$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: Ok7O0rOiVzUgzrMmzqhhoUFWNTJ/0lrAa5OOGNPmOfs= Subject key identifier: C5:71:20:4F:C8:AB:8B:35:FB:AE:4D:AC:B1:7E:83:39:E0:4F:47:BA Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: 14 Signing time: Thu 19 Sep 2024 06:16:24 +0000 Manifest this update: Thu 19 Sep 2024 06:16:24 +0000 Manifest next update: Thu 26 Sep 2024 06:16:24 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: K3fko121EHLQ7ShfYuSdQ8DTqGYPOCR/hdMVo+WGAX8=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ncT/DU/CkvY+ZDZUWWd4l8WmdC4akyN5fyxJxxvzE1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Sep 2024 06:11:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Sep 19 06:16:24 2024 GMT Not After : Sep 26 06:16:24 2024 GMT Subject: CN=66ebc1b8-6ff5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:32:6b:a2:cc:0f:2c:d1:62:30:8f:16:84:9f: 20:f5:11:61:c6:73:fa:f7:e4:a8:5d:2d:ca:e5:b7: 3e:08:62:a8:c4:c9:f0:6f:2a:72:43:6e:fd:d3:ad: 6d:13:57:a9:f5:bf:bd:46:8c:51:cf:24:e0:73:6c: 5e:86:46:35:14:08:df:d5:59:2d:63:24:32:78:ca: da:09:dc:97:78:d9:ca:20:4b:45:5e:df:18:84:b3: 43:a7:a5:9c:b8:68:80:4b:1d:cf:e9:96:92:ce:19: e7:f3:bf:76:22:d4:dd:4e:9d:f0:8e:7d:c9:8f:19: c6:09:a6:6e:19:c6:07:ad:d8:ac:29:38:8a:c7:96: 99:11:91:3e:5c:01:d5:4e:90:54:b0:a1:28:90:7d: 69:76:da:24:e2:68:28:f2:54:e3:d6:72:66:98:00: 3b:ff:0e:1e:1b:91:97:b3:72:46:8d:fb:e2:be:3b: 0a:7d:9a:b7:02:fc:6c:13:1f:ba:03:f9:00:75:21: 6f:d7:f0:63:82:f3:e1:80:cf:c8:36:84:e9:21:be: d4:da:7c:15:a7:47:f2:b1:a4:bc:a6:41:6f:61:8a: 5f:0c:51:22:a7:20:41:e0:81:b8:1c:d3:41:e8:31: f1:1f:c0:9f:b3:ba:44:0e:07:88:4b:b6:b9:b6:d9: df:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:71:20:4F:C8:AB:8B:35:FB:AE:4D:AC:B1:7E:83:39:E0:4F:47:BA X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:f2:8a:aa:1c:41:3e:38:d8:6a:16:a7:65:14:f4:34:8e:b9: fd:55:ba:85:e9:e2:a1:7c:69:bb:57:00:5c:8a:ab:bc:3d:3f: a6:24:99:49:ff:49:fd:7d:8f:50:96:bb:e8:e2:d7:fb:96:8b: 85:76:a5:48:3d:40:7c:82:d6:06:e7:51:a1:c9:e4:3c:cc:c1: 97:bc:c2:69:24:06:79:90:b8:6b:db:1a:58:3d:5c:71:f0:ac: f7:1b:bd:23:c0:fc:1f:fe:a7:1e:a9:a3:8b:af:23:b5:00:37: cd:6e:8e:1a:20:4b:3e:e7:91:26:b8:a8:2b:ca:6c:84:c8:47: ed:ac:6f:43:b3:1e:86:f1:57:1c:3e:a4:a3:65:47:16:04:1e: 95:49:6d:19:38:73:b1:f4:96:49:32:30:33:5d:d4:dd:1b:cd: 1b:b6:17:5b:7a:3b:c8:4b:a8:a4:f2:08:d0:30:05:63:c3:43: dc:e5:c8:bf:34:8f:c5:2c:49:9b:89:b9:b8:18:9c:d5:08:e5: 98:79:d5:41:ee:74:1f:2e:e5:09:72:70:5c:49:d8:0a:bd:6b: e9:0b:28:89:4f:eb:67:db:4b:2e:59:b8:d3:d9:2e:46:b2:91: e6:19:2b:a5:b6:2f:12:ac:3c:7c:d5:f1:41:82:4b:1b:71:8e: 4d:48:0d:00 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MkNFNzExMC8GA1UEBRMoOTAxQTlGOUU4QUU0MDYyRTUyMTlCNzY1MkQ4RTlGRUU3 RUM1QUUzMzAeFw0yNDA5MTkwNjE2MjRaFw0yNDA5MjYwNjE2MjRaMBgxFjAUBgNV BAMTDTY2ZWJjMWI4LTZmZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfMmuizA8s0WIwjxaEnyD1EWHGc/r35KhdLcrltz4IYqjEyfBvKnJDbv3TrW0T V6n1v71GjFHPJOBzbF6GRjUUCN/VWS1jJDJ4ytoJ3Jd42cogS0Ve3xiEs0OnpZy4 aIBLHc/plpLOGefzv3Yi1N1OnfCOfcmPGcYJpm4Zxget2KwpOIrHlpkRkT5cAdVO kFSwoSiQfWl22iTiaCjyVOPWcmaYADv/Dh4bkZezckaN++K+Owp9mrcC/GwTH7oD +QB1IW/X8GOC8+GAz8g2hOkhvtTafBWnR/KxpLymQW9hil8MUSKnIEHggbgc00Ho MfEfwJ+zukQOB4hLtrm22d9fAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxXEgT8ir izX7rk2ssX6DOeBPR7owHwYDVR0jBBgwFoAUkBqfnorkBi5SGbdlLY6f7n7FrjMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyQ0U3LzcyRjc1Qjk4NUFE RDExRUY4MTJDOTIzRkM0RjlBRTAyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJq TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva0JxZm5vcmtCaTVTR2JkbExZNmY3bjdGcmpNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYy Q0U3LzcyRjc1Qjk4NUFERDExRUY4MTJDOTIzRkM0RjlBRTAyL2tCcWZub3JrQmk1 U0diZGxMWTZmN243RnJqTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA/yiqocQT442GoWp2UU9DSOuf1VuoXp4qF8abtXAFyKq7w9P6YkmUn/ Sf19j1CWu+ji1/uWi4V2pUg9QHyC1gbnUaHJ5DzMwZe8wmkkBnmQuGvbGlg9XHHw rPcbvSPA/B/+px6po4uvI7UAN81ujhogSz7nkSa4qCvKbITIR+2sb0OzHobxVxw+ pKNlRxYEHpVJbRk4c7H0lkkyMDNd1N0bzRu2F1t6O8hLqKTyCNAwBWPDQ9zlyL80 j8UsSZuJubgYnNUI5Zh51UHudB8u5QlycFxJ2Aq9a+kLKIlP62fbSy5ZuNPZLkay keYZK6W2LxKsPHzV8UGCSxtxjk1IDQA= -----END CERTIFICATE-----Generated at Thu Sep 19 08:57:58 2024 by rpki-client on console-ams.rpki-client.org