$ rpki-client -vvf rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft File: NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft (raw, json) Hash identifier: 49En0sTnl/EljeAq8+xxyxTKufXSteI1W2oJZrY9fTs= Subject key identifier: 33:64:B1:DF:F0:94:4E:B5:FB:A1:47:9A:A7:13:07:FE:55:3D:E9:CB Authority key identifier: 34:80:C5:65:23:34:8D:DA:BA:30:3E:31:F2:2D:FA:36:3F:88:7E:8F Certificate issuer: /CN=A91C779D/serialNumber=3480C56523348DDABA303E31F22DFA363F887E8F Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft Manifest number: 21 Signing time: Sun 19 May 2024 08:34:31 +0000 Manifest this update: Sun 19 May 2024 08:34:31 +0000 Manifest next update: Sun 26 May 2024 08:34:31 +0000 Files and hashes: 1: NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl (hash: 0n938w2yq9KtjDqIPC1C1jAAjAB9yXOc+gMTfTp+ht4=) 2: 0BBBE2B2E2B211EEACBA3341C4F9AE02.roa (hash: sKM3XWxgShyOJLKm7YJ4ZHKrS+hkWvA5sgaxqZc+rRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 02:50:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C779D/serialNumber=3480C56523348DDABA303E31F22DFA363F887E8F Validity Not Before: May 19 08:34:31 2024 GMT Not After : May 26 08:34:31 2024 GMT Subject: CN=6649b997-2c80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b1:ab:a0:8b:2a:63:6e:50:5c:38:ad:ff:29: f3:61:5c:21:b3:d3:75:dc:ee:97:05:35:ca:b5:11: 57:21:76:e2:51:6a:a0:cc:75:55:82:4d:11:0a:64: f9:d7:c3:a8:4f:f6:cc:f7:92:96:a0:76:5e:e2:8f: bc:a7:32:1b:63:a6:6d:fc:fd:30:46:38:4b:6c:69: a3:0a:98:28:59:6d:37:93:fb:ca:78:fb:7d:d7:08: b1:a7:7a:fa:a5:b8:4a:56:6d:74:f6:d5:26:82:ff: 6b:4a:e0:c1:bc:75:ba:08:9d:6d:b0:09:56:4a:55: d5:14:8e:8d:62:b3:0b:a5:cf:cb:68:eb:c4:5c:e3: e3:7a:8f:1e:3f:5b:7a:be:78:74:3e:c0:20:23:5b: d2:79:43:bc:97:9b:54:52:d5:83:ab:c3:9a:5f:13: 9e:9a:1c:ab:c0:b8:9a:f5:df:c9:4e:d2:60:77:57: 02:51:4c:94:4f:2d:23:c5:6c:49:ca:5f:bf:85:a8: d1:57:da:59:54:82:a7:97:21:b9:38:8a:03:eb:18: d6:c1:7e:91:95:d5:31:21:de:ea:45:c7:77:3b:52: 73:a3:7b:2a:c8:fd:cb:cb:a7:d0:71:e9:08:a8:9b: bd:5e:aa:77:3d:51:49:87:9c:51:47:70:45:c7:4a: 45:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:64:B1:DF:F0:94:4E:B5:FB:A1:47:9A:A7:13:07:FE:55:3D:E9:CB X509v3 Authority Key Identifier: keyid:34:80:C5:65:23:34:8D:DA:BA:30:3E:31:F2:2D:FA:36:3F:88:7E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C779D/460D1C5AE2AE11EE86F33C1EC4F9AE02/NIDFZSM0jdq6MD4x8i36Nj-Ifo8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:cb:16:e4:a2:93:fd:0c:c0:1a:29:68:12:45:66:7f:ff:f5: 