$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: 3WAQtNl9T0Dp7qRQGmjr4bKZOd2ifnidvBJs6L0AKpk= Subject key identifier: E1:93:7A:94:05:A5:E9:8B:FB:D5:EF:AE:CB:00:0E:03:F4:83:1C:16 Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 21 Signing time: Wed 15 May 2024 08:46:32 +0000 Manifest this update: Wed 15 May 2024 08:46:31 +0000 Manifest next update: Wed 22 May 2024 08:46:31 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: zCBsOLp5f++BEkd1zLia0uQmctkfWEP3Sj6ez8r7zDY=) 2: 8CCF47C0E50211EE8E8A4156C4F9AE02.roa (hash: 3pAbOKyhgObL0Bji+vijkwStbniGqEsVGaDYn8G6gwQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 08:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: May 15 08:46:31 2024 GMT Not After : May 22 08:46:31 2024 GMT Subject: CN=66447668-bbf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7d:d0:d5:d9:82:7f:df:87:eb:19:87:d1:d1: 07:50:c8:a6:11:ba:14:00:bc:3b:24:78:49:b2:ce: 1a:e7:a5:bc:18:23:97:8b:e0:30:2f:14:92:f0:92: dc:81:32:80:7a:83:59:95:67:e4:00:bd:80:1d:e0: 43:1f:d9:01:dd:22:35:7e:a4:22:6a:d1:10:9e:36: 32:55:81:52:fa:3e:e1:11:85:82:5f:73:5b:a6:ea: 71:6f:2e:b2:99:f6:35:2d:91:17:ac:20:91:8c:d4: 7c:bd:b7:76:df:76:aa:05:80:ed:b1:d6:b4:1e:70: 6f:c8:ea:42:8b:9d:e8:ad:31:24:5f:29:88:42:48: 1e:6d:68:cd:85:65:73:28:9c:52:d4:9b:6c:53:36: 17:c6:0c:20:e7:9e:1f:92:fd:b6:00:dc:22:ec:15: 84:d0:4e:f7:7b:55:1b:f9:51:8a:b2:f2:8e:d4:b0: 4c:c4:61:38:ec:29:f2:7b:75:f2:88:70:f2:09:39: 1d:e4:f8:bd:60:5f:6e:e7:c4:69:49:58:24:08:da: 1a:ab:02:7e:29:b5:81:b5:53:eb:4a:06:41:ad:d7: 9d:cc:b5:79:b8:10:fa:98:1b:dd:78:8f:22:12:91: cf:a8:8b:c5:08:56:56:d5:da:5f:6f:a7:db:9d:ff: e7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:93:7A:94:05:A5:E9:8B:FB:D5:EF:AE:CB:00:0E:03:F4:83:1C:16 X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:ac:e0:60:79:fb:66:76:ae:8b:47:1c:fc:6b:82:d3:45:29: 10:53:dd:9c:f6:5e:f2:63:09:f7:11:86:6a:f8:d8:6b:99:60: cf:7c:4c:e6:62:d9:70:09:79:4f:c1:ee:f3:af:cb:aa:74:a0: 4b:45:ab:0c:03:bd:f9:18:e6:5d:4d:d5:f1:a8:16:4e:d5:ef: a1:06:24:0a:19:b9:2b:53:15:a2:95:08:66:d1:3c:35:5d:9e: 69:1d:19:2d:5f:87:f1:05:07:cb:50:2a:04:77:6c:d7:dc:8c: d1:bb:1c:b1:d8:fc:78:b7:37:84:a6:e2:71:eb:bf:12:b8:83: 60:58:c1:81:84:dd:3d:14:22:a1:37:84:45:50:17:83:a3:ad: 75:c9:25:7b:f3:01:52:af:ac:26:70:a3:38:b0:5b:ee:d9:4b: aa:e6:fb:fd:e3:1f:0b:59:c6:85:31:fa:34:47:ff:43:28:8b: 6e:ce:44:22:65:39:e9:e6:c2:38:4f:e4:78:da:b0:6a:1a:85: 19:40:07:0d:87:39:29:48:3a:aa:2b:90:07:bd:a1:3a:49:e5: 0b:66:4d:bc:4b:fc:53:b5:e0:98:b5:1b:4c:31:e3:17:ad:19: 11:67:98:82:31:77:4b:43:82:3b:7d:cf:c1:e6:9a:58:1f:b3: f4:c5:c9:d3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NkFGRjExMC8GA1UEBRMoMzU3QTE3OUNERDBBRjlBM0ZCMDNFMTc3RDZBNDNGQjhB NTc3NTRFMDAeFw0yNDA1MTUwODQ2MzFaFw0yNDA1MjIwODQ2MzFaMBgxFjAUBgNV BAMTDTY2NDQ3NjY4LWJiZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCmfdDV2YJ/34frGYfR0QdQyKYRuhQAvDskeEmyzhrnpbwYI5eL4DAvFJLwktyB MoB6g1mVZ+QAvYAd4EMf2QHdIjV+pCJq0RCeNjJVgVL6PuERhYJfc1um6nFvLrKZ 9jUtkResIJGM1Hy9t3bfdqoFgO2x1rQecG/I6kKLneitMSRfKYhCSB5taM2FZXMo nFLUm2xTNhfGDCDnnh+S/bYA3CLsFYTQTvd7VRv5UYqy8o7UsEzEYTjsKfJ7dfKI cPIJOR3k+L1gX27nxGlJWCQI2hqrAn4ptYG1U+tKBkGt153MtXm4EPqYG914jyIS kc+oi8UIVlbV2l9vp9ud/+fNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU4ZN6lAWl 6Yv71e+uywAOA/SDHBYwHwYDVR0jBBgwFoAUNXoXnN0K+aP7A+F31qQ/uKV3VOAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY2QUZGLzQwQ0QxQjU0RTUw MjExRUU5QUJGNzY1NUM0RjlBRTAyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZP QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTlhvWG5OMEstYVA3QS1GMzFxUV91S1YzVk9BLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY2 QUZGLzQwQ0QxQjU0RTUwMjExRUU5QUJGNzY1NUM0RjlBRTAyL05Yb1huTjBLLWFQ N0EtRjMxcVFfdUtWM1ZPQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF6s4GB5+2Z2rotHHPxrgtNFKRBT3Zz2XvJjCfcRhmr42GuZYM98TOZi 2XAJeU/B7vOvy6p0oEtFqwwDvfkY5l1N1fGoFk7V76EGJAoZuStTFaKVCGbRPDVd nmkdGS1fh/EFB8tQKgR3bNfcjNG7HLHY/Hi3N4Sm4nHrvxK4g2BYwYGE3T0UIqE3 hEVQF4OjrXXJJXvzAVKvrCZwoziwW+7ZS6rm+/3jHwtZxoUx+jRH/0Moi27ORCJl OenmwjhP5HjasGoahRlABw2HOSlIOqorkAe9oTpJ5QtmTbxL/FO14Ji1G0wx4xet GRFnmIIxd0tDgjt9z8Hmmlgfs/TFydM= -----END CERTIFICATE-----Generated at Wed May 15 09:27:33 2024 by rpki-client on console-fra.rpki-client.org