$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft File: NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft (raw, json) Hash identifier: ZL/r6d6FjtY9TQUI5a9o40N+s3F6YHeNTXPromEBhoM= Subject key identifier: E5:16:BC:F6:65:E4:B0:64:DD:F7:44:59:5F:5A:BA:B8:CE:BA:A9:3F Authority key identifier: 37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A Certificate issuer: /CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Certificate serial: 10AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft Manifest number: 109B Signing time: Fri 26 Apr 2024 17:56:14 +0000 Manifest this update: Fri 26 Apr 2024 17:56:13 +0000 Manifest next update: Fri 03 May 2024 17:56:13 +0000 Files and hashes: 1: NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl (hash: zO+lJgbjuVVknY47yvO0f8ikpOnNt5/6W9hj2N0jGSo=) 2: 4EF3836CF11C11EB8CA9C866C4F9AE02.roa (hash: gr0W30lQyWPhNAdF+h9Ul0cwBOIMKd+tEg7EdHsI9Yg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 17:56:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4268 (0x10ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DE7DE/serialNumber=371273CFD8C2C908B691D6BEA175E8DE82BD439A Validity Not Before: Apr 26 17:56:13 2024 GMT Not After : May 3 17:56:13 2024 GMT Subject: CN=662beabe-3a23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:73:e6:89:68:ac:bf:7b:54:02:4a:eb:52:76: 67:06:46:99:4b:8a:e6:91:19:62:1a:ce:7e:22:e2: 79:3e:e3:47:dc:bf:8d:be:e0:a1:48:50:9e:36:5e: 9e:1b:bd:3b:e7:3e:e7:ee:38:c4:94:2d:5e:c1:c7: de:83:67:ef:fa:20:5f:52:3c:00:ee:18:39:30:af: 49:ba:c5:e4:ee:df:11:53:ce:4f:1e:e0:1d:9a:fb: c0:cd:fb:35:ea:a1:d4:74:09:c4:20:1e:73:0e:11: 0d:ae:85:99:16:2e:39:e4:fc:13:5d:94:c3:41:be: a5:ab:b1:12:cf:ac:10:84:77:cf:5f:72:94:a6:eb: 5b:54:49:20:4e:d6:92:91:8a:16:f0:78:58:15:52: e7:0f:34:7d:60:8f:8b:25:0a:7c:40:3b:13:43:7a: a7:f6:c7:cf:9f:1c:19:c3:0e:fc:6b:7a:2f:bc:7a: 9b:fc:bb:c3:97:1a:75:d2:d6:90:6d:2b:94:16:3d: 9f:67:f0:88:4f:72:11:ce:04:dd:8c:c3:7b:d3:44: 3d:de:b7:c8:0d:fb:3a:25:5d:0d:58:7e:d8:85:bc: 0a:3f:4b:fe:a8:d1:8b:1b:10:b4:25:cc:77:8f:ec: 51:0b:02:0c:ec:68:db:6f:1d:91:0b:f7:b1:bb:cb: b1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:16:BC:F6:65:E4:B0:64:DD:F7:44:59:5F:5A:BA:B8:CE:BA:A9:3F X509v3 Authority Key Identifier: