$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft File: aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft (raw, json) Hash identifier: lHcnPkXzJ90yzIPP+mw1c2RMtOiuNi/bAgQMs/Kil+k= Subject key identifier: 7F:CD:7B:2A:F5:3C:EB:08:62:A2:75:6E:27:0D:6B:A4:81:AA:A7:CB Authority key identifier: 68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 Certificate issuer: /CN=A91EA9BD/serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Certificate serial: 3051 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft Manifest number: 304D Signing time: Fri 22 Nov 2024 15:28:22 +0000 Manifest this update: Fri 22 Nov 2024 15:28:21 +0000 Manifest next update: Fri 29 Nov 2024 15:28:21 +0000 Files and hashes: 1: aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl (hash: /fUvoQJ4mE1qI9xY+iKV5eBSxHG43SZpUDWXDWCNWYM=) 2: 93C0837AA52911EC9D2DAE83C4F9AE02.roa (hash: QijzfOAskdpqspHv2hl6DWJmVGpVIoUXprNfU2Pxi8k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12369 (0x3051) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9BD/serialNumber=686A0057164D1438EC59586DA8BAA5465FD829C7 Validity Not Before: Nov 22 15:28:21 2024 GMT Not After : Nov 29 15:28:21 2024 GMT Subject: CN=6740a316-08a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:29:16:e6:70:8b:2e:e5:4f:8a:a8:8c:aa:28: 5d:6c:27:9a:5f:52:b0:47:46:7e:19:d3:42:36:83: b5:07:35:e2:81:5b:86:6e:ce:5f:81:81:04:46:9d: 4a:d8:56:bf:86:e3:82:79:6f:05:61:19:87:b5:66: 8e:b1:6c:c5:86:ad:9a:1f:08:76:90:c0:ae:ef:0d: 28:64:4c:89:db:dd:d9:67:8b:db:c1:d4:6b:98:90: 4b:ed:f5:81:d1:5f:03:3d:ac:8f:18:7c:b8:ea:da: 72:8f:f6:ce:38:b7:3b:d7:6b:7d:76:61:8d:90:ca: c5:8a:8c:3a:d0:56:54:b0:6c:11:72:95:03:0e:0e: 7f:be:5e:18:6c:d2:4f:23:99:75:43:58:f3:ac:dd: bd:66:ef:0b:6b:59:cc:65:56:d6:d0:4b:2b:90:e8: 26:7e:f8:d2:f2:b8:9c:1f:dd:71:ac:43:d6:c9:d8: fe:f9:55:15:cb:13:9d:f6:64:86:d5:e5:5a:85:69: 71:dd:6d:71:e8:cf:50:7d:f2:4f:7b:b7:83:d8:47: 3c:2c:be:d0:ab:80:42:cf:c6:a1:b3:1b:92:40:a2: d8:37:04:8a:d6:95:5f:97:6c:89:d0:ec:0f:18:1b: 20:e5:db:d2:76:de:f7:90:05:f4:f8:f6:65:52:b4: d9:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:CD:7B:2A:F5:3C:EB:08:62:A2:75:6E:27:0D:6B:A4:81:AA:A7:CB X509v3 Authority Key Identifier: keyid:68:6A:00:57:16:4D:14:38:EC:59:58:6D:A8:BA:A5:46:5F:D8:29:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aGoAVxZNFDjsWVhtqLqlRl_YKcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/03B80F38DF5C11E2972A94275911EA32/aGoAVxZNFDjsWVhtqLqlRl_YKcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:c9:9f:2e:43:5c:7f:23:ed:4d:43:ae:94:ae:18:e2:39:39: