$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft File: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft (raw, json) Hash identifier: Z3h+JAiuhdnKyPNCEYtq3OULmnQf0A/e4GlM3i0/cS4= Subject key identifier: F7:71:8B:1B:DA:89:0D:42:33:26:63:60:92:DC:A9:00:EF:63:FB:A6 Authority key identifier: 89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 Certificate issuer: /CN=A91F2046/serialNumber=894809630956924382CC39D460FA4764B0175934 Certificate serial: 0B96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft Manifest number: 0B90 Signing time: Fri 22 Nov 2024 18:44:29 +0000 Manifest this update: Fri 22 Nov 2024 18:44:29 +0000 Manifest next update: Fri 29 Nov 2024 18:44:29 +0000 Files and hashes: 1: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl (hash: xMop56SCy+ZprzINHJXlDoIFimv0eS6fW1mSaSYrTAI=) 2: 0D2573FA173E11EA947B2976C4F9AE02.roa (hash: foQ7MYzea1etNTi1euY8wV1nkQBT/Wh0vzrFLlJCjYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:44:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2966 (0xb96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2046/serialNumber=894809630956924382CC39D460FA4764B0175934 Validity Not Before: Nov 22 18:44:29 2024 GMT Not After : Nov 29 18:44:29 2024 GMT Subject: CN=6740d10d-f12c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:d5:17:2f:1b:17:58:f8:ab:b5:86:7f:43:ec: 9e:39:ef:ca:a7:ec:a5:65:01:e7:a7:a8:82:e8:b9: 46:6a:3d:07:e9:0b:58:a2:6f:df:33:4b:df:06:ec: 3c:54:2d:11:00:2f:a2:48:b9:48:dc:53:c4:24:9f: cc:50:76:db:37:ab:81:7f:9e:0e:f6:f2:f2:c4:ca: 83:7d:d1:ff:08:45:74:05:78:4b:05:17:0c:68:73: 4c:4b:1c:ff:ef:4d:42:03:ff:dd:32:41:2d:92:3b: 83:a5:de:3c:ab:51:c2:22:d8:38:53:e4:17:f7:02: c2:1d:f3:e5:ac:73:86:52:76:13:f3:49:7b:db:c3: dc:fb:63:37:88:ae:79:5b:86:45:0f:d8:21:07:78: d4:f8:90:d9:61:e3:86:a9:71:1e:86:a8:c7:9b:62: 02:bd:f6:c7:ec:3a:8b:51:9e:2f:1e:66:18:9a:bd: 0e:1d:f8:12:5c:c4:41:ec:e3:2b:90:25:53:92:01: 07:a7:89:2c:e6:63:16:21:bd:9a:10:d1:52:e2:da: c5:ff:07:ec:9f:17:c2:f7:53:3c:44:0a:b9:5a:73: 10:12:96:3c:88:29:58:d7:49:4c:fb:65:20:f8:97: b5:17:8e:a9:5b:60:5f:68:17:05:66:32:20:08:f7: 6d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:71:8B:1B:DA:89:0D:42:33:26:63:60:92:DC:A9:00:EF:63:FB:A6 X509v3 Authority Key Identifier: keyid:89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:75:c0:03:ba:99:d9:dc:da:91:ad:60:56:56:d0:f1:70:b5: 29:d9:68:41:ff:55:6c:c2:5a:bd:97:24:23:42:cc:cc:ad:48: 63:45:69:c7:a9:3c:99:e3:47:75:90:b5:0f:6e:a5:87:32:cc: f5:bc:7c:c9:9b:d0:95:2f:76:bf:9a:bf:0a:4e:fa:e5:f9:fd: 2a:9d:93:46:5b:5d:77:f4:04:e3:88:8d:c1:4a:02:69:6d:46: ba:cc:4b:2a:42:44:84:bd:0b:c8:39:cf:a8:a0:f7:f4:84:cf: 6f:0d:7e:09:58:1f:db:f7:c4:49:73:ca:c5:a2:21:97:e9:e0: f9:39:6f:61:4d:1e:fc:e0:10:60:9f:e4:a4:45:20:a7:e6:a8: 14:f5:64:4c:30:7a:d3:cd:e8:fb:52:18:e3:0c:45:63:02:7c: 27:fd:89:e7:87:d8:8e:58:df:9a:7f:0c:a6:0a:5a:aa:99:e7: 09:13:de:ba:f0:f4:85:5a:d3:93:dc:28:d7:9b:5c:89:29:8e: 0b:b2:71:98:61:c0:8c:b5:91:eb:20:05:46:00:c4:95:52:fb: 66:b6:36:c9:b6:6b:b4:e0:e9:8e:91:9c:c6:a4:f2:1e:98:85: cd:b5:29:e9:1c:ea:05:bd:1a:4c:2c:1b:ac:9b:ec:74:bc:1e: 6e:08:21:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIwNDYxMTAvBgNVBAUTKDg5NDgwOTYzMDk1NjkyNDM4MkNDMzlENDYwRkE0NzY0 QjAxNzU5MzQwHhcNMjQxMTIyMTg0NDI5WhcNMjQxMTI5MTg0NDI5WjAYMRYwFAYD VQQDEw02NzQwZDEwZC1mMTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9dUXLxsXWPirtYZ/Q+yeOe/Kp+ylZQHnp6iC6LlGaj0H6QtYom/fM0vfBuw8 VC0RAC+iSLlI3FPEJJ/MUHbbN6uBf54O9vLyxMqDfdH/CEV0BXhLBRcMaHNMSxz/ 701CA//dMkEtkjuDpd48q1HCItg4U+QX9wLCHfPlrHOGUnYT80l728Pc+2M3iK55 W4ZFD9ghB3jU+JDZYeOGqXEehqjHm2ICvfbH7DqLUZ4vHmYYmr0OHfgSXMRB7OMr kCVTkgEHp4ks5mMWIb2aENFS4trF/wfsnxfC91M8RAq5WnMQEpY8iClY10lM+2Ug +Je1F46pW2BfaBcFZjIgCPdtYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPdxixva iQ1CMyZjYJLcqQDvY/umMB8GA1UdIwQYMBaAFIlICWMJVpJDgsw51GD6R2SwF1k0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjA0Ni8zRkIwMkFFMjE0 RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2trT0N6RG5VWVBwSFpMQVhX VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lVZ0pZd2xXa2tPQ3pEblVZUHBIWkxBWFdUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjA0Ni8zRkIwMkFFMjE0RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2tr T0N6RG5VWVBwSFpMQVhXVFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBidcADupnZ3NqRrWBWVtDxcLUp2WhB/1Vswlq9lyQjQszMrUhjRWnH qTyZ40d1kLUPbqWHMsz1vHzJm9CVL3a/mr8KTvrl+f0qnZNGW1139ATjiI3BSgJp bUa6zEsqQkSEvQvIOc+ooPf0hM9vDX4JWB/b98RJc8rFoiGX6eD5OW9hTR784BBg n+SkRSCn5qgU9WRMMHrTzej7UhjjDEVjAnwn/Ynnh9iOWN+afwymClqqmecJE966 8PSFWtOT3CjXm1yJKY4LsnGYYcCMtZHrIAVGAMSVUvtmtjbJtmu04OmOkZzGpPIe mIXNtSnpHOoFvRpMLBusm+x0vB5uCCFC -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:05 2024 by rpki-client on console-fra.rpki-client.org