$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft File: NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json) Hash identifier: rpL6v96OZYs8KTlRW4HyPULqO1EZz1cnAcA6tx54uJk= Subject key identifier: 4B:07:A9:DD:02:28:91:EA:50:D2:28:8B:E9:AE:1E:FC:12:92:13:C9 Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 Certificate issuer: /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Certificate serial: 01ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft Manifest number: 01E9 Signing time: Wed 01 May 2024 04:36:26 +0000 Manifest this update: Wed 01 May 2024 04:36:26 +0000 Manifest next update: Wed 08 May 2024 04:36:26 +0000 Files and hashes: 1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: 4gKus7If9hlDYypy9tldCfYxD9yQQQyhk5c2akDMWD0=) 2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: ohpq6w4FsQ6m2qtbeIH2kHfbJGiR8GKYHoRy8L7uggA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 03:45:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 493 (0x1ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5 Validity Not Before: May 1 04:36:26 2024 GMT Not After : May 8 04:36:26 2024 GMT Subject: CN=6631c6ca-84a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:df:fc:86:76:73:10:f6:73:1e:2a:e4:a8:fd: 95:be:55:7c:98:33:7e:70:a2:fb:54:e3:0a:49:e3: 74:c5:94:40:a4:d4:3e:60:7e:37:c2:94:2b:41:42: a9:58:f6:bb:91:00:7d:af:a9:ab:78:70:6a:24:83: f7:5e:21:cd:82:bc:37:25:00:c2:22:06:49:fc:90: 01:56:10:39:d2:41:4c:ac:4f:7a:97:e3:24:e0:58: 66:6e:d6:42:35:6f:4a:af:48:0c:25:1a:2b:7c:f5: e8:4f:60:19:86:0a:a6:07:29:78:b0:91:36:ae:ec: 38:35:ed:ea:0a:51:1a:cf:bb:3e:0f:59:06:a8:a0: 96:73:63:06:01:2b:39:c7:b9:40:56:b7:f2:a1:ea: 9d:d0:40:e5:9d:fa:e7:02:d3:55:12:58:a0:76:14: b9:16:bd:9e:11:35:ba:e4:62:27:ae:58:7b:7e:65: e9:ea:09:3c:0b:ef:ad:a0:e5:7e:f7:96:61:b0:29: 03:43:33:b5:a7:19:ea:f8:30:cc:62:1a:46:0e:d6: 83:57:eb:80:61:16:06:c2:a3:1a:20:ce:97:7a:c7: dc:59:fe:d1:ab:50:07:48:cb:a8:bc:38:87:96:48: 9b:07:fd:8b:d5:04:9c:f8:13:37:59:42:e1:48:72: 69:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:07:A9:DD:02:28:91:EA:50:D2:28:8B:E9:AE:1E:FC:12:92:13:C9 X509v3 Authority Key Identifier: keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:e8:c8:2b:69:c6:93:fa:c2:83:e0:07:32:db:9a:e5:e8:ee: fc:b0:37:3f:39:4c:15:35:2b:2d:2d:3c:e5:e0:1d:a1:9f:5b: bd:11:4b:53:8d:7b:a3:a1:ee:df:1d:e0:d3:e5:7e:d4:7f:f4: 76:cf:56:56:b7:42:73:b1:43:94:58:90:42:8b:80:56:c4:f3: 57:93:d7:4b:fd:8e:bc:d4:de:79:19:01:22:36:3a:b9:23:64: e3:a5:96:20:fc:f5:42:1d:29:7e:ab:ba:3b:eb:f3:40:f9:1e: 08:15:b0:c9:12:1d:f3:a9:93:43:71:76:65:f9:be:f4:8d:03: 89:88:6c:57:8a:53:24:31:8d:37:d0:2c:47:30:20:af:84:62: 2a:3b:9d:d2:79:16:6e:ff:57:81:a9:f1:49:fc:f4:f0:90:34: 9b:4b:94:3b:0c:fd:ce:a7:84:48:1b:c3:3a:ec:43:d8:dc:d5: 16:56:c2:b8:d6:60:35:91:9f:d7:60:8c:80:67:cf:13:8e:dc: 34:fe:02:5a:90:03:1d:d2:3c:c5:a2:a1:1c:2c:e2:b5:39:21: fb:67:07:b9:11:80:27:0b:5b:db:e9:fa:b3:66:49:64:ea:65: 33:96:e7:36:b1:08:c2:1d:aa:0f:1b:97:52:e9:6d:15:ea:23: cc:b1:d1:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw RkE2NzRCQjUwHhcNMjQwNTAxMDQzNjI2WhcNMjQwNTA4MDQzNjI2WjAYMRYwFAYD VQQDEw02NjMxYzZjYS04NGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmt/8hnZzEPZzHirkqP2VvlV8mDN+cKL7VOMKSeN0xZRApNQ+YH43wpQrQUKp WPa7kQB9r6mreHBqJIP3XiHNgrw3JQDCIgZJ/JABVhA50kFMrE96l+Mk4FhmbtZC NW9Kr0gMJRorfPXoT2AZhgqmByl4sJE2ruw4Ne3qClEaz7s+D1kGqKCWc2MGASs5 x7lAVrfyoeqd0EDlnfrnAtNVEligdhS5Fr2eETW65GInrlh7fmXp6gk8C++toOV+ 95ZhsCkDQzO1pxnq+DDMYhpGDtaDV+uAYRYGwqMaIM6XesfcWf7Rq1AHSMuovDiH lkibB/2L1QSc+BM3WULhSHJpSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEsHqd0C KJHqUNIoi+muHvwSkhPJMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5 MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5 b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH6MgracaT+sKD4Acy25rl6O78sDc/OUwVNSstLTzl4B2hn1u9EUtT jXujoe7fHeDT5X7Uf/R2z1ZWt0JzsUOUWJBCi4BWxPNXk9dL/Y681N55GQEiNjq5 I2TjpZYg/PVCHSl+q7o76/NA+R4IFbDJEh3zqZNDcXZl+b70jQOJiGxXilMkMY03 0CxHMCCvhGIqO53SeRZu/1eBqfFJ/PTwkDSbS5Q7DP3Op4RIG8M67EPY3NUWVsK4 1mA1kZ/XYIyAZ88Tjtw0/gJakAMd0jzFoqEcLOK1OSH7Zwe5EYAnC1vb6fqzZklk 6mUzluc2sQjCHaoPG5dS6W0V6iPMsdHG -----END CERTIFICATE-----Generated at Wed May 1 05:55:39 2024 by rpki-client on console-ams.rpki-client.org