$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft File: 5A19D2FDC8392727696F70449B8B32AF772091A8.mft (raw, json) Hash identifier: Z2Gsn28XQqG4ajGx3KCPqjVglba7ikiz7VJfJLxZsng= Subject key identifier: A1:71:2E:9A:85:77:48:14:E0:47:2B:54:ED:1F:5C:69:A2:3B:E8:86 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 71C7F54BA540F328C48DFF19D1887399EE799C54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft Manifest number: 043A Signing time: Mon 06 May 2024 05:49:18 +0000 Manifest this update: Mon 06 May 2024 05:44:18 +0000 Manifest next update: Tue 07 May 2024 06:21:18 +0000 Files and hashes: 1: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (hash: tZTBEgBUAkeRkAOgam+T7tIP/mnZd+9ceBVwTojVScc=) 2: 3130332e35372e3136352e302f32342d3234203d3e203336333531.roa (hash: hnUP+LSfwbmaYV0QaPQzfeAsGBB7AaX+gU94pB3RBgU=) 3: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (hash: Tv+usmJkd+KBVQeWPzc1a5l+SPvARVHVI+nlIdoKQ7A=) 4: 3130332e35372e3136342e302f32322d3234203d3e2038383838.roa (hash: /r3PDU5/NkARrZpeUUbfGB+uzXBpHyMoyEGZ8FyzbN8=) 5: 323430333a326538303a3a2f33322d3438203d3e2038383838.roa (hash: hX05wYKbUhf64T+4LRMGom288yjb9hQWUYVLA7svb0k=) 6: 3130332e35372e3136342e302f32322d3234203d3e203233383538.roa (hash: 6iTwh29asALa186GLrdEOEQQQ3xtqz0IpxBTyYIZUyo=) 7: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (hash: iTa3BK0ve/O/SJR9CzCWGZeYkBAlje1b84uMruy/6Zo=) 8: 5A19D2FDC8392727696F70449B8B32AF772091A8.crl (hash: tXS+8Vt3naO26OBTT9YUaJk0aNfipEHMmfXS55XbBGY=) 9: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (hash: CUxRC/iG4psqYdK+jG5CiVuAkoD6KYjpO6XMnKxpOpU=) 10: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (hash: /+UUdPDLGPPAYRS/LchURT4xIfaw54NUklO2/rVraKY=) 11: 34352e3131372e3130332e302f32342d3234203d3e2034373835.roa (hash: w0ZW+ur9gCqMNGLzY+RcRrOtIlw2CqouK0RF1NyZ6pM=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 06:21:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:c7:f5:4b:a5:40:f3:28:c4:8d:ff:19:d1:88:73:99:ee:79:9c:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: May 6 05:44:18 2024 GMT Not After : May 7 06:21:18 2024 GMT Subject: CN=A1712E9A85774814E0472B54ED1F5C69A23BE886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:6f:6e:68:f6:88:26:23:f7:e7:b0:8c:c5:0e: 9b:01:d9:f8:0d:db:98:21:eb:1c:0e:14:4e:97:22: 6e:e6:cf:0f:a1:83:c3:04:c8:3f:a2:fe:09:dd:51: c9:08:a2:8e:74:13:24:d1:5a:0c:4d:69:eb:c1:02: 0f:c2:5d:54:53:35:97:40:de:56:86:46:3f:b8:05: 43:6e:96:4c:ca:30:96:2d:56:1c:78:fb:37:ae:51: a3:34:83:0f:6f:81:a7:c2:f3:39:38:2d:f1:a8:6c: 06:05:53:a8:03:09:53:cc:39:e3:23:2d:ea:4b:fc: 16:56:59:04:07:b1:8e:fb:82:a5:8f:6e:08:87:aa: 