$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: Qa+C3lDCCt1YLcJsBLVbnvCOsyFA1P3HQmKzodVdwvg= Subject key identifier: 68:37:C9:D5:9E:5E:4C:77:3B:1C:61:0A:E5:43:A1:63:7C:1A:15:A9 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 82 Signing time: Sat 23 Nov 2024 04:39:45 +0000 Manifest this update: Sat 23 Nov 2024 04:39:44 +0000 Manifest next update: Sat 30 Nov 2024 04:39:44 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: 9DvypofbYNoTPuq3leTViOvHFpH0L38t5hkjTqi7n3c=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: 3pAbOKyhgObL0Bji+vijkwStbniGqEsVGaDYn8G6gwQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 133 (0x85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Nov 23 04:39:44 2024 GMT Not After : Nov 30 04:39:44 2024 GMT Subject: CN=67415c91-de46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2d:52:dc:d4:4b:3d:a0:33:22:62:6c:89:de: bd:66:52:db:13:4d:38:05:4f:48:c5:b7:19:9f:e4: ba:59:30:72:30:e5:bb:51:4c:0a:15:af:fb:34:e0: 35:ef:d1:86:e5:7e:61:c7:2b:74:84:ed:15:ba:3a: 71:14:d8:08:b6:72:cf:b5:ee:21:55:1b:97:61:57: 18:b7:25:cd:a4:2f:c4:1a:26:2a:c4:89:0a:df:a6: ce:a5:c5:91:da:94:69:00:f3:9b:b3:af:e5:7c:95: 64:fa:52:05:6a:35:5f:50:3c:5b:f5:9d:9c:fe:d0: 6a:31:6d:c5:90:2e:e7:c9:eb:9a:c7:42:1f:19:35: 5a:c4:2d:99:8a:b7:8a:16:43:28:dd:2d:1b:9f:ce: b5:e6:2c:03:cd:6a:e4:a7:d7:74:7d:65:fe:8c:1b: ca:5d:d6:76:69:91:ef:5d:d2:3f:87:47:47:de:d7: e8:bb:bf:8a:66:e1:42:b3:31:5d:f6:d1:cc:34:5b: 9b:9f:2f:54:53:4f:05:62:8f:1b:fa:01:e4:30:b7: 53:45:ac:87:1a:b9:a8:6a:c4:f5:8d:43:b8:40:ff: 7b:e6:0c:1e:82:c7:13:40:69:62:39:81:ea:3d:37: d7:2f:c9:27:b0:94:b0:ec:ce:8d:22:9e:db:76:ad: 3f:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:37:C9:D5:9E:5E:4C:77:3B:1C:61:0A:E5:43:A1:63:7C:1A:15:A9 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:fb:42:87:3d:ac:36:50:83:3e:69:d8:f2:95:2b:f8:f3:0e: d6:05:be:bb:1c:b4:53:de:3b:58:17:6a:04:66:7b:f7:24:9f: f6:f8:7b:a9:ad:00:de:24:79:20:86:b1:ee:28:65:b3:8f:6d: 1d:9a:62:18:15:f3:3d:1f:77:32:da:d1:d4:61:de:b9:34:a3: 77:76:c0:f4:96:04:a9:62:96:b7:4b:bb:1b:e3:18:a9:bf:8f: 88:cd:37:f5:fa:f6:db:97:e8:32:ef:69:0b:7f:aa:10:f9:e8: 35:55:04:20:3b:57:71:76:60:65:80:bb:8c:f6:17:e9:47:d4: 20:75:88:d5:a7:c3:2b:e2:95:88:bd:04:9d:a5:0c:36:f9:69: 98:74:b4:6c:7d:11:af:4c:1c:96:e8:35:eb:e8:d1:8d:d1:ef: 9b:a4:4f:c9:af:13:0a:0b:11:3d:59:39:28:48:72:5c:81:1c: d1:00:b8:41:bd:60:69:d5:b9:44:55:4b:3d:8a:ba:63:d4:26: e5:1e:69:6e:54:7d:6d:1c:5d:49:92:1a:56:3d:64:cb:fe:63: e3:15:8d:dd:70:a0:0f:71:d9:d6:41:fb:02:85:fc:11:30:1d: 9b:be:b7:95:5b:c9:23:a3:e4:5b:f6:9a:e7:d9:73:17:14:64: 46:1a:5c:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjQxMTIzMDQzOTQ0WhcNMjQxMTMwMDQzOTQ0WjAYMRYwFAYD VQQDEw02NzQxNWM5MS1kZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvi1S3NRLPaAzImJsid69ZlLbE004BU9IxbcZn+S6WTByMOW7UUwKFa/7NOA1 79GG5X5hxyt0hO0VujpxFNgItnLPte4hVRuXYVcYtyXNpC/EGiYqxIkK36bOpcWR 2pRpAPObs6/lfJVk+lIFajVfUDxb9Z2c/tBqMW3FkC7nyeuax0IfGTVaxC2ZireK FkMo3S0bn8615iwDzWrkp9d0fWX+jBvKXdZ2aZHvXdI/h0dH3tfou7+KZuFCszFd 9tHMNFubny9UU08FYo8b+gHkMLdTRayHGrmoasT1jUO4QP975gwegscTQGliOYHq PTfXL8knsJSw7M6NIp7bdq0//QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGg3ydWe Xkx3OxxhCuVDoWN8GhWpMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBT+0KHPaw2UIM+adjylSv48w7WBb67HLRT3jtYF2oEZnv3JJ/2+Hup rQDeJHkghrHuKGWzj20dmmIYFfM9H3cy2tHUYd65NKN3dsD0lgSpYpa3S7sb4xip v4+IzTf1+vbbl+gy72kLf6oQ+eg1VQQgO1dxdmBlgLuM9hfpR9QgdYjVp8Mr4pWI vQSdpQw2+WmYdLRsfRGvTByW6DXr6NGN0e+bpE/JrxMKCxE9WTkoSHJcgRzRALhB vWBp1blEVUs9irpj1CblHmluVH1tHF1JkhpWPWTL/mPjFY3dcKAPcdnWQfsChfwR MB2bvreVW8kjo+Rb9prn2XMXFGRGGlxq -----END CERTIFICATE-----Generated at Sat Nov 23 06:13:08 2024 by rpki-client on console-ams.rpki-client.org