a8:d3:31:f0:4c:f3:eb:46:e7:a6:d3:bc:22:c2:a7:d5:f1:b2: bd:ff:9b:ef:5a:a8:44:fd:c8:d0:b9:c8:06:a6:65:24:ae:1d: 2f:b0:05:a0:06:2e:32:af:4b:b0:17:3f:25:d1:e8:d9:09:f2: 44:43:c3:62:48:25:48:95:5b:e0:e6:23:66:74:b7:0f:c6:57: 00:9a:82:27:31:8c:b4:8f:bc:37:3c:c5:2e:3b:c1:1f:e7:74: bb:87:c8:49:48:37:3e:27:78:0c:4b:53:c4:c0:c7:97:00:1a: 59:13:73:e3:d0:41:83:58:f5:53:be:b3:32:4a:22:21:4f:0b: f8:a8:a0:d1:0f:ae:88:96:a9:bb:29:70:0e:a6:0b:b6:f7:71: 23:ac:4f:b1:e4:cc:9c:14:dc:3d:40:4e:44:5d:fd:db:ad:d2: 34:16:ef:69:45:07:91:c8:eb:8f:7c:63:96:87:0c:9f:da:2e: fc:cf:30:ed:ba:f0:13:0e:09:d4:4c:05:70:a3:f6:a5:35:41: 86:02:96:9d:aa:8e:b2:05:e1:2e:1b:0c:05:dd:a3:ce:11:45: 1d:3c:e7:07:43:93:8c:a0:8e:9e:71:6e:52:68:1d:d8:03:7e: 0b:89:22:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5QkQxMTAvBgNVBAUTKDY4NkEwMDU3MTY0RDE0MzhFQzU5NTg2REE4QkFBNTQ2 NUZEODI5QzcwHhcNMjQxMTIyMTUyODIxWhcNMjQxMTI5MTUyODIxWjAYMRYwFAYD VQQDEw02NzQwYTMxNi0wOGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1SkW5nCLLuVPiqiMqihdbCeaX1KwR0Z+GdNCNoO1BzXigVuGbs5fgYEERp1K 2Fa/huOCeW8FYRmHtWaOsWzFhq2aHwh2kMCu7w0oZEyJ293ZZ4vbwdRrmJBL7fWB 0V8DPayPGHy46tpyj/bOOLc712t9dmGNkMrFiow60FZUsGwRcpUDDg5/vl4YbNJP I5l1Q1jzrN29Zu8La1nMZVbW0EsrkOgmfvjS8ricH91xrEPWydj++VUVyxOd9mSG 1eVahWlx3W1x6M9QffJPe7eD2Ec8LL7Qq4BCz8ahsxuSQKLYNwSK1pVfl2yJ0OwP GBsg5dvSdt73kAX0+PZlUrTZjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH/Neyr1 POsIYqJ1bicNa6SBqqfLMB8GA1UdIwQYMBaAFGhqAFcWTRQ47FlYbai6pUZf2CnH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wM0I4MEYzOERG NUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZEanNXVmh0cUxxbFJsX1lL Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FHb0FWeFpORkRqc1dWaHRxTHFsUmxfWUtjYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTlCRC8wM0I4MEYzOERGNUMxMUUyOTcyQTk0Mjc1OTExRUEzMi9hR29BVnhaTkZE anNXVmh0cUxxbFJsX1lLY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcyZ8uQ1x/I+1NQ66UrhjiOTmo0zHwTPPrRuem07wiwqfV8bK9/5vv WqhE/cjQucgGpmUkrh0vsAWgBi4yr0uwFz8l0ejZCfJEQ8NiSCVIlVvg5iNmdLcP xlcAmoInMYy0j7w3PMUuO8Ef53S7h8hJSDc+J3gMS1PEwMeXABpZE3Pj0EGDWPVT vrMySiIhTwv4qKDRD66Ilqm7KXAOpgu293EjrE+x5MycFNw9QE5EXf3brdI0Fu9p RQeRyOuPfGOWhwyf2i78zzDtuvATDgnUTAVwo/alNUGGApadqo6yBeEuGwwF3aPO EUUdPOcHQ5OMoI6ecW5SaB3YA34LiSJE -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:06 2024 by rpki-client on console-ams.rpki-client.org