$ rpki-client -vvf rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.mft File: nL-xN0vpMpetwbIdvTeY0VvSdN8.mft (raw, json) Hash identifier: awRZf1ils8uIHfxWRTs6eGROpCZDqvAMlLWy3b98XtE= Subject key identifier: 7F:A9:67:91:EB:A7:06:AE:33:98:C9:02:3E:D4:47:AA:9A:0B:90:E7 Authority key identifier: 9C:BF:B1:37:4B:E9:32:97:AD:C1:B2:1D:BD:37:98:D1:5B:D2:74:DF Certificate issuer: /CN=A9152696/serialNumber=9CBFB1374BE93297ADC1B21DBD3798D15BD274DF Certificate serial: 0BE1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL-xN0vpMpetwbIdvTeY0VvSdN8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.mft Manifest number: 0BDA Signing time: Fri 22 Nov 2024 18:29:26 +0000 Manifest this update: Fri 22 Nov 2024 18:29:26 +0000 Manifest next update: Fri 29 Nov 2024 18:29:26 +0000 Files and hashes: 1: nL-xN0vpMpetwbIdvTeY0VvSdN8.crl (hash: nKp+FceEUxOXFHksA/IFSFiIvbIy98089+bUJVbfiEc=) 2: E905CD5808F111EA8E4F1D51C4F9AE02.roa (hash: Ykh/ajdiEQ6UqJC1nIow2mRMlvxbjVdtujI4Th0ysiU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.crl rsync://rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL-xN0vpMpetwbIdvTeY0VvSdN8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:29:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3041 (0xbe1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152696/serialNumber=9CBFB1374BE93297ADC1B21DBD3798D15BD274DF Validity Not Before: Nov 22 18:29:26 2024 GMT Not After : Nov 29 18:29:26 2024 GMT Subject: CN=6740cd86-fb8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e8:a3:14:97:9a:8e:67:57:99:17:6c:7d:4f: b1:44:64:8f:62:b8:9d:13:bf:0c:c0:6f:32:5b:06: dd:b4:80:f8:1a:a7:3d:4e:21:02:5d:4f:9b:d3:7f: 3e:19:a9:f0:31:ec:ba:21:81:21:d2:cc:ae:da:43: 07:06:9f:16:5b:03:f0:c8:3d:57:20:93:6c:60:23: 88:f4:2e:6a:be:08:6c:34:96:6a:95:e2:f4:23:49: fa:71:10:23:b9:cd:44:63:2c:61:e5:71:1e:34:3d: e8:16:99:c7:2c:69:80:fb:42:d0:6c:b9:a9:c6:e2: 82:c8:39:57:09:1d:84:e3:a6:cf:d2:70:7d:83:36: e7:0f:13:6c:70:8b:1e:b9:d2:45:1f:13:10:2f:a2: 64:ae:70:55:6e:d3:9a:7f:f8:dc:f6:01:50:26:94: ec:67:7d:a0:8a:b3:a8:0f:6f:12:2e:cc:ab:15:02: 4b:bf:ff:2c:e6:a3:75:03:58:88:d8:50:39:3b:37: 2f:9a:83:e9:32:cc:52:df:79:d9:65:2a:3c:75:b7: 1c:e4:b0:81:d5:5c:d0:70:e9:41:b1:af:e4:1c:8e: 53:b2:ce:95:51:e8:4e:12:3c:b8:18:12:4d:ca:a5: 6f:d7:17:21:4e:f9:c3:ad:15:8f:bc:7d:3b:95:f8: b7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:A9:67:91:EB:A7:06:AE:33:98:C9:02:3E:D4:47:AA:9A:0B:90:E7 X509v3 Authority Key Identifier: