$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: IhcImCkoYtjZBEidTxwwrFIHQ+xE90/WTKtFlnP0cpo= Subject key identifier: 74:4A:54:1E:A0:12:2D:7F:7E:9B:0E:C4:64:B2:A9:F1:2F:F9:0A:24 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0BEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0BE2 Signing time: Fri 22 Nov 2024 18:29:41 +0000 Manifest this update: Fri 22 Nov 2024 18:29:40 +0000 Manifest next update: Fri 29 Nov 2024 18:29:40 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: 2h53+o5fMXZcIs4bmFGa8rJ7iqWFajiD7zqAQn+leaM=) 2: 02D73B5ED1A911EC97A6335DC4F9AE02.roa (hash: 5ZODFpuvGOGh3n1/2yQh4kcogA3iU+iI9ADHDF/fOu8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:29:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3052 (0xbec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Nov 22 18:29:40 2024 GMT Not After : Nov 29 18:29:40 2024 GMT Subject: CN=6740cd95-9e6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:68:f3:0f:f1:bd:ef:68:71:79:25:72:01:1a: e0:37:13:2b:8c:56:14:0b:c7:5a:ed:65:73:b8:a6: d0:58:a1:bd:cb:be:9a:52:5a:45:ab:04:a0:7d:d2: 3c:2d:32:c9:34:bd:ce:3f:cb:38:f1:61:c1:a4:2b: f8:13:b2:b8:b5:b8:b0:12:d0:43:d0:4d:41:a7:cc: 01:5d:b7:e0:19:e8:e0:b6:fe:7c:6c:3f:8f:0d:44: 95:d1:c1:22:08:e8:f6:94:c3:bd:bd:dc:a4:59:5f: 3b:d5:04:92:54:16:27:8e:46:93:1c:b1:12:39:f8: 0b:20:fc:0b:4a:b6:20:2e:84:12:7b:46:fd:fc:95: 4e:72:5d:3c:88:33:64:b1:f4:34:a5:e9:f6:8d:8d: 65:32:31:65:eb:d4:fa:9b:0f:b2:be:89:0a:4c:d7: ec:d2:ff:f4:7d:24:36:3e:4b:8e:b4:3b:97:f5:51: 37:06:03:30:da:62:46:50:a5:80:aa:d0:32:df:3c: f5:4b:37:f9:16:85:7b:4f:f2:21:2f:1f:3e:6a:0d: f5:1f:e0:bd:28:55:1a:75:11:c0:23:3b:5d:be:9a: 3b:96:89:a1:a6:0d:ce:cd:8a:0c:5a:84:cb:b3:db: 87:56:f3:40:6e:c4:8c:e8:2b:6f:82:67:a9:90:2e: 32:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:4A:54:1E:A0:12:2D:7F:7E:9B:0E:C4:64:B2:A9:F1:2F:F9:0A:24 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:41:98:93:14:86:a4:cc:d9:37:97:44:78:70:de:1a:05:ed: a9:f9:b1:51:18:e0:b4:5c:59:bf:f0:78:4c:51:ff:b5:c2:00: a9:b9:be:32:54:80:6d:8d:c7:55:a7:a6:4c:ee:be:4f:98:92: ab:d7:75:75:38:75:f7:50:f7:2d:ce:42:35:09:3c:ab:df:4d: f7:7f:01:f3:2a:57:3e:43:fd:aa:6a:a3:aa:ba:50:9e:02:80: 75:8d:0f:e0:01:7e:14:3a:bd:d9:9f:a3:e2:66:4b:bf:a7:2e: 5e:de:4b:fd:f9:94:24:f6:52:ca:65:61:a2:9c:7d:f4:44:0e: 13:4d:c8:07:f7:04:b5:dd:5d:f0:e0:b5:00:09:19:b9:16:5e: 3d:50:8a:c8:b1:64:e3:4e:2a:8d:ad:d7:53:9c:0a:97:c0:0d: c1:25:ad:ab:81:ea:12:e5:82:62:eb:1a:81:bc:4b:8e:92:8b: 84:7d:89:d6:59:9f:ae:2f:97:89:32:d2:7b:f5:03:e8:a8:c4: 2b:4b:2d:fe:62:50:d1:8e:e6:55:fa:da:d4:82:0e:04:66:e7: 03:af:5f:80:34:82:09:49:e4:f1:bc:e3:f7:1b:32:d1:27:e4: 81:fa:4e:20:26:c3:7b:33:7c:65:c8:c9:11:2a:17:85:9c:5e: b8:2b:23:2c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjQxMTIyMTgyOTQwWhcNMjQxMTI5MTgyOTQwWjAYMRYwFAYD VQQDEw02NzQwY2Q5NS05ZTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyWjzD/G972hxeSVyARrgNxMrjFYUC8da7WVzuKbQWKG9y76aUlpFqwSgfdI8 LTLJNL3OP8s48WHBpCv4E7K4tbiwEtBD0E1Bp8wBXbfgGejgtv58bD+PDUSV0cEi COj2lMO9vdykWV871QSSVBYnjkaTHLESOfgLIPwLSrYgLoQSe0b9/JVOcl08iDNk sfQ0pen2jY1lMjFl69T6mw+yvokKTNfs0v/0fSQ2PkuOtDuX9VE3BgMw2mJGUKWA qtAy3zz1Szf5FoV7T/IhLx8+ag31H+C9KFUadRHAIztdvpo7lomhpg3OzYoMWoTL s9uHVvNAbsSM6CtvgmepkC4yvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHRKVB6g Ei1/fpsOxGSyqfEv+QokMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQQZiTFIakzNk3l0R4cN4aBe2p+bFRGOC0XFm/8HhMUf+1wgCpub4y VIBtjcdVp6ZM7r5PmJKr13V1OHX3UPctzkI1CTyr3033fwHzKlc+Q/2qaqOqulCe AoB1jQ/gAX4UOr3Zn6PiZku/py5e3kv9+ZQk9lLKZWGinH30RA4TTcgH9wS13V3w 4LUACRm5Fl49UIrIsWTjTiqNrddTnAqXwA3BJa2rgeoS5YJi6xqBvEuOkouEfYnW WZ+uL5eJMtJ79QPoqMQrSy3+YlDRjuZV+trUgg4EZucDr1+ANIIJSeTxvOP3GzLR J+SB+k4gJsN7M3xlyMkRKheFnF64KyMs -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org