$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: Mcl4xN53k2XEKdmz+9dhwGJ6L6akx8yr6Lx+zttboNQ= Subject key identifier: 4C:DD:FD:13:28:13:E2:34:AC:D2:D3:B5:F4:2D:39:E3:AA:E4:4A:64 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: 34 Signing time: Thu 21 Nov 2024 05:36:33 +0000 Manifest this update: Thu 21 Nov 2024 05:36:33 +0000 Manifest next update: Thu 28 Nov 2024 05:36:32 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: UylQmmCTNSyFxPtSC0EGDXv+ukgGOPOErO2GmK45sgw=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ncT/DU/CkvY+ZDZUWWd4l8WmdC4akyN5fyxJxxvzE1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Nov 21 05:36:33 2024 GMT Not After : Nov 28 05:36:32 2024 GMT Subject: CN=673ec6e1-5e08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:3f:9b:8f:29:b1:72:69:32:6e:26:aa:7d:f6: 6d:c9:3c:b9:60:2d:40:79:e6:cf:05:b6:23:fc:9c: db:f8:bd:a2:58:bc:1f:a8:96:3b:27:10:ab:76:39: 81:7e:42:21:e1:46:7d:ae:cd:53:e7:03:b8:33:e8: c7:8b:e9:5a:6a:14:13:56:b3:e8:4a:f8:78:24:f9: d8:e0:5f:40:7a:58:4e:54:a6:68:d3:8c:cd:70:b5: df:31:01:7e:0a:06:93:ea:2a:bc:25:bb:ef:60:46: df:77:4a:dd:18:d2:3d:d0:3e:1d:69:8e:17:80:41: 0c:a8:aa:2f:42:8e:35:cd:70:cc:f1:35:07:77:e3: 10:55:72:11:9f:e2:9b:ec:5e:27:cb:5f:41:8d:1a: 92:cc:8a:70:0a:11:d8:8e:6b:6a:9c:e3:90:74:ba: 51:ea:e6:05:9d:61:d7:9d:a0:eb:d3:8f:9e:d0:47: 72:55:f1:42:7e:69:0e:6c:e6:03:12:e0:e6:a9:dd: ee:ab:c0:ec:56:9a:9f:f1:ea:3d:69:4d:f4:ab:36: 13:4e:90:6f:36:3d:75:9b:09:65:9c:03:70:90:e5: 28:05:6d:df:60:90:99:fd:22:20:12:3f:19:b9:a3: be:1c:1f:c6:3b:95:45:ff:18:87:40:ea:87:84:aa: 54:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:DD:FD:13:28:13:E2:34:AC:D2:D3:B5:F4:2D:39:E3:AA:E4:4A:64 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b5:29:c5:8a:c1:0a:76:52:b2:6f:3b:1e:95:eb:a4:3e:cc:c3: 12:9e:60:3c:ae:62:5c:a4:63:8f:44:ae:84:94:7b:fa:30:38: 9e:86:e1:7d:1e:91:01:85:3b:e6:53:89:19:73:71:1e:5c:ce: 45:70:47:94:d7:7c:6a:55:d2:e0:3a:40:b1:3b:34:c8:23:ed: 2f:3f:6c:e3:78:fe:b4:ab:4b:ad:d9:86:c9:9d:ce:55:12:f9: fe:09:3c:79:ca:44:c9:2e:98:ca:8c:68:84:75:b0:be:f8:00: 3d:58:b2:b2:46:5c:e6:f0:0c:3a:a6:c3:60:9f:10:5d:03:ad: f3:fc:72:9d:fe:87:33:ad:49:2e:66:ad:fe:d2:ca:0c:0e:4c: 96:ff:ec:42:0e:e3:19:20:5a:b3:b7:ee:20:59:3f:3d:04:62: b9:99:d5:98:5a:3f:e6:4b:89:28:2c:dc:f8:21:11:fa:8e:95: 44:c6:67:54:91:d2:bc:97:38:cc:54:9c:28:82:15:ea:b7:78: 3d:f7:8b:e6:39:37:af:a1:fa:72:02:22:9b:44:5e:9a:f3:d5: 8b:ac:73:29:99:12:5f:8d:25:a2:1a:40:3d:da:9a:f4:f0:7a: f1:ab:a0:b5:8a:eb:67:1e:d5:a3:6d:4a:74:8b:67:f1:11:d1: 03:e2:47:c3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MkNFNzExMC8GA1UEBRMoOTAxQTlGOUU4QUU0MDYyRTUyMTlCNzY1MkQ4RTlGRUU3 RUM1QUUzMzAeFw0yNDExMjEwNTM2MzNaFw0yNDExMjgwNTM2MzJaMBgxFjAUBgNV BAMTDTY3M2VjNmUxLTVlMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqP5uPKbFyaTJuJqp99m3JPLlgLUB55s8FtiP8nNv4vaJYvB+oljsnEKt2OYF+ QiHhRn2uzVPnA7gz6MeL6VpqFBNWs+hK+Hgk+djgX0B6WE5UpmjTjM1wtd8xAX4K BpPqKrwlu+9gRt93St0Y0j3QPh1pjheAQQyoqi9CjjXNcMzxNQd34xBVchGf4pvs XifLX0GNGpLMinAKEdiOa2qc45B0ulHq5gWdYdedoOvTj57QR3JV8UJ+aQ5s5gMS 4Oap3e6rwOxWmp/x6j1pTfSrNhNOkG82PXWbCWWcA3CQ5SgFbd9gkJn9IiASPxm5 o74cH8Y7lUX/GIdA6oeEqlTTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTN39EygT 4jSs0tO19C0546rkSmQwHwYDVR0jBBgwFoAUkBqfnorkBi5SGbdlLY6f7n7FrjMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyQ0U3LzcyRjc1Qjk4NUFE RDExRUY4MTJDOTIzRkM0RjlBRTAyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJq TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva0JxZm5vcmtCaTVTR2JkbExZNmY3bjdGcmpNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYy Q0U3LzcyRjc1Qjk4NUFERDExRUY4MTJDOTIzRkM0RjlBRTAyL2tCcWZub3JrQmk1 U0diZGxMWTZmN243RnJqTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALUpxYrBCnZSsm87HpXrpD7MwxKeYDyuYlykY49EroSUe/owOJ6G4X0e kQGFO+ZTiRlzcR5czkVwR5TXfGpV0uA6QLE7NMgj7S8/bON4/rSrS63ZhsmdzlUS +f4JPHnKRMkumMqMaIR1sL74AD1YsrJGXObwDDqmw2CfEF0DrfP8cp3+hzOtSS5m rf7SygwOTJb/7EIO4xkgWrO37iBZPz0EYrmZ1ZhaP+ZLiSgs3PghEfqOlUTGZ1SR 0ryXOMxUnCiCFeq3eD33i+Y5N6+h+nICIptEXprz1YuscymZEl+NJaIaQD3amvTw evGroLWK62ce1aNtSnSLZ/ER0QPiR8M= -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:40 2024 by rpki-client on console-ams.rpki-client.org