keyid:37:12:73:CF:D8:C2:C9:08:B6:91:D6:BE:A1:75:E8:DE:82:BD:43:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NxJzz9jCyQi2kda-oXXo3oK9Q5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE7DE/CEE3D71804E111E98EA7D872C4F9AE02/NxJzz9jCyQi2kda-oXXo3oK9Q5o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:95:73:ab:7b:4d:67:31:dc:87:72:8c:be:41:41:06:48:e6: 38:ea:56:3e:65:1b:ed:58:3d:35:bf:26:c8:f3:db:1c:ce:d6: b5:1b:b7:5b:1e:34:6f:a5:99:41:25:6b:c4:ca:3b:06:fd:89: da:1b:ff:d2:5f:31:5b:ef:96:4e:d1:75:19:50:57:e5:6c:c8: 70:4d:01:32:0e:cf:01:a4:81:dc:31:54:8e:16:d5:cb:b4:5a: 10:07:73:3d:04:94:b5:2f:87:1c:b6:9d:2e:58:18:00:3a:ec: 92:f4:f0:e5:43:b6:62:7b:1e:ec:5b:cb:e5:31:e6:53:fc:21: 3c:46:4c:a6:2b:f5:5b:0a:97:46:5f:55:63:4b:7d:30:07:e5: 11:da:4b:77:91:85:c3:17:b4:f5:ba:d5:73:b0:2d:d2:d7:e1: 20:8e:19:3f:ef:e9:93:d9:78:f4:d9:eb:99:28:eb:7b:35:24: b1:0d:a6:85:a3:91:77:13:c0:28:41:58:31:b8:9e:f0:2d:59: 0e:4a:0c:88:f7:4e:c3:bd:0e:b2:81:78:3c:98:6b:45:66:7e: e1:5b:60:49:4e:a3:a8:7d:da:1c:13:fc:c6:fc:03:9e:fb:67: 0d:a6:f6:06:ac:d1:37:f3:ec:ba:b3:e8:f0:7b:47:66:c5:2b: fc:ab:e3:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REU3REUxMTAvBgNVBAUTKDM3MTI3M0NGRDhDMkM5MDhCNjkxRDZCRUExNzVFOERF ODJCRDQzOUEwHhcNMjQwNDI2MTc1NjEzWhcNMjQwNTAzMTc1NjEzWjAYMRYwFAYD VQQDEw02NjJiZWFiZS0zYTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtnPmiWisv3tUAkrrUnZnBkaZS4rmkRliGs5+IuJ5PuNH3L+NvuChSFCeNl6e G7075z7n7jjElC1ewcfeg2fv+iBfUjwA7hg5MK9JusXk7t8RU85PHuAdmvvAzfs1 6qHUdAnEIB5zDhENroWZFi455PwTXZTDQb6lq7ESz6wQhHfPX3KUputbVEkgTtaS kYoW8HhYFVLnDzR9YI+LJQp8QDsTQ3qn9sfPnxwZww78a3ovvHqb/LvDlxp10taQ bSuUFj2fZ/CIT3IRzgTdjMN700Q93rfIDfs6JV0NWH7YhbwKP0v+qNGLGxC0Jcx3 j+xRCwIM7Gjbbx2RC/exu8uxpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOUWvPZl 5LBk3fdEWV9aurjOuqk/MB8GA1UdIwQYMBaAFDcSc8/YwskItpHWvqF16N6CvUOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERTdERS9DRUUzRDcxODA0 RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lRaTJrZGEtb1hYbzNvSzlR NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL054Snp6OWpDeVFpMmtkYS1vWFhvM29LOVE1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RTdERS9DRUUzRDcxODA0RTExMUU5OEVBN0Q4NzJDNEY5QUUwMi9OeEp6ejlqQ3lR aTJrZGEtb1hYbzNvSzlRNW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArlXOre01nMdyHcoy+QUEGSOY46lY+ZRvtWD01vybI89sczta1G7db HjRvpZlBJWvEyjsG/YnaG//SXzFb75ZO0XUZUFflbMhwTQEyDs8BpIHcMVSOFtXL tFoQB3M9BJS1L4cctp0uWBgAOuyS9PDlQ7Ziex7sW8vlMeZT/CE8RkymK/VbCpdG X1VjS30wB+UR2kt3kYXDF7T1utVzsC3S1+Egjhk/7+mT2Xj02euZKOt7NSSxDaaF o5F3E8AoQVgxuJ7wLVkOSgyI907DvQ6ygXg8mGtFZn7hW2BJTqOofdocE/zG/AOe +2cNpvYGrNE38+y