$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft File: v3H1vxFop4QFduAAbzu8ZfxINAs.mft (raw, json) Hash identifier: 1E4qosl9JYHjKvz/MCV9a+p2hPaBOaoTCKEjbB7YMw0= Subject key identifier: EE:B6:DD:E1:7C:C5:A5:95:A7:4F:FD:02:31:D9:EF:FE:2D:89:D7:07 Authority key identifier: BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B Certificate issuer: /CN=A91ED596/serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft Manifest number: 34 Signing time: Thu 21 Nov 2024 05:37:24 +0000 Manifest this update: Thu 21 Nov 2024 05:37:24 +0000 Manifest next update: Thu 28 Nov 2024 05:37:24 +0000 Files and hashes: 1: v3H1vxFop4QFduAAbzu8ZfxINAs.crl (hash: P3VMQ1P8qBDEhUwT0jXcz1XcYrde65KfFetETebAZvE=) 2: 8580DC705AE311EF86351430C4F9AE02.roa (hash: tNd1A1Pa4JpDSAJTUxSzKVvWvdR5TDXaWTiFNabeiYY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596/serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Validity Not Before: Nov 21 05:37:24 2024 GMT Not After : Nov 28 05:37:24 2024 GMT Subject: CN=673ec714-4fc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ef:f3:b6:03:5e:a7:3e:8e:cc:b7:6a:f8:26: 63:a9:6d:d7:b4:63:2a:41:b2:fa:64:ff:5a:a4:0a: cf:37:83:d9:50:1e:7d:e6:ab:43:9a:a1:46:fc:8a: 8f:cc:36:55:11:a2:33:27:de:38:0f:d8:16:13:c9: e4:87:66:ae:06:f8:68:2b:95:c2:f6:d7:7d:11:ca: c1:c6:58:42:d7:f3:e8:ed:66:ee:ee:f6:d4:89:4c: 42:f2:6f:14:49:8b:a4:9a:5f:06:10:28:b4:7d:73: 83:16:ca:1d:eb:f5:eb:30:8d:d4:2d:c1:2c:71:54: d8:39:e8:08:f8:f5:29:2b:4d:ec:f9:4d:99:df:5d: 91:39:76:88:5e:ba:1d:6a:22:cd:86:b7:e1:d9:b3: dd:88:a7:18:d3:7b:15:6e:68:77:ea:db:25:30:05: 2b:eb:fc:7b:51:d7:df:f4:f1:42:0e:bc:8f:17:97: 67:ac:49:93:14:93:51:fa:d0:45:62:07:d8:a6:7a: 83:47:8a:ec:90:0b:7e:be:23:80:14:d9:3f:b1:b9: 3f:e3:55:0e:10:0a:98:a5:e3:07:58:c9:c7:6b:4e: 85:1d:6d:f0:79:42:a6:3e:38:ec:5a:e6:6d:ca:84: e7:79:f3:79:b1:4e:1f:d4:2f:96:06:26:95:f7:95: 21:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:B6:DD:E1:7C:C5:A5:95:A7:4F:FD:02:31:D9:EF:FE:2D:89:D7:07 X509v3 Authority Key Identifier: keyid:BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:1a:be:a6:40:2f:72:0c:af:6a:8f:29:c6:7d:e6:10:7d:ae: 9f:10:fb:b9:1a:eb:57:3c:67:d0:c6:2f:9c:05:2d:04:c4:79: 89:6a:96:ff:f9:0f:2e:71:f2:25:8c:84:61:a1:2c:f6:b9:67: b6:92:05:26:56:8b:c5:e8:0d:81:42:9e:31:75:47:00:0d:d3: f2:9c:3f:79:17:e5:e5:00:a4:da:fb:8f:03:3e:f9:eb:4e:4f: ca:ef:ab:7e:d4:ca:0f:b9:d6:b2:39:d4:c1:e3:ff:97:75:89: 7a:b4:34:3f:f6:2b:2c:9a:12:3f:4e:04:41:9a:bd:bf:e0:37: ef:f0:d3:50:0f:06:d7:9f:74:64:2b:d8:89:af:b4:66:ee:d2: cf:50:2b:4f:a1:56:93:83:9e:7f:09:47:c2:4f:57:64:14:aa: 67:a7:9f:71:06:72:49:58:11:4a:d5:aa:c4:cf:99:cf:eb:2e: 06:34:a1:01:5e:86:3b:92:b0:46:49:f7:d1:b7:a4:12:9c:12: 8a:d2:e6:1c:fc:e0:02:c5:72:00:96:1a:e1:b4:45:93:5a:6c: 76:b7:7c:31:11:67:69:1a:c7:34:1f:86:5d:d0:25:ce:ef:2f: a2:f1:d2:41:6a:03:37:02:78:77:c6:ca:b0:17:7e:17:b9:b5: dc:36:2d:8c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF RDU5NjExMC8GA1UEBRMoQkY3MUY1QkYxMTY4QTc4NDA1NzZFMDAwNkYzQkJDNjVG QzQ4MzQwQjAeFw0yNDExMjEwNTM3MjRaFw0yNDExMjgwNTM3MjRaMBgxFjAUBgNV BAMTDTY3M2VjNzE0LTRmYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCc7/O2A16nPo7Mt2r4JmOpbde0YypBsvpk/1qkCs83g9lQHn3mq0OaoUb8io/M NlURojMn3jgP2BYTyeSHZq4G+GgrlcL2130RysHGWELX8+jtZu7u9tSJTELybxRJ i6SaXwYQKLR9c4MWyh3r9eswjdQtwSxxVNg56Aj49SkrTez5TZnfXZE5doheuh1q Is2Gt+HZs92IpxjTexVuaHfq2yUwBSvr/HtR19/08UIOvI8Xl2esSZMUk1H60EVi B9imeoNHiuyQC36+I4AU2T+xuT/jVQ4QCpil4wdYycdrToUdbfB5QqY+OOxa5m3K hOd583mxTh/UL5YGJpX3lSH7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7rbd4XzF pZWnT/0CMdnv/i2J1wcwHwYDVR0jBBgwFoAUv3H1vxFop4QFduAAbzu8ZfxINAsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVENTk2LzA1NzJERDhBNUFF MzExRUY5MzJDMjMyRkM0RjlBRTAyL3YzSDF2eEZvcDRRRmR1QUFienU4WmZ4SU5B cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdjNIMXZ4Rm9wNFFGZHVBQWJ6dThaZnhJTkFzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVE NTk2LzA1NzJERDhBNUFFMzExRUY5MzJDMjMyRkM0RjlBRTAyL3YzSDF2eEZvcDRR RmR1QUFienU4WmZ4SU5Bcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADUavqZAL3IMr2qPKcZ95hB9rp8Q+7ka61c8Z9DGL5wFLQTEeYlqlv/5 Dy5x8iWMhGGhLPa5Z7aSBSZWi8XoDYFCnjF1RwAN0/KcP3kX5eUApNr7jwM++etO T8rvq37Uyg+51rI51MHj/5d1iXq0ND/2KyyaEj9OBEGavb/gN+/w01APBtefdGQr 2ImvtGbu0s9QK0+hVpODnn8JR8JPV2QUqmenn3EGcklYEUrVqsTPmc/rLgY0oQFe hjuSsEZJ99G3pBKcEorS5hz84ALFcgCWGuG0RZNabHa3fDERZ2kaxzQfhl3QJc7v L6Lx0kFqAzcCeHfGyrAXfhe5tdw2LYw= -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:52 2024 by rpki-client on console-fra.rpki-client.org