$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft File: bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft (raw, json) Hash identifier: gHJz+OrVoqlezcEUu6qbx+AA7H430gp+3gb24mtN0UU= Subject key identifier: C3:9F:C6:42:88:B7:9E:68:2D:98:E6:2B:73:F0:81:48:E1:05:BE:B1 Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Certificate serial: 1A50 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft Manifest number: 1A3B Signing time: Fri 22 Nov 2024 15:42:29 +0000 Manifest this update: Fri 22 Nov 2024 15:42:28 +0000 Manifest next update: Fri 29 Nov 2024 15:42:28 +0000 Files and hashes: 1: bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl (hash: SX7T+YpYOiTRPVUHydMWIHFeGkx587aXAmb2n/khNu4=) 2: D8B92776A16A11EAA517B11EC4F9AE02.roa (hash: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6736 (0x1a50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2 Validity Not Before: Nov 22 15:42:28 2024 GMT Not After : Nov 29 15:42:28 2024 GMT Subject: CN=6740a664-850e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:82:9f:9c:a6:52:9d:09:19:65:49:78:ae:1b: a9:e1:49:e9:7f:eb:66:3e:61:29:a8:08:51:f5:34: b2:49:43:05:13:35:3e:f2:05:76:c9:3b:a7:a5:f4: 31:7a:b2:29:8f:2f:22:26:fb:9b:87:9c:2d:6d:6b: ee:43:be:6e:35:07:f8:ba:53:cb:59:15:92:d3:1f: d8:b6:fd:f9:6d:f3:c1:ba:ee:9b:e7:a4:32:87:64: f0:6a:e5:a9:40:d1:c1:77:1d:02:2a:ca:3f:1e:f3: 3c:82:29:e7:41:f1:59:ce:1d:9a:7c:aa:36:c3:2c: 50:bf:fd:ae:f6:1f:8b:f5:eb:1e:64:b1:00:21:e0: ce:da:12:c3:0b:9b:7e:72:fb:3d:19:f4:36:b3:fc: 65:97:65:71:6c:c4:68:89:93:f3:b4:27:aa:aa:b8: e6:f0:20:cd:db:04:ed:e3:d0:76:f5:f3:60:b7:5f: 06:49:67:74:cb:12:c4:11:6a:c5:bb:85:18:c3:41: 52:c3:1f:41:00:29:15:41:e0:51:6e:46:6b:e6:7e: 2f:38:78:15:76:04:10:93:84:5c:c8:50:82:bd:49: ba:2d:17:84:19:08:2a:e7:bf:ad:ef:f5:be:08:9b: d7:2c:27:6e:03:87:12:6e:6d:66:fb:8a:12:44:85: 08:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:9F:C6:42:88:B7:9E:68:2D:98:E6:2B:73:F0:81:48:E1:05:BE:B1 X509v3 Authority Key Identifier: keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:91:3f:c1:fa:dd:67:1d:26:25:70:75:c0:01:ff:7e:42:97: 93:06:6d:1c:c1:fe:e6:85:5a:06:d7:78:7a:e5:6a:5b:79:67: 5c:3c:36:6d:75:e2:14:0c:2a:d4:1f:4f:d6:1b:8e:01:ec:d9: 2d:bf:09:5f:2f:f5:9a:9a:68:bf:70:99:b0:e8:08:fc:d7:a7: 02:da:ec:5f:f9:be:fc:f4:e7:03:80:26:a4:8d:c3:c9:3d:99: f9:e7:55:8e:79:63:ed:ec:ad:0b:b1:03:4e:c4:12:1e:21:ed: 9d:c3:4d:ec:54:03:10:27:56:bd:d5:35:5f:0a:60:4a:4b:36: 13:36:36:12:aa:32:d1:16:6d:d7:9e:39:67:97:59:a7:5b:b8: 1d:2f:af:da:dc:79:42:16:76:de:54:36:05:c4:df:27:af:c2: 4b:65:82:a1:76:91:ee:58:3c:5b:33:71:1b:9b:f8:21:9c:15: 42:e4:ee:13:44:04:0c:86:e2:ae:d0:fb:0e:2c:71:4d:6a:6d: 58:cd:7c:da:42:c8:ac:82:2a:14:e1:15:d6:9d:d3:1e:c9:92: 9c:d0:6c:e1:72:55:66:2e:67:35:de:31:b5:e4:11:89:17:53: a3:71:bc:9f:f3:64:17:2f:9f:24:19:f1:08:48:25:e2:4d:85: f3:b6:95:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGlAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB QTczRTdFQTIwHhcNMjQxMTIyMTU0MjI4WhcNMjQxMTI5MTU0MjI4WjAYMRYwFAYD VQQDEw02NzQwYTY2NC04NTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoYKfnKZSnQkZZUl4rhup4Unpf+tmPmEpqAhR9TSySUMFEzU+8gV2yTunpfQx erIpjy8iJvubh5wtbWvuQ75uNQf4ulPLWRWS0x/Ytv35bfPBuu6b56Qyh2TwauWp QNHBdx0CKso/HvM8ginnQfFZzh2afKo2wyxQv/2u9h+L9eseZLEAIeDO2hLDC5t+ cvs9GfQ2s/xll2VxbMRoiZPztCeqqrjm8CDN2wTt49B29fNgt18GSWd0yxLEEWrF u4UYw0FSwx9BACkVQeBRbkZr5n4vOHgVdgQQk4RcyFCCvUm6LReEGQgq57+t7/W+ CJvXLCduA4cSbm1m+4oSRIUIRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOfxkKI t55oLZjmK3PwgUjhBb6xMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QkQyOC8yNjc1OEJCNDNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNP TEY3dFFDM1FlRE9xYy1mcUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBWkT/B+t1nHSYlcHXAAf9+QpeTBm0cwf7mhVoG13h65WpbeWdcPDZt deIUDCrUH0/WG44B7NktvwlfL/Wammi/cJmw6Aj816cC2uxf+b789OcDgCakjcPJ PZn551WOeWPt7K0LsQNOxBIeIe2dw03sVAMQJ1a91TVfCmBKSzYTNjYSqjLRFm3X njlnl1mnW7gdL6/a3HlCFnbeVDYFxN8nr8JLZYKhdpHuWDxbM3Ebm/ghnBVC5O4T RAQMhuKu0PsOLHFNam1YzXzaQsisgioU4RXWndMeyZKc0GzhclVmLmc13jG15BGJ F1Ojcbyf82QXL58kGfEISCXiTYXztpUD -----END CERTIFICATE-----Generated at Fri Nov 22 16:50:06 2024 by rpki-client on console-ams.rpki-client.org