$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: 60hX0RHvzb3C2JRNU3KRyRvRFREoyF4WE/R13sKNI8s= Subject key identifier: 28:B5:24:55:9B:03:5E:04:66:B7:FE:36:BA:20:4B:A7:B9:D1:F2:2E Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 01D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 01D5 Signing time: Sat 23 Nov 2024 01:43:33 +0000 Manifest this update: Sat 23 Nov 2024 01:43:33 +0000 Manifest next update: Sat 30 Nov 2024 01:43:33 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: IpUFwBjMndvavGIVxax5haXFQOQ1+0cxh4BnN8OW86Q=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: Tnx2Z5nAikiyTdOaTCX/ncL6S79XtcR6l/WD0Ni24yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 472 (0x1d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Nov 23 01:43:33 2024 GMT Not After : Nov 30 01:43:33 2024 GMT Subject: CN=67413345-9c28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ad:8b:14:43:78:00:05:c2:f0:d9:64:7a:48: fb:a7:9f:37:49:5d:95:2b:9a:bd:3e:35:3b:0f:a6: 41:ee:12:a9:ef:b8:10:8a:a2:27:e4:95:d5:47:eb: ac:90:74:0d:60:c0:58:f7:a9:d8:82:db:a6:91:92: a8:8f:22:a5:10:35:7a:b0:58:7a:6c:7d:2a:a9:03: 7f:9c:6c:29:6e:73:65:08:60:5d:fb:71:f9:d1:e5: 0f:1c:55:aa:91:a5:2b:a2:ae:89:6f:7b:73:55:6b: 13:21:da:1e:f0:5a:4f:38:3b:b3:57:96:bd:26:75: 8c:83:bd:25:1b:e1:aa:b0:82:4d:ec:01:3f:3b:dc: c9:9f:e7:5f:59:a3:05:51:bc:c9:ab:93:de:ed:b5: 9b:bd:0e:d9:4f:bc:3e:95:1a:52:d4:7a:4c:a8:1c: c1:74:b3:ea:e6:f0:14:37:fe:40:e8:29:12:22:4b: f1:2c:8d:39:99:5e:1d:51:3d:4f:91:7a:dd:68:21: d3:53:0e:8f:dd:69:3c:d4:bc:80:2b:1e:1f:47:e0: 5e:7d:51:1b:72:24:bd:f4:3d:0e:a5:f0:6c:f9:38: 53:00:7c:aa:94:fb:46:21:8f:83:dd:de:53:12:3b: c9:c5:a3:c5:cf:5b:55:a3:78:a6:93:e0:a3:96:76: 27:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:B5:24:55:9B:03:5E:04:66:B7:FE:36:BA:20:4B:A7:B9:D1:F2:2E X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:6f:45:64:b8:dc:05:00:85:e6:57:d1:75:0e:38:e2:6e:f8: 2c:c0:a2:42:bd:7f:43:82:b7:61:eb:b3:97:54:6a:ed:5b:50: 9f:0d:cc:2c:30:97:f9:ff:ba:15:da:16:c2:de:22:49:6b:1a: ae:fe:4a:79:43:77:29:b5:9f:8f:7b:b1:e7:a3:05:ac:f0:3b: a7:e5:1e:ea:c7:ba:6f:74:06:c0:59:48:c3:be:76:12:91:e2: 4f:75:5b:95:62:8a:15:df:7d:c9:8e:be:27:ea:8c:ad:c3:7c: 24:73:f2:70:f6:30:05:4a:84:f8:ab:7e:61:56:5b:6c:9e:03: 22:db:c4:8e:d8:3e:c6:71:a6:30:5c:6b:5c:4b:fa:8f:d7:5e: 8e:0a:f3:9c:22:84:85:da:d7:60:56:30:bd:db:04:21:55:cb: b8:3f:65:fb:73:66:31:38:c1:63:6f:8d:31:97:a5:72:a8:07: 89:3c:2b:28:04:13:cc:bb:e7:f5:14:69:15:82:97:8d:29:24: 88:40:a2:c3:49:d8:9f:77:44:79:9d:b8:a2:05:3d:d7:bd:f3: af:68:35:9d:30:0d:c8:d3:37:3e:8f:0e:54:1c:ed:37:2b:ea: e4:30:5d:45:d9:7a:cf:d2:ee:f9:f6:e6:55:9a:ec:ff:3b:a4: 19:f1:7b:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjQxMTIzMDE0MzMzWhcNMjQxMTMwMDE0MzMzWjAYMRYwFAYD VQQDEw02NzQxMzM0NS05YzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7K2LFEN4AAXC8Nlkekj7p583SV2VK5q9PjU7D6ZB7hKp77gQiqIn5JXVR+us kHQNYMBY96nYgtumkZKojyKlEDV6sFh6bH0qqQN/nGwpbnNlCGBd+3H50eUPHFWq kaUroq6Jb3tzVWsTIdoe8FpPODuzV5a9JnWMg70lG+GqsIJN7AE/O9zJn+dfWaMF UbzJq5Pe7bWbvQ7ZT7w+lRpS1HpMqBzBdLPq5vAUN/5A6CkSIkvxLI05mV4dUT1P kXrdaCHTUw6P3Wk81LyAKx4fR+BefVEbciS99D0OpfBs+ThTAHyqlPtGIY+D3d5T EjvJxaPFz1tVo3imk+CjlnYnrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCi1JFWb A14EZrf+NrogS6e50fIuMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyb0VkuNwFAIXmV9F1DjjibvgswKJCvX9Dgrdh67OXVGrtW1CfDcws MJf5/7oV2hbC3iJJaxqu/kp5Q3cptZ+Pe7HnowWs8Dun5R7qx7pvdAbAWUjDvnYS keJPdVuVYooV333Jjr4n6oytw3wkc/Jw9jAFSoT4q35hVltsngMi28SO2D7GcaYw XGtcS/qP116OCvOcIoSF2tdgVjC92wQhVcu4P2X7c2YxOMFjb40xl6VyqAeJPCso BBPMu+f1FGkVgpeNKSSIQKLDSdifd0R5nbiiBT3XvfOvaDWdMA3I0zc+jw5UHO03 K+rkMF1F2XrP0u759uZVmuz/O6QZ8XuA -----END CERTIFICATE-----Generated at Sat Nov 23 02:33:46 2024 by rpki-client on console-fra.rpki-client.org