$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft File: NXR5DY34KztVHjtwJXG69VqemWE.mft (raw, json) Hash identifier: Xn7ZeqardDk+gShMFPS0c5mTLVUdXWNfAKuWfWhFoNo= Subject key identifier: 43:C0:0C:85:1F:96:DA:E6:FB:2E:EB:FC:E1:3D:EC:47:C4:9C:41:30 Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 Certificate issuer: /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Certificate serial: 38 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft Manifest number: 2D Signing time: Thu 21 Nov 2024 05:59:29 +0000 Manifest this update: Thu 21 Nov 2024 05:59:29 +0000 Manifest next update: Thu 28 Nov 2024 05:59:29 +0000 Files and hashes: 1: NXR5DY34KztVHjtwJXG69VqemWE.crl (hash: FhkSWJUcnSWoC6qStGJr8SbqkIxeOm9uhx9gfQhXXmA=) 2: DA8D1C7EA72311EFBCEB047EC4F9AE02.roa (hash: 4Ilw9gY/NOcFcq0qbuj1smp6o0+TRpgSf2CHUKcnvWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56 (0x38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961 Validity Not Before: Nov 21 05:59:29 2024 GMT Not After : Nov 28 05:59:29 2024 GMT Subject: CN=673ecc41-f107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:81:dc:e4:0f:1c:e8:e3:d6:76:43:11:e3:9a: fd:42:71:54:b7:d5:03:33:2b:e4:07:d2:99:ea:74: 04:5d:71:cd:3e:9f:d4:a1:92:77:c3:40:0a:5d:ab: d9:0a:45:97:06:98:3a:87:2a:11:53:1f:e6:b7:3e: 0f:38:e5:6b:07:69:31:3e:f4:bb:30:ba:9a:e9:e7: 20:26:7c:f3:7f:e7:cd:17:4a:ec:de:52:9d:07:68: 0d:ea:ef:7b:28:03:a1:be:ae:59:ca:51:74:ce:3c: 5e:94:24:4e:0b:76:b7:64:3a:d2:1b:2c:71:12:29: 85:57:f3:35:b9:5f:d5:c2:5d:b7:fa:f2:c9:ea:98: 91:01:fa:f5:ec:e8:06:e6:55:89:7e:89:cd:c1:ee: 16:d0:29:ca:cf:e6:33:d5:bb:9f:59:61:45:3e:09: 7f:7e:6a:71:d4:94:26:de:a3:c0:c7:20:7a:6d:14: 6e:9a:5a:b8:76:33:40:df:a3:a2:03:e3:a6:c0:c4: 16:12:c0:cb:06:bd:85:84:61:d6:cc:45:ab:f4:3d: d2:3f:a9:40:a7:1e:95:8b:23:ab:1b:96:26:05:a4: 82:94:21:31:8d:9c:23:19:8d:45:64:3d:a9:a7:cf: 31:09:ed:22:eb:31:1d:51:7c:a3:0a:b2:41:18:0b: a7:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C0:0C:85:1F:96:DA:E6:FB:2E:EB:FC:E1:3D:EC:47:C4:9C:41:30 X509v3 Authority Key Identifier: keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:c1:04:ee:76:64:58:d2:d2:eb:3a:43:32:c7:47:22:03:75: 44:85:49:74:c8:82:19:5a:0d:e7:99:98:79:3e:d1:d3:57:80: 9a:7d:50:43:43:dc:ab:b0:ac:68:89:43:2d:4c:a8:ad:91:31: 52:07:ce:b0:77:62:cc:94:c5:74:79:04:3d:0b:d8:8a:42:01: 65:8a:64:f0:2f:c4:e0:6e:b0:86:61:3a:00:e3:55:26:81:98: 23:37:d0:aa:31:56:33:76:b0:4f:df:55:12:82:4e:67:a8:40: 95:30:02:cf:a3:bd:a8:28:6c:11:cc:3b:d6:80:a8:77:b1:ab: 45:57:f1:2a:fa:25:70:77:97:85:74:5d:47:c4:d1:22:02:61: fa:8d:20:84:65:0d:b7:5c:a4:27:37:81:d7:f6:66:fa:d3:24: 66:40:6c:2d:bb:78:9c:19:be:80:51:e3:32:80:56:df:50:09: 62:3a:8c:70:77:dd:05:58:f1:e1:94:0b:d7:47:d6:b8:b0:d3: 7a:2c:17:41:78:b5:9a:9e:6d:aa:99:fa:58:1d:22:b8:25:97: dd:d9:8c:af:06:aa:61:3d:82:0e:f1:e0:cc:fb:90:65:53:57: b3:8b:a5:c5:e8:bb:c0:1d:3c:68:d2:5d:96:03:d0:5e:99:96: 30:d7:cf:e5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBODANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDQwQjExMC8GA1UEBRMoMzU3NDc5MEQ4REY4MkIzQjU1MUUzQjcwMjU3MUJBRjU1 QTlFOTk2MTAeFw0yNDExMjEwNTU5MjlaFw0yNDExMjgwNTU5MjlaMBgxFjAUBgNV BAMTDTY3M2VjYzQxLWYxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3gdzkDxzo49Z2QxHjmv1CcVS31QMzK+QH0pnqdARdcc0+n9ShknfDQApdq9kK RZcGmDqHKhFTH+a3Pg845WsHaTE+9Lswuprp5yAmfPN/580XSuzeUp0HaA3q73so A6G+rlnKUXTOPF6UJE4LdrdkOtIbLHESKYVX8zW5X9XCXbf68snqmJEB+vXs6Abm VYl+ic3B7hbQKcrP5jPVu59ZYUU+CX9+anHUlCbeo8DHIHptFG6aWrh2M0Dfo6ID 46bAxBYSwMsGvYWEYdbMRav0PdI/qUCnHpWLI6sbliYFpIKUITGNnCMZjUVkPamn zzEJ7SLrMR1RfKMKskEYC6chAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQ8AMhR+W 2ub7Luv84T3sR8ScQTAwHwYDVR0jBBgwFoAUNXR5DY34KztVHjtwJXG69VqemWEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzZCNUQyQTdDODU1 QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1X RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTlhSNURZMzRLenRWSGp0d0pYRzY5VnFlbVdFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE NDBCLzZCNUQyQTdDODU1QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0 VkhqdHdKWEc2OVZxZW1XRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANDBBO52ZFjS0us6QzLHRyIDdUSFSXTIghlaDeeZmHk+0dNXgJp9UEND 3KuwrGiJQy1MqK2RMVIHzrB3YsyUxXR5BD0L2IpCAWWKZPAvxOBusIZhOgDjVSaB mCM30KoxVjN2sE/fVRKCTmeoQJUwAs+jvagobBHMO9aAqHexq0VX8Sr6JXB3l4V0 XUfE0SICYfqNIIRlDbdcpCc3gdf2ZvrTJGZAbC27eJwZvoBR4zKAVt9QCWI6jHB3 3QVY8eGUC9dH1riw03osF0F4tZqebaqZ+lgdIrgll93ZjK8GqmE9gg7x4Mz7kGVT V7OLpcXou8AdPGjSXZYD0F6ZljDXz+U= -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:50 2024 by rpki-client on console-fra.rpki-client.org