$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft File: cq-668ns3aLu0tSbE-YEjqPkHmA.mft (raw, json) Hash identifier: ziztJht2p1hM9EghUubMsmdyUsjGVIbNLbtZXaiNvps= Subject key identifier: 2C:C4:A3:DF:D1:01:97:F8:02:5F:94:49:DD:4C:67:FD:11:FE:0D:B6 Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 2141 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft Manifest number: 210E Signing time: Fri 22 Nov 2024 15:56:34 +0000 Manifest this update: Fri 22 Nov 2024 15:56:34 +0000 Manifest next update: Fri 29 Nov 2024 15:56:34 +0000 Files and hashes: 1: cq-668ns3aLu0tSbE-YEjqPkHmA.crl (hash: UqTUo6LOpQF+GLXCyZ2FD01E71iE3P1fxnTVQWrgCbw=) 2: E9DE96C44C3611EEA9D59630C4F9AE02.roa (hash: uVlM8HNY3NDmZuTJ/98xK6ucMIdX8gkJyRYRKke/tSI=) 3: 7798FA94D9BF11ED88162D23C4F9AE02.roa (hash: vStZnM9WCgxtVX8wfoyGf3Lbbte/JmkQGjn+i0zi598=) 4: 0FB07E54D28311EDB1655152C4F9AE02.roa (hash: 1KNG804HJXbmuscPZGxeo+rIAhTe5LA9W6bCRM5ho8E=) 5: E50E6E14B63411EDB4416786C4F9AE02.roa (hash: Tziz2C2qn61onOhQ/7eEcg4qDtF40KkoiHOBMO6jD30=) 6: 0F0824DED28311EDB1655152C4F9AE02.roa (hash: sD/Lha1/h/4VymmtWUgMkaUP/2C8au09wbb4DSwjklc=) 7: AB9E7432714911EEBF95153CC4F9AE02.roa (hash: cMZRax7yg+Jh41+iL95xVmrPzqbsdWq+nKamnxLnIZ8=) 8: 1C628A90671411EEA0040661C4F9AE02.roa (hash: 0N5bttIpbIcm1sEA9sXBrACSJP3bYLL7Dk0nt1z4P4c=) 9: EEFB07CCB8A311ED8F694046C4F9AE02.roa (hash: IdMt6eJbJY0CQOsRt3BklbohXFfNbPy1Yiz62IuF3WE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:56:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8513 (0x2141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Validity Not Before: Nov 22 15:56:34 2024 GMT Not After : Nov 29 15:56:34 2024 GMT Subject: CN=6740a9b2-7145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:43:19:42:47:ab:77:27:89:83:11:84:6d:01: ca:65:69:8b:f4:f5:e5:59:81:a8:6b:a8:2c:a3:97: c6:0e:75:6d:8b:c2:fc:3b:b6:86:d5:54:40:dc:aa: 43:e9:b1:34:83:2a:37:fb:ee:5f:bc:32:1d:32:cb: 40:e5:20:0e:2b:a1:68:50:6e:69:d6:f1:03:44:f4: 4f:4c:10:59:28:4c:91:b4:55:54:3e:90:c9:64:30: 8c:53:d9:b4:24:00:65:df:d2:5d:b6:ec:43:79:72: 2d:f4:a8:9c:aa:df:e1:6b:a3:d5:84:4e:e6:62:af: b0:8b:69:19:58:f7:32:e0:85:71:03:44:1b:08:e7: 39:36:30:80:59:7a:46:81:6a:3b:59:da:29:d8:00: e1:0f:2a:e4:94:9c:f5:fb:2b:2f:59:c6:bd:8e:89: 08:07:6a:17:ea:7d:7e:b5:6b:89:c5:19:3e:52:c3: 24:4f:a5:ee:07:76:58:00:d3:62:c0:8c:94:6a:43: 67:92:3b:c1:8e:95:5d:62:6e:9d:95:16:43:87:a2: 