65:11:52:62:99:67:11:8b:25:da:2d:45:ff:14:8a: 33:15:45:39:9a:96:a4:43:5a:ca:e9:8e:e6:cd:f9: e0:81:e2:ba:50:2a:62:2b:f3:92:61:7a:cd:c2:fd: 34:83:b7:b3:92:6e:a7:75:f5:c4:fd:f8:5d:53:3f: 09:a1:5c:e5:80:cb:23:01:f1:20:56:45:c0:bb:1d: de:56:0f:9b:83:52:2e:ac:e4:83:80:96:f3:d5:e5: 1d:40:15:0e:3b:fd:d1:32:00:4a:ca:a8:d7:af:28: b6:cb:4e:33:41:71:28:52:56:25:a6:fb:95:af:49: ee:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:71:2E:9A:85:77:48:14:E0:47:2B:54:ED:1F:5C:69:A2:3B:E8:86 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:62:27:82:02:42:ef:03:cd:d8:c0:80:5c:38:e4:0e:9f:fc: 31:81:f4:f1:d8:45:ff:9f:cb:29:24:ad:25:ba:7c:77:a5:25: 7c:4f:5d:14:b0:3a:bd:c0:cc:a3:ac:58:b8:48:19:af:0f:2b: c6:13:58:1d:58:f4:82:4b:ab:5b:5a:8d:be:bc:7f:4a:5d:73: 64:b4:08:45:27:91:1e:3e:ba:49:6f:a7:79:a7:9d:ad:c2:be: cd:15:b2:2b:19:fc:3c:32:76:6d:17:26:21:c2:0e:f1:2c:e8: ef:f1:f4:4f:e5:05:ac:3c:c0:12:94:46:c5:b6:4b:ac:98:c8: 3e:be:66:8e:8a:6f:93:9b:95:7b:7b:44:03:ce:2a:cd:6f:31: 75:ff:ae:39:f6:61:0d:ee:4f:84:5f:c6:85:a1:f3:ea:41:20: 22:ed:7b:55:18:85:c1:38:37:8c:b0:66:e7:56:47:dc:b2:dd: ac:18:ae:cb:74:45:f4:00:c1:72:96:a6:55:ca:a2:1d:d3:eb: 22:bd:f0:75:87:34:20:0e:8c:ff:2b:c0:d9:ca:5e:82:af:cb: 2c:83:f7:a1:75:5d:47:b3:16:c1:6d:17:ed:56:5f:f8:1d:08: cd:06:b7:6e:75:ea:3d:1f:c6:71:be:96:ff:22:9d:36:5a:e1: 9c:9a:31:65 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUccf1S6VA8yjEjf8Z0Yhzme55nFQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDUwNjA1NDQxOFoX DTI0MDUwNzA2MjExOFowMzExMC8GA1UEAxMoQTE3MTJFOUE4NTc3NDgxNEUwNDcy QjU0RUQxRjVDNjlBMjNCRTg4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKBvbmj2iCYj9+ewjMUOmwHZ+A3bmCHrHA4UTpcibubPD6GDwwTIP6L+Cd1R yQiijnQTJNFaDE1p68ECD8JdVFM1l0DeVoZGP7gFQ26WTMowli1WHHj7N65RozSD D2+Bp8LzOTgt8ahsBgVTqAMJU8w54yMt6kv8FlZZBAexjvuCpY9uCIeqZRFSYpln EYsl2i1F/xSKMxVFOZqWpENayumO5s354IHiulAqYivzkmF6zcL9NIO3s5Jup3X1 xP34XVM/CaFc5YDLIwHxIFZFwLsd3lYPm4NSLqzkg4CW89XlHUAVDjv90TIASsqo 168otstOM0FxKFJWJab7la9J7uECAwEAAaOCAfUwggHxMB0GA1UdDgQWBBShcS6a hXdIFOBHK1TtH1xpojvohjAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvNUExOUQyRkRDODM5MjcyNzY5NkY3MDQ0OUI4QjMy QUY3NzIwOTFBOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFViJ4ICQu8DzdjAgFw45A6f/DGB9PHYRf+f yykkrSW6fHelJXxPXRSwOr3AzKOsWLhIGa8PK8YTWB1Y9IJLq1tajb68f0pdc2S0 CEUnkR4+uklvp3mnna3Cvs0VsisZ/Dwydm0XJiHCDvEs6O/x9E/lBaw8wBKURsW2 S6yYyD6+Zo6Kb5OblXt7RAPOKs1vMXX/rjn2YQ3uT4RfxoWh8+pBICLte1UYhcE4 N4ywZudWR9yy3awYrst0RfQAwXKWplXKoh3T6yK98HWHNCAOjP8rwNnKXoKvyyyD 96F1XUezFsFtF+1WX/gdCM0Gt2516j0fxnG+lv8inTZa4ZyaMWU= -----END CERTIFICATE-----Generated at Mon May 6 09:29:48 2024 by rpki-client on console-ams.rpki-client.org