A:F4:82:A3:75:73:90:7D Authority key identifier: 41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD Certificate issuer: /CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Certificate serial: 029E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft Manifest number: 0299 Signing time: Thu 21 Nov 2024 01:07:12 +0000 Manifest this update: Thu 21 Nov 2024 01:07:12 +0000 Manifest next update: Thu 28 Nov 2024 01:07:11 +0000 Files and hashes: 1: QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl (hash: i+JQK45mLf3sDrX1ijH5rbCoqE2nN++rXqYGGFqOW1c=) 2: 7BCC4B32E85C11EE9593933FC4F9AE02.roa (hash: vSji2PW77227MPuRms4fNHOSHefJ2bW6akHMJ/kFIj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 670 (0x29e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E91BC/serialNumber=414FB6178869130F826E9E30C0B794084D9760DD Validity Not Before: Nov 21 01:07:12 2024 GMT Not After : Nov 28 01:07:11 2024 GMT Subject: CN=673e87c0-2b55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:d2:f3:7d:40:fc:b8:2e:a5:81:97:34:79:41: 7d:fe:0f:41:36:2e:59:6d:44:25:f5:66:1c:06:99: fe:31:3a:a2:ea:7e:47:f7:e1:c5:fc:72:56:da:be: dd:37:ed:e3:32:a1:74:d4:87:35:b6:5b:dd:38:c7: 23:ea:16:ea:6e:36:22:dc:e1:62:85:ce:3c:00:86: c0:d6:87:38:03:df:4d:67:75:ec:4d:e9:14:a6:b9: 73:4d:75:9d:b9:9e:5e:81:17:f6:79:16:76:9e:ab: df:82:02:f2:3f:df:97:24:93:d0:00:9d:80:7f:25: cc:84:c1:f8:07:24:51:52:d5:32:39:19:4a:2b:b4: 9b:e4:95:66:74:7a:ed:2f:19:29:42:63:77:8e:81: 1f:a8:51:ea:82:f9:f1:4c:11:f5:7f:0d:cb:33:2c: c0:51:ac:be:b8:6c:7b:50:3c:95:21:6e:1d:32:31: db:44:2d:8f:63:50:b9:1d:0b:fa:93:05:d0:8a:8f: 93:e5:01:59:4c:03:7e:03:34:f6:98:af:38:99:36: dd:98:a8:e0:1c:c8:33:80:5e:fd:6a:ce:fc:02:28: ca:fa:1d:21:52:5a:52:cd:93:da:7f:13:ee:02:6a: 3f:14:de:55:05:1a:16:94:de:29:53:c5:52:d2:73: 20:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:D2:C4:47:8F:91:FF:34:3F:C9:6F:BE:1A:F4:82:A3:75:73:90:7D X509v3 Authority Key Identifier: keyid:41:4F:B6:17:88:69:13:0F:82:6E:9E:30:C0:B7:94:08:4D:97:60:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E91BC/A4E673CADBE911EC95110515C4F9AE02/QU-2F4hpEw-Cbp4wwLeUCE2XYN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:5c:a6:f7:b6:b5:66:97:c2:90:81:52:3d:66:e7:df:29:c0: 0c:87:b6:59:34:93:ba:0a:21:55:0c:a1:cb:fb:f3:08:46:00: 13:4a:ae:35:e8:aa:59:03:71:68:98:4a:db:e0:66:af:d3:4d: 8f:9e:cd:62:43:eb:be:5e:aa:a6:82:0b:4a:26:be:06:5a:89: 27:71:32:3a:cd:56:92:45:e0:13:ee:6c:1a:58:64:3c:32:a2: 01:5a:3d:1b:0d:85:f1:5e:20:e4:29:bc:54:81:24:89:a7:3b: 4f:13:e6:08:91:bb:58:bb:c2:2c:61:bf:9e:96:5b:87:39:5a: e5:f4:36:12:0e:c5:02:a2:eb:81:2f:d5:dd:0a:45:cd:ea:28: 12:00:f3:e9:87:9a:b9:da:45:00:72:89:9e:51:8d:b2:17:6d: 99:9b:81:14:6a:bc:94:f6:49:03:74:44:74:0f:82:a9:11:d6: 63:76:c1:e2:b5:6b:0e:1c:e4:8b:05:43:16:7f:78:ba:b5:8b: 6a:80:45:50:29:68:e5:4d:12:b8:bf:3d:dd:4d:c1:e4:46:cf: 09:55:a8:47:55:bc:5d:1e:1d:cb:05:2e:5c:f2:ad:2e:fa:8d: 63:9c:fc:17:b7:ed:73:d7:6c:76:1a:dc:3d:6a:42:55:2a:2f: 8b:39:f3:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTkxQkMxMTAvBgNVBAUTKDQxNEZCNjE3ODg2OTEzMEY4MjZFOUUzMEMwQjc5NDA4 NEQ5NzYwREQwHhcNMjQxMTIxMDEwNzEyWhcNMjQxMTI4MDEwNzExWjAYMRYwFAYD VQQDEw02NzNlODdjMC0yYjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8NLzfUD8uC6lgZc0eUF9/g9BNi5ZbUQl9WYcBpn+MTqi6n5H9+HF/HJW2r7d N+3jMqF01Ic1tlvdOMcj6hbqbjYi3OFihc48AIbA1oc4A99NZ3XsTekUprlzTXWd uZ5egRf2eRZ2nqvfggLyP9+XJJPQAJ2AfyXMhMH4ByRRUtUyORlKK7Sb5JVmdHrt LxkpQmN3joEfqFHqgvnxTBH1fw3LMyzAUay+uGx7UDyVIW4dMjHbRC2PY1C5HQv6 kwXQio+T5QFZTAN+AzT2mK84mTbdmKjgHMgzgF79as78AijK+h0hUlpSzZPafxPu Amo/FN5VBRoWlN4pU8VS0nMgXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKXSxEeP kf80P8lvvhr0gqN1c5B9MB8GA1UdIwQYMBaAFEFPtheIaRMPgm6eMMC3lAhNl2Dd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTFCQy9BNEU2NzNDQURC RTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3LUNicDR3d0xlVUNFMlhZ TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FVLTJGNGhwRXctQ2JwNHd3TGVVQ0UyWFlOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTFCQy9BNEU2NzNDQURCRTkxMUVDOTUxMTA1MTVDNEY5QUUwMi9RVS0yRjRocEV3 LUNicDR3d0xlVUNFMlhZTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABXKb3trVml8KQgVI9ZuffKcAMh7ZZNJO6CiFVDKHL+/MIRgATSq41 6KpZA3FomErb4Gav002Pns1iQ+u+XqqmggtKJr4GWokncTI6zVaSReAT7mwaWGQ8 MqIBWj0bDYXxXiDkKbxUgSSJpztPE+YIkbtYu8IsYb+elluHOVrl9DYSDsUCouuB L9XdCkXN6igSAPPph5q52kUAcomeUY2yF22Zm4EUaryU9kkDdER0D4KpEdZjdsHi tWsOHOSLBUMWf3i6tYtqgEVQKWjlTRK4vz3dTcHkRs8JVahHVbxdHh3LBS5c8q0u +o1jnPwXt+1z12x2Gtw9akJVKi+LOfNm -----END CERTIFICATE-----Generated at Thu Nov 21 03:12:07 2024 by rpki-client on console-fra.rpki-client.org