keyid:9C:BF:B1:37:4B:E9:32:97:AD:C1:B2:1D:BD:37:98:D1:5B:D2:74:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL-xN0vpMpetwbIdvTeY0VvSdN8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152696/725CA1D406CD11EAAE5E7934C4F9AE02/nL-xN0vpMpetwbIdvTeY0VvSdN8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption da:c4:d5:ae:af:12:4f:f3:c9:ec:fd:a6:15:a8:1b:14:cd:96: 9e:14:1d:0a:34:fa:cc:6e:f5:3c:ca:85:fd:6b:24:83:55:9d: 41:16:be:61:b6:76:05:39:a3:bf:59:7e:14:b2:eb:b9:a9:50: 5e:f9:2b:67:fc:ae:db:eb:a9:d9:ce:42:50:40:6c:f9:62:ab: c2:bc:2e:ba:bd:16:27:6d:6f:af:be:20:15:f7:dd:5e:c6:59: 9e:13:c0:8e:f5:08:de:f1:33:2e:2e:ec:57:8c:b7:de:a9:7f: 42:a6:0e:6c:b8:eb:f0:54:95:18:81:15:b7:e6:ff:f7:94:1b: 13:68:cf:83:c1:3f:fb:03:b9:37:b7:57:bc:72:b7:45:fd:ed: 57:3b:64:0e:45:f8:57:1f:36:30:e2:d7:a6:79:2a:6b:9b:71: a1:33:cf:f6:40:0d:0c:97:98:12:48:47:da:a8:40:6e:58:1f: cb:f3:c5:e7:bc:c3:8d:6d:27:0d:f8:17:eb:ea:b0:45:3d:5a: ba:43:ce:cc:bf:68:5e:2d:42:13:a1:6d:b8:8a:35:eb:2f:a2: f0:aa:f8:d8:8c:cb:75:3e:c2:fb:47:e7:d8:52:2b:f2:44:f6: a5:d6:3d:b0:12:2b:7b:df:54:88:52:94:ef:58:45:c9:40:cd: 93:70:fb:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI2OTYxMTAvBgNVBAUTKDlDQkZCMTM3NEJFOTMyOTdBREMxQjIxREJEMzc5OEQx NUJEMjc0REYwHhcNMjQxMTIyMTgyOTI2WhcNMjQxMTI5MTgyOTI2WjAYMRYwFAYD VQQDEw02NzQwY2Q4Ni1mYjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzeijFJeajmdXmRdsfU+xRGSPYridE78MwG8yWwbdtID4Gqc9TiECXU+b038+ GanwMey6IYEh0syu2kMHBp8WWwPwyD1XIJNsYCOI9C5qvghsNJZqleL0I0n6cRAj uc1EYyxh5XEeND3oFpnHLGmA+0LQbLmpxuKCyDlXCR2E46bP0nB9gzbnDxNscIse udJFHxMQL6JkrnBVbtOaf/jc9gFQJpTsZ32girOoD28SLsyrFQJLv/8s5qN1A1iI 2FA5OzcvmoPpMsxS33nZZSo8dbcc5LCB1VzQcOlBsa/kHI5Tss6VUehOEjy4GBJN yqVv1xchTvnDrRWPvH07lfi3QwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH+pZ5Hr pwauM5jJAj7UR6qaC5DnMB8GA1UdIwQYMBaAFJy/sTdL6TKXrcGyHb03mNFb0nTf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjY5Ni83MjVDQTFENDA2 Q0QxMUVBQUU1RTc5MzRDNEY5QUUwMi9uTC14TjB2cE1wZXR3YklkdlRlWTBWdlNk TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25MLXhOMHZwTXBldHdiSWR2VGVZMFZ2U2ROOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjY5Ni83MjVDQTFENDA2Q0QxMUVBQUU1RTc5MzRDNEY5QUUwMi9uTC14TjB2cE1w ZXR3YklkdlRlWTBWdlNkTjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDaxNWurxJP88ns/aYVqBsUzZaeFB0KNPrMbvU8yoX9aySDVZ1BFr5h tnYFOaO/WX4Usuu5qVBe+Stn/K7b66nZzkJQQGz5YqvCvC66vRYnbW+vviAV991e xlmeE8CO9Qje8TMuLuxXjLfeqX9Cpg5suOvwVJUYgRW35v/3lBsTaM+DwT/7A7k3 t1e8crdF/e1XO2QORfhXHzYw4temeSprm3GhM8/2QA0Ml5gSSEfaqEBuWB/L88Xn vMONbScN+Bfr6rBFPVq6Q87Mv2heLUIToW24ijXrL6LwqvjYjMt1PsL7R+fYUivy RPal1j2wEit731SIUpTvWEXJQM2TcPtX -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:02 2024 by rpki-client on console-ams.rpki-client.org