$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: Huy4gDxFZv/AYiIYWgPuGvZ8fDM4TNUszV2B6OeV+8o= Subject key identifier: 9B:A5:BE:3E:55:E2:C9:F2:E6:97:6B:B8:40:C4:9A:DA:EC:CB:49:D5 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 23 Signing time: Sun 19 May 2024 08:35:00 +0000 Manifest this update: Sun 19 May 2024 08:34:59 +0000 Manifest next update: Sun 26 May 2024 08:34:59 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: eKn5f9IZMrE9GPcs9ekpdTqE+Y8jwGENvvW0zVSUmCQ=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: 3pAbOKyhgObL0Bji+vijkwStbniGqEsVGaDYn8G6gwQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: May 19 08:34:59 2024 GMT Not After : May 26 08:34:59 2024 GMT Subject: CN=6649b9b4-490f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ed:11:cb:1b:81:c3:9e:30:b3:0d:f4:4c:1f: ef:aa:e1:08:dc:80:28:74:ed:e9:5d:e4:a8:e4:10: 11:06:81:80:ca:3e:c4:67:07:1e:e5:e8:de:c1:af: 9b:3b:96:28:c8:a2:93:8c:a0:cd:d7:7c:38:68:27: 0f:61:d6:0c:2b:84:d2:8f:78:88:cb:ca:d5:65:8e: a8:fb:40:cd:10:da:63:22:b7:2f:03:b2:d6:d4:3f: b7:68:4e:27:d0:2c:aa:1a:40:eb:c2:76:62:0e:2e: f8:14:85:24:36:4a:bc:a0:7a:e4:5e:1a:fa:72:9f: a3:54:b7:52:46:21:c0:03:25:7a:63:7e:0f:8b:03: 1c:31:9c:88:43:eb:f1:fd:f3:13:f6:65:e7:89:44: e6:39:35:d3:c0:29:39:b0:02:b9:c4:5f:e4:7d:15: 9e:02:9d:fd:32:69:5f:05:e3:f9:44:cf:6c:ec:43: 2a:10:9e:5b:76:e2:cb:60:07:9d:7d:4f:30:37:a1: c9:6e:6c:06:33:71:31:dd:8e:73:33:1f:1f:d8:44: 5f:86:d8:a6:b4:89:fd:eb:f5:0f:b5:4b:47:3f:7f: 1a:e5:8f:0f:38:28:5b:c5:a5:6d:f4:98:a9:02:7e: bc:f1:45:c3:fc:ee:62:38:11:10:8d:f7:5d:f0:47: a4:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:A5:BE:3E:55:E2:C9:F2:E6:97:6B:B8:40:C4:9A:DA:EC:CB:49:D5 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:6a:14:af:2c:88:8d:8b:43:24:05:c5:c0:5e:b0:25:0d:4b: fb:02:65:f2:a5:84:08:82:be:ab:cc:d0:eb:53:b0:2b:9b:39: 35:94:16:7f:e7:15:cc:0a:66:ce:c0:17:a1:15:f1:aa:de:e4: 62:12:47:c1:e6:95:aa:49:6e:7a:82:35:df:b8:fd:a3:9a:15: 3b:cd:28:92:94:0f:39:b4:5b:5f:2f:ca:d4:ff:1a:f1:c9:a8: 9b:4f:a6:94:8d:c6:0c:f9:d1:a7:75:31:c5:5d:64:c2:be:88: 45:28:f4:63:ce:01:47:72:5a:11:bb:8e:cc:b5:46:77:8f:bc: 01:1d:2e:46:10:10:dd:6f:db:34:71:61:16:62:4b:dd:0b:d4: 81:1f:0f:f5:f6:30:3b:ea:3a:74:c8:3c:95:b0:46:b6:02:31: aa:c3:c3:52:77:63:d2:05:f0:81:48:da:1e:76:ac:e7:45:be: 60:3c:42:40:df:90:7c:be:b2:fb:52:23:a3:49:ad:8e:46:55: 75:8c:bb:ac:ab:dc:ca:10:c3:82:b1:1f:4a:05:ad:e7:d5:b7: cd:7f:59:20:f0:31:d7:ff:f1:7c:0e:d0:8d:37:4f:92:f0:ce: e4:fa:11:d6:38:4f:1a:9a:68:38:f3:08:f0:22:a9:c4:71:bc: c1:74:f8:e5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NkFGRjExMC8GA1UEBRMoMzU3QTE3OUNERDBBRjlBM0ZCMDNFMTc3RDZBNDNGQjhB NTc3NTRFMDAeFw0yNDA1MTkwODM0NTlaFw0yNDA1MjYwODM0NTlaMBgxFjAUBgNV BAMTDTY2NDliOWI0LTQ5MGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF7RHLG4HDnjCzDfRMH++q4QjcgCh07eld5KjkEBEGgYDKPsRnBx7l6N7Br5s7 lijIopOMoM3XfDhoJw9h1gwrhNKPeIjLytVljqj7QM0Q2mMity8DstbUP7doTifQ LKoaQOvCdmIOLvgUhSQ2SrygeuReGvpyn6NUt1JGIcADJXpjfg+LAxwxnIhD6/H9 8xP2ZeeJROY5NdPAKTmwArnEX+R9FZ4Cnf0yaV8F4/lEz2zsQyoQnlt24stgB519 TzA3oclubAYzcTHdjnMzHx/YRF+G2Ka0if3r9Q+1S0c/fxrljw84KFvFpW30mKkC frzxRcP87mI4ERCN913wR6RbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUm6W+PlXi yfLml2u4QMSa2uzLSdUwHwYDVR0jBBgwFoAUNXoXnN0K+aP7A+F31qQ/uKV3VOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY2QUZGLzQwQ0QxQjU0RTUw MjExRUU5QUJGNzY1NUM0RjlBRTAyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTlhvWG5OMEstYVA3QS1GMzFxUV91S1YzVk9BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY2 QUZGLzQwQ0QxQjU0RTUwMjExRUU5QUJGNzY1NUM0RjlBRTAyL05Yb1huTjBLLWFQ N0EtRjMxcVFfdUtWM1ZPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJZqFK8siI2LQyQFxcBesCUNS/sCZfKlhAiCvqvM0OtTsCubOTWUFn/n FcwKZs7AF6EV8are5GISR8HmlapJbnqCNd+4/aOaFTvNKJKUDzm0W18vytT/GvHJ qJtPppSNxgz50ad1McVdZMK+iEUo9GPOAUdyWhG7jsy1RnePvAEdLkYQEN1v2zRx YRZiS90L1IEfD/X2MDvqOnTIPJWwRrYCMarDw1J3Y9IF8IFI2h52rOdFvmA8QkDf kHy+svtSI6NJrY5GVXWMu6yr3MoQw4KxH0oFrefVt81/WSDwMdf/8XwO0I03T5Lw zuT6EdY4TxqaaDjzCPAiqcRxvMF0+OU= -----END CERTIFICATE-----Generated at Sun May 19 09:04:13 2024 by rpki-client on console-fra.rpki-client.org