$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft File: 5A19D2FDC8392727696F70449B8B32AF772091A8.mft (raw, json) Hash identifier: ShzS7mx+nj3XABR4g74OkNgb5O8TsPOiLRfMiQnf/Ck= Subject key identifier: AE:BE:23:70:69:2E:FA:F1:1D:4E:74:29:22:75:1D:80:4F:BD:34:C0 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 28154BFED6CCBEF553CE55E1488AD250D7F4275F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft Manifest number: 0543 Signing time: Mon 25 Nov 2024 12:37:05 +0000 Manifest this update: Mon 25 Nov 2024 12:32:05 +0000 Manifest next update: Tue 26 Nov 2024 15:33:05 +0000 Files and hashes: 1: 323430333a326538303a3a2f33322d3438203d3e2038383838.roa (hash: BXr190YMJHQxmWlxeRnUrhn/SSQploVAKewTY5AAwas=) 2: 34352e3131372e3130332e302f32342d3234203d3e2034373835.roa (hash: OAx44UBQtqTx/sf7Ypb1JySuUeicgRwCGdCfYQjlgWk=) 3: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (hash: sjhpTTvgo1FU3FaH8+zye7CEY4XTySIpONdDjAMSaqY=) 4: 3130332e35372e3136342e302f32322d3234203d3e2038383838.roa (hash: /Wmkfbw/QLEaUfwznC2lEulj1F/OKW4GZn9Xm/KPUG0=) 5: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (hash: aBdDS6GrqBz2pYvAehQXWgBWcDDBIaKdKK9Nym5jFLQ=) 6: 3130332e35372e3136352e302f32342d3234203d3e203336333531.roa (hash: f2FBviAJM9nDrbOq27nSeNTQJT9zRNj0KswKLgIhEgE=) 7: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (hash: 4yKK7RQLbJBx+gt7T7QZgKRPOxG5R1dHZfrXztWXnbY=) 8: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (hash: RoPjCRMghwCK+9v8LueB1XO0CyHUDX9hongUtmgU4JA=) 9: 5A19D2FDC8392727696F70449B8B32AF772091A8.crl (hash: VXZ2PlxLil0qI5GlPeOUWpiSAUzb+Wf41JQsXtEq4Cg=) 10: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (hash: 8WGGny+jtgmSnuXipWNSY1ESLZ/IHyh7iVF3qoveYM0=) 11: 3130332e35372e3136342e302f32322d3234203d3e203233383538.roa (hash: KI2kjcb07IKesGZMinnaOEsz6/06bdA9BT5qaeeOZmU=) Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 15:33:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:15:4b:fe:d6:cc:be:f5:53:ce:55:e1:48:8a:d2:50:d7:f4:27:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Nov 25 12:32:05 2024 GMT Not After : Nov 26 15:33:05 2024 GMT Subject: CN=AEBE2370692EFAF11D4E742922751D804FBD34C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:a3:da:90:c5:1c:46:ce:43:c6:70:ef:d8:f4: aa:a5:9f:ab:41:9a:d0:6d:51:db:f4:98:44:22:94: ee:8f:94:cd:8f:c5:45:7c:1d:22:46:dd:15:29:e6: f7:5e:9e:5b:6b:2c:20:64:98:da:80:57:07:53:d4: fb:4c:96:4d:29:f8:bc:bb:de:e3:8f:d9:bc:40:58: 21:25:a2:da:f0:5a:cb:01:36:89:d1:85:13:00:9d: db:00:ca:ab:f8:72:af:09:a3:63:9a:a0:d2:90:39: b2:39:40:db:f0:c5:22:76:99:23:ea:6e:78:73:35: 87:bf:27:dd:1e:29:27:7f:a3:06:04:b5:af:75:0f: 50:a1:d2:c6:3c:ae:a2:2c:0d:18:c2:9b:e8:d3:a7: 