11:1f:27:03:fd:76:4d:bf:fa:15:0c:52:74:49:07:f1:a5:f8: 75:18:a5:34:58:2d:08:e2:17:b6:82:76:f1:59:84:71:fb:0e: d5:58:a3:51:f3:15:de:e4:5a:12:96:5c:73:d1:ff:b1:00:b3: fe:6e:3a:9f:fa:05:b3:b0:dc:27:f5:f3:21:52:7e:74:e2:dd: c0:fc:80:01:53:3b:72:94:48:a5:74:8b:e7:8b:00:e5:f6:5c: 37:67:d7:56:24:36:49:74:bc:e8:35:66:e4:92:a4:fa:49:a8: 74:7d:6d:a5:c0:81:90:ee:80:ad:c8:3f:2a:19:1b:ba:dd:97: b5:24:b6:dd:3d:84:e2:0b:3d:83:92:c2:ff:55:df:5f:e1:e0: b3:1b:12:a7:d0:df:46:d6:59:d1:99:16:2d:d8:3c:98:8b:24: 3c:8c:63:e3:28:77:fb:89:9e:21:7a:b0:31:6d:ed:fe:56:4b: 1a:b2:d1:d9:5b:b6:99:22:a0:45:3f:88:84:39:c9:aa:bd:54: 41:29:45:2a:a6:45:d6:69:9b:59:dc:54:cf:a6:f0:a3:73:2b: 12:2e:59:5b:4f:39:57:7b:c0:f8:48:06:cd:45:a1:23:57:f0: b6:d5:2d:68 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD Nzc5RDExMC8GA1UEBRMoMzQ4MEM1NjUyMzM0OEREQUJBMzAzRTMxRjIyREZBMzYz Rjg4N0U4RjAeFw0yNDA1MTkwODM0MzFaFw0yNDA1MjYwODM0MzFaMBgxFjAUBgNV BAMTDTY2NDliOTk3LTJjODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvsaugiypjblBcOK3/KfNhXCGz03Xc7pcFNcq1EVchduJRaqDMdVWCTREKZPnX w6hP9sz3kpagdl7ij7ynMhtjpm38/TBGOEtsaaMKmChZbTeT+8p4+33XCLGnevql uEpWbXT21SaC/2tK4MG8dboInW2wCVZKVdUUjo1iswulz8to68Rc4+N6jx4/W3q+ eHQ+wCAjW9J5Q7yXm1RS1YOrw5pfE56aHKvAuJr138lO0mB3VwJRTJRPLSPFbEnK X7+FqNFX2llUgqeXIbk4igPrGNbBfpGV1TEh3upFx3c7UnOjeyrI/cvLp9Bx6Qio m71eqnc9UUmHnFFHcEXHSkUXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUM2Sx3/CU TrX7oUeapxMH/lU96cswHwYDVR0jBBgwFoAUNIDFZSM0jdq6MD4x8i36Nj+Ifo8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3NzlELzQ2MEQxQzVBRTJB RTExRUU4NkYzM0MxRUM0RjlBRTAyL05JREZaU00wamRxNk1ENHg4aTM2TmotSWZv OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTklERlpTTTBqZHE2TUQ0eDhpMzZOai1JZm84LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 NzlELzQ2MEQxQzVBRTJBRTExRUU4NkYzM0MxRUM0RjlBRTAyL05JREZaU00wamRx Nk1ENHg4aTM2TmotSWZvOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHbLFuSik/0MwBopaBJFZn//9REfJwP9dk2/+hUMUnRJB/Gl+HUYpTRY LQjiF7aCdvFZhHH7DtVYo1HzFd7kWhKWXHPR/7EAs/5uOp/6BbOw3Cf18yFSfnTi 3cD8gAFTO3KUSKV0i+eLAOX2XDdn11YkNkl0vOg1ZuSSpPpJqHR9baXAgZDugK3I PyoZG7rdl7Uktt09hOILPYOSwv9V31/h4LMbEqfQ30bWWdGZFi3YPJiLJDyMY+Mo d/uJniF6sDFt7f5WSxqy0dlbtpkioEU/iIQ5yaq9VEEpRSqmRdZpm1ncVM+m8KNz KxIuWVtPOVd7wPhIBs1FoSNX8LbVLWg= -----END CERTIFICATE-----Generated at Sun May 19 09:04:14 2024 by rpki-client on console-fra.rpki-client.org