$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft File: NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft (raw, json) Hash identifier: jwTdiUxxf0uCHIEcBNsuiPgTlZ4PDD+/Rei2g33ZHOY= Subject key identifier: 51:C7:5B:6B:FF:1F:00:FA:80:4A:B3:55:DA:47:18:92:07:B7:1C:B5 Authority key identifier: 37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A Certificate issuer: /CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Certificate serial: 10B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft Manifest number: 10A6 Signing time: Sat 18 May 2024 17:55:43 +0000 Manifest this update: Sat 18 May 2024 17:55:43 +0000 Manifest next update: Sat 25 May 2024 17:55:43 +0000 Files and hashes: 1: NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl (hash: EAgLnffavENRU6ODaFVyd+JEQJJ0W1WAYAvuaiuXvns=) 2: 4EF3836CF11C11EB8CA9C866C4F9AE02.roa (hash: gr0W30lQyWPhNAdF+h9Ul0cwBOIMKd+tEg7EdHsI9Yg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4279 (0x10b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Validity Not Before: May 18 17:55:43 2024 GMT Not After : May 25 17:55:43 2024 GMT Subject: CN=6648eb9f-28ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3d:a6:84:f8:1f:54:d8:15:d8:c0:47:be:ab: 3e:59:69:64:ac:6d:ae:50:ea:cf:7a:5c:40:2c:15: e5:7f:88:63:e1:b7:f7:c8:a5:79:4d:f9:e6:49:31: 74:9e:89:5b:3e:5f:61:7b:0d:8c:38:5d:99:0f:7c: 38:f4:b6:d6:d0:e2:d7:31:05:e9:f2:34:2c:69:7d: 2f:c3:b6:39:eb:53:8e:8b:8a:ed:d0:6d:ab:e9:f1: a2:48:e3:86:85:4c:1e:e1:e4:44:6f:99:8d:55:6e: 72:7f:07:a1:2d:73:88:bb:6a:d5:9f:1a:7b:55:16: c4:6f:94:4c:00:92:87:2e:0f:7d:1f:b5:38:33:fe: 09:d6:21:09:20:97:d8:49:ff:88:f0:f5:e6:c6:b3: a9:71:f8:8e:d1:ce:32:ed:53:4f:a5:fb:b2:18:8e: f9:eb:55:9e:5b:00:e1:20:dc:e9:c0:15:d3:1e:82: ee:d7:81:99:98:d3:75:81:13:62:55:4e:3b:61:25: e6:36:06:c6:20:d9:03:04:ff:af:83:0a:81:b7:fd: f9:5e:12:ff:ca:b9:b5:1d:65:e6:45:e7:43:2f:50: 56:88:ed:c5:82:c1:2c:b8:8c:2b:85:72:b8:9a:f1: c2:dd:f2:9c:33:fb:2c:64:64:0e:7f:3b:3f:6e:62: 05:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:C7:5B:6B:FF:1F:00:FA:80:4A:B3:55:DA:47:18:92:07:B7:1C:B5 X509v3 Authority Key Identifier: keyid:37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:d2:a4:36:1c:8f:71:76:16:30:c4:95:7e:ab:46:cd:e5:0b: 59:45:0f:9e:6b:8c:8d:ef:dc:26:ad:dc:5c:f3:3b:5b:de:54: 7d:69:b0:db:17:ab:18:22:c0:ce:84:7d:57:b4:53:91:55:08: b4:ae:bf:96:54:24:64:17:d6:24:23:90:1b:76:56:d5:c2:ce: e2:82:f1:ee:fe:52:52:35:a9:31:f8:e3:08:8d:63:f5:5b:66: 54:2e:7f:6a:d6:99:d4:88:f9:68:02:d5:98:81:ed:52:d2:02: fa:54:18:02:f0:99:fe:42:c1:db:f8:82:1a:cb:39:3a:d5:38: 90:c6:fc:a3:67:12:ea:1f:41:03:e3:56:e9:0b:7f:1d:b2:3a: b7:2c:e3:de:0f:67:3f:33:46:7f:32:97:29:4d:08:0f:62:d8: 1f:e4:b5:a9:c8:7b:fa:31:ad:97:df:94:a7:a7:3b:06:34:d1: 0d:9e:06:ec:e2:d1:a4:4c:19:91:fb:cc:61:79:51:7c:20:5e: 6c:0c:8b:bf:d2:87:cd:85:c8:e9:6e:93:ce:6f:3a:67:ef:0f: 83:e9:5e:48:af:6a:f5:db:7e:5f:f9:ce:ff:4b:86:05:4c:49: c3:80:b5:dc:a5:ad:33:b4:c7:be:7e:85:d1:1d:b3:f1:6a:ab: dc:51:7c:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICELcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU3REUxMTAvBgNVBAUTKDM3MTI3M0NGRDhDMkM5MDhCNjkxRDZCRUExNzVFOERF ODJCRDQzOUEwHhcNMjQwNTE4MTc1NTQzWhcNMjQwNTI1MTc1NTQzWjAYMRYwFAYD VQQDEw02NjQ4ZWI5Zi0yOGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxz2mhPgfVNgV2MBHvqs+WWlkrG2uUOrPelxALBXlf4hj4bf3yKV5TfnmSTF0 nolbPl9hew2MOF2ZD3w49LbW0OLXMQXp8jQsaX0vw7Y561OOi4rt0G2r6fGiSOOG hUwe4eREb5mNVW5yfwehLXOIu2rVnxp7VRbEb5RMAJKHLg99H7U4M/4J1iEJIJfY Sf+I8PXmxrOpcfiO0c4y7VNPpfuyGI7561WeWwDhINzpwBXTHoLu14GZmNN1gRNi VU47YSXmNgbGINkDBP+vgwqBt/35XhL/yrm1HWXmRedDL1BWiO3FgsEsuIwrhXK4 mvHC3fKcM/ssZGQOfzs/bmIFdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFHHW2v/ HwD6gEqzVdpHGJIHtxy1MB8GA1UdIwQYMBaAFDcSc8/YwskItpHWvqF16N6CvUOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTdERS9DRUUzRDcxODA0 RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lRaTJrZGEtb1hYbzNvSzlR NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL054Snp6OWpDeVFpMmtkYS1vWFhvM29LOVE1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTdERS9DRUUzRDcxODA0RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lR aTJrZGEtb1hYbzNvSzlRNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH0qQ2HI9xdhYwxJV+q0bN5QtZRQ+ea4yN79wmrdxc8ztb3lR9abDb F6sYIsDOhH1XtFORVQi0rr+WVCRkF9YkI5AbdlbVws7igvHu/lJSNakx+OMIjWP1 W2ZULn9q1pnUiPloAtWYge1S0gL6VBgC8Jn+QsHb+IIayzk61TiQxvyjZxLqH0ED 41bpC38dsjq3LOPeD2c/M0Z/MpcpTQgPYtgf5LWpyHv6Ma2X35SnpzsGNNENngbs 4tGkTBmR+8xheVF8IF5sDIu/0ofNhcjpbpPObzpn7w+D6V5Ir2r1235f+c7/S4YF TEnDgLXcpa0ztMe+foXRHbPxaqvcUXx/ -----END CERTIFICATE-----Generated at Sat May 18 19:15:26 2024 by rpki-client on console-ams.rpki-client.org