6c:30:cf:5e:af:e6:c8:4c:5e:57:5c:9c:cc:b0:b3: 8f:a6:d0:06:96:c7:90:02:94:12:44:4c:30:c6:34: 0d:71:85:b1:8b:37:b5:df:03:f3:06:7d:a5:3e:48: dd:93:d6:72:6e:79:26:93:bf:ea:17:f0:09:c0:79: 76:48:56:e3:00:99:32:71:d0:f4:e9:c6:22:90:4a: 5f:ae:27:f9:67:2c:66:45:b3:5f:6f:14:a4:02:ac: 7e:80:87:40:5b:57:52:50:a7:5c:49:b0:49:a8:f6: ff:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:BE:23:70:69:2E:FA:F1:1D:4E:74:29:22:75:1D:80:4F:BD:34:C0 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:ab:4d:84:43:13:d4:99:bd:51:d8:d2:18:73:6f:61:ef:ce: 78:89:32:fd:9a:a2:68:41:29:76:2a:a9:a3:7c:79:e1:52:14: 36:63:4c:f8:a3:3c:04:78:55:2b:b0:2b:16:41:60:fa:de:7a: 7c:a2:87:be:aa:13:85:8f:e9:ed:74:62:1a:74:b5:fc:5e:06: 14:e0:ec:ce:39:63:a8:68:02:e7:4f:86:a0:ac:bc:de:24:b1: 8e:22:9f:11:2d:be:38:c8:69:12:f5:1f:8a:bd:a6:ec:bc:53: 18:e3:73:a8:e1:d2:a8:5f:8b:8e:c7:77:3d:5c:ab:2f:c8:17: 33:0a:7a:18:22:5f:c0:75:5e:28:26:35:cb:f6:28:ea:d3:58: 53:59:da:30:75:60:f0:91:a9:24:85:65:46:fa:03:7c:58:2c: fb:16:de:18:6a:f5:be:f5:a6:50:e7:89:de:3a:81:72:0d:f8: 81:a9:d5:47:5c:bb:43:7a:c6:ed:75:9b:5e:81:91:ab:5a:d5: b7:a2:f1:66:d3:d7:ee:78:67:50:72:e3:16:d3:46:53:96:e8: 17:f2:bf:c8:fe:4c:0b:52:db:75:72:80:2f:42:70:e0:aa:e1: a0:11:a1:1b:30:9c:5a:c9:ef:64:f2:f1:89:69:66:0d:55:97: f3:cf:4f:30 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUKBVL/tbMvvVTzlXhSIrSUNf0J18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MTEyNTEyMzIwNVoX DTI0MTEyNjE1MzMwNVowMzExMC8GA1UEAxMoQUVCRTIzNzA2OTJFRkFGMTFENEU3 NDI5MjI3NTFEODA0RkJEMzRDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOuj2pDFHEbOQ8Zw79j0qqWfq0Ga0G1R2/SYRCKU7o+UzY/FRXwdIkbdFSnm 916eW2ssIGSY2oBXB1PU+0yWTSn4vLve44/ZvEBYISWi2vBaywE2idGFEwCd2wDK q/hyrwmjY5qg0pA5sjlA2/DFInaZI+pueHM1h78n3R4pJ3+jBgS1r3UPUKHSxjyu oiwNGMKb6NOnbDDPXq/myExeV1yczLCzj6bQBpbHkAKUEkRMMMY0DXGFsYs3td8D 8wZ9pT5I3ZPWcm55JpO/6hfwCcB5dkhW4wCZMnHQ9OnGIpBKX64n+WcsZkWzX28U pAKsfoCHQFtXUlCnXEmwSaj2/8cCAwEAAaOCAfUwggHxMB0GA1UdDgQWBBSuviNw aS768R1OdCkidR2AT700wDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwagYIKwYBBQUHAQsEXjBcMFoGCCsGAQUFBzALhk5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvNUExOUQyRkRDODM5MjcyNzY5NkY3MDQ0OUI4QjMy QUY3NzIwOTFBOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHarTYRDE9SZvVHY0hhzb2HvzniJMv2aomhB KXYqqaN8eeFSFDZjTPijPAR4VSuwKxZBYPreenyih76qE4WP6e10Yhp0tfxeBhTg 7M45Y6hoAudPhqCsvN4ksY4inxEtvjjIaRL1H4q9puy8Uxjjc6jh0qhfi47Hdz1c qy/IFzMKehgiX8B1XigmNcv2KOrTWFNZ2jB1YPCRqSSFZUb6A3xYLPsW3hhq9b71 plDnid46gXIN+IGp1Udcu0N6xu11m16Bkata1bei8WbT1+54Z1By4xbTRlOW6Bfy v8j+TAtS23VygC9CcOCq4aARoRswnFrJ72Ty8YlpZg1Vl/PPTzA= -----END CERTIFICATE-----Generated at Mon Nov 25 14:29:06 2024 by rpki-client on console-ams.rpki-client.org