43:82:55:25:b3:3c:f5:09:44:9f:1c:7f:c2:b9:ec: 7e:0f:d5:20:97:fd:43:51:97:9c:e3:7b:e7:9a:f1: fc:59:74:0c:d2:d1:35:27:fa:fe:4a:4b:18:86:9b: 10:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:C4:A3:DF:D1:01:97:F8:02:5F:94:49:DD:4C:67:FD:11:FE:0D:B6 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:04:be:ad:39:8d:8b:d6:40:19:2c:e8:87:63:cf:62:46:4d: ba:30:0e:a4:cd:2f:10:5b:17:2f:cb:35:29:30:c8:be:4f:83: 62:05:36:f7:f7:47:1a:a9:0a:a6:65:5e:b0:19:7b:d2:09:23: b5:47:e4:9f:c5:f2:79:45:f9:83:52:11:75:85:f1:46:37:b1: f0:aa:07:be:ea:5a:48:ec:0c:34:07:80:c3:a8:08:df:9f:15: cc:98:7d:8c:c8:3a:fe:27:35:bb:96:53:92:4e:8d:40:5b:cf: 92:d8:bc:40:5d:66:cf:8d:b7:ee:29:8c:46:11:b0:5b:9b:f5: d7:a6:6b:68:c1:6c:f8:e8:a9:63:32:8c:ce:3c:a4:2b:b3:f7: 4c:55:89:8e:fe:6f:af:f9:66:38:9f:f2:fd:19:7b:23:7f:d1: d8:1f:3e:63:42:81:d8:4f:b5:f6:49:32:84:4e:de:43:db:f0: 45:d1:4b:35:71:d8:13:55:a5:7f:51:de:74:af:40:71:c0:38: 5d:6e:cf:14:49:cf:92:1f:79:0b:5f:94:ff:3b:8a:ef:cc:6f: 29:f3:1f:00:04:3e:2d:3c:f5:af:8f:47:ab:19:23:8e:08:3d: 60:29:a8:7e:81:07:d2:e3:16:ec:e2:e1:19:30:31:05:3b:a4: 00:8d:d2:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjQxMTIyMTU1NjM0WhcNMjQxMTI5MTU1NjM0WjAYMRYwFAYD VQQDEw02NzQwYTliMi03MTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0UMZQkerdyeJgxGEbQHKZWmL9PXlWYGoa6gso5fGDnVti8L8O7aG1VRA3KpD 6bE0gyo3++5fvDIdMstA5SAOK6FoUG5p1vEDRPRPTBBZKEyRtFVUPpDJZDCMU9m0 JABl39JdtuxDeXIt9Kicqt/ha6PVhE7mYq+wi2kZWPcy4IVxA0QbCOc5NjCAWXpG gWo7Wdop2ADhDyrklJz1+ysvWca9jokIB2oX6n1+tWuJxRk+UsMkT6XuB3ZYANNi wIyUakNnkjvBjpVdYm6dlRZDh6JDglUlszz1CUSfHH/Cuex+D9Ugl/1DUZec43vn mvH8WXQM0tE1J/r+SksYhpsQGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCzEo9/R AZf4Al+USd1MZ/0R/g22MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REQ0RC9CQUUxMDhDNEVBNjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNh THUwdFNiRS1ZRWpxUGtIbUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIBL6tOY2L1kAZLOiHY89iRk26MA6kzS8QWxcvyzUpMMi+T4NiBTb3 90caqQqmZV6wGXvSCSO1R+SfxfJ5RfmDUhF1hfFGN7Hwqge+6lpI7Aw0B4DDqAjf nxXMmH2MyDr+JzW7llOSTo1AW8+S2LxAXWbPjbfuKYxGEbBbm/XXpmtowWz46Klj MozOPKQrs/dMVYmO/m+v+WY4n/L9GXsjf9HYHz5jQoHYT7X2STKETt5D2/BF0Us1 cdgTVaV/Ud50r0BxwDhdbs8USc+SH3kLX5T/O4rvzG8p8x8ABD4tPPWvj0erGSOO CD1gKah+gQfS4xbs4uEZMDEFO6QAjdIS -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:23 2024 by rpki-client on console-ams.rpki-client.org