$ rpki-client -vvf rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft File: NHTJTDbo-aDToNIuHdoQjNNAqyg.mft (raw, json) Hash identifier: dKfyPcmfxdP6zGyuTTpPtJdTkWCl1TiPt9TDtc5Ok3o= Subject key identifier: 26:EC:86:C0:76:E2:34:11:A0:D9:4C:AE:C9:19:D3:5A:E9:2E:D4:8E Authority key identifier: 34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28 Certificate issuer: /CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28 Certificate serial: 0F3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft Manifest number: 0F17 Signing time: Wed 20 Nov 2024 17:32:39 +0000 Manifest this update: Wed 20 Nov 2024 17:32:38 +0000 Manifest next update: Wed 27 Nov 2024 17:32:38 +0000 Files and hashes: 1: NHTJTDbo-aDToNIuHdoQjNNAqyg.crl (hash: dcHi+VoTTSVY1aTIVooM8LE9qbOsj4lfwlqTFENtuEQ=) 2: B2B24A4221D711EB9CFAC46EC4F9AE02.roa (hash: Wgl12J3aO6xtiEgwwFNRQx2lXEcg0zHav6fTzt5T3BE=) 3: B3682FEC21D711EB9CFAC46EC4F9AE02.roa (hash: Ox9R9PiD8T0HlZTCVj50DkgG3vmsXlU+75pqLoh4Z1Y=) 4: A7BDC50C7A4811EBA907BB5BC4F9AE02.roa (hash: gl6wFA8dPzIoLv1TnXCbO0ajqlLPYVSjBbHWje+e0k8=) 5: B47C278021D711EB9CFAC46EC4F9AE02.roa (hash: 55sVOk6/UnAp/fexIIaN6RRwH8HC98g4QsPN92ZTKEc=) 6: 5E0253B6232111EB9896B783C4F9AE02.roa (hash: Qd2fS017bmmI4dqXgfO7lOJxE7pdpoytjHBgfsVzSRw=) 7: 08CD1510027011EB98FEC44BC4F9AE02.roa (hash: mILgjaEaplyNRnR3VkJIbJkHq2ArOnJINitmDYzwuDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 17:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3898 (0xf3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28 Validity Not Before: Nov 20 17:32:38 2024 GMT Not After : Nov 27 17:32:38 2024 GMT Subject: CN=673e1d37-39a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a3:90:e5:d4:bb:78:13:e5:a0:70:43:9a:2d: 83:6d:a7:33:84:5a:47:e0:f8:3e:55:e0:d0:37:56: a4:e3:58:71:9c:0f:a4:26:71:3a:e6:96:a6:5f:22: 59:89:dc:f8:36:eb:b1:99:fd:a5:64:5c:d5:68:f0: b4:eb:5c:f2:cf:61:61:42:fd:a8:54:70:3d:95:6c: 02:69:d7:bc:d3:3d:0b:b7:50:7c:0b:85:81:88:c7: 4e:aa:99:9a:62:6e:72:2c:d0:75:8e:dd:b6:c9:8f: f6:24:14:e5:36:be:02:03:80:2e:3c:7f:1a:98:ce: 45:66:fa:af:99:e0:f8:da:8b:2b:ae:28:3e:ad:98: 87:ea:f8:73:79:56:02:88:fa:b3:c1:e6:25:05:45: 73:f8:7c:f5:e8:ea:ed:ce:87:52:59:05:9c:ba:66: 32:ed:10:77:03:fe:bd:08:a6:43:9a:eb:b4:76:dc: 8c:ec:6c:cc:a3:20:c9:69:3b:37:2f:2b:67:86:b9: 89:fb:d3:cb:32:4b:3f:6c:9c:52:d8:47:34:6a:1e: 5b:7e:dd:b1:54:55:a3:df:c2:d6:9c:1a:4a:c2:df: 67:1a:12:75:96:f6:94:56:65:49:bf:d2:95:52:1e: a0:9b:6f:46:dc:5b:7e:44:cd:05:bc:db:14:f2:8a: ef:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:EC:86:C0:76:E2:34:11:A0:D9:4C:AE:C9:19:D3:5A:E9:2E:D4:8E X509v3 Authority Key Identifier: keyid:34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:8b:7e:5b:8b:ea:f9:e6:cf:e0:4e:79:df:e4:29:77:d1:7f: 8a:16:27:43:d2:00:90:5f:b9:33:37:34:8c:b1:36:00:ad:5b: 8f:2c:72:15:ad:f7:4e:a5:dd:d3:55:62:40:01:d5:2d:c0:4a: ba:d8:df:9e:c5:83:cc:32:13:f6:32:01:18:e5:58:ee:91:4d: 9a:f9:e5:74:7f:14:24:7b:a0:fb:5a:9d:e9:c5:f6:45:fe:69: e4:f5:af:f1:b4:ce:32:f3:10:4b:54:36:23:1f:91:4f:1b:02: 68:55:84:87:30:d3:aa:7c:9a:08:a6:88:61:0d:87:ab:fd:ee: 88:04:3e:fa:72:e5:5b:69:69:a6:bc:b8:c4:a0:2a:89:15:72: c4:d1:56:6d:48:48:01:68:cf:5c:8d:f2:a8:d4:86:dc:b5:f4: 3f:3f:42:05:13:16:64:44:4c:8c:0b:42:8c:c5:54:5e:c3:d1: bc:96:c9:6d:32:f1:1f:37:6e:a6:95:2c:f7:ac:94:8d:76:f2: 2c:3f:7f:33:cd:6c:af:5d:d7:80:e2:a6:f8:90:8e:36:08:c9: 51:22:6b:43:e8:34:66:8b:b2:34:40:eb:df:f9:4a:c0:e4:d6: 3b:41:6a:0a:ed:d3:ce:a7:c2:82:8c:bc:7a:18:61:7e:90:5c: b5:58:e1:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE2OTAxMTAvBgNVBAUTKDM0NzRDOTRDMzZFOEY5QTBEM0EwRDIyRTFEREExMDhD RDM0MEFCMjgwHhcNMjQxMTIwMTczMjM4WhcNMjQxMTI3MTczMjM4WjAYMRYwFAYD VQQDEw02NzNlMWQzNy0zOWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy6OQ5dS7eBPloHBDmi2DbaczhFpH4Pg+VeDQN1ak41hxnA+kJnE65pamXyJZ idz4Nuuxmf2lZFzVaPC061zyz2FhQv2oVHA9lWwCade80z0Lt1B8C4WBiMdOqpma Ym5yLNB1jt22yY/2JBTlNr4CA4AuPH8amM5FZvqvmeD42osrrig+rZiH6vhzeVYC iPqzweYlBUVz+Hz16OrtzodSWQWcumYy7RB3A/69CKZDmuu0dtyM7GzMoyDJaTs3 LytnhrmJ+9PLMks/bJxS2Ec0ah5bft2xVFWj38LWnBpKwt9nGhJ1lvaUVmVJv9KV Uh6gm29G3Ft+RM0FvNsU8orviQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCbshsB2 4jQRoNlMrskZ01rpLtSOMB8GA1UdIwQYMBaAFDR0yUw26Pmg06DSLh3aEIzTQKso MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTY5MC8xNUI0MUI4ODYz RjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1hRFRvTkl1SGRvUWpOTkFx eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05IVEpURGJvLWFEVG9OSXVIZG9Rak5OQXF5Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTY5MC8xNUI0MUI4ODYzRjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1h RFRvTkl1SGRvUWpOTkFxeWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEi35bi+r55s/gTnnf5Cl30X+KFidD0gCQX7kzNzSMsTYArVuPLHIV rfdOpd3TVWJAAdUtwEq62N+exYPMMhP2MgEY5VjukU2a+eV0fxQke6D7Wp3pxfZF /mnk9a/xtM4y8xBLVDYjH5FPGwJoVYSHMNOqfJoIpohhDYer/e6IBD76cuVbaWmm vLjEoCqJFXLE0VZtSEgBaM9cjfKo1IbctfQ/P0IFExZkREyMC0KMxVRew9G8lslt MvEfN26mlSz3rJSNdvIsP38zzWyvXdeA4qb4kI42CMlRImtD6DRmi7I0QOvf+UrA 5NY7QWoK7dPOp8KCjLx6GGF+kFy1WOE4 -----END CERTIFICATE-----Generated at Wed Nov 20 18:44:49 2024 by rpki-client on console-fra.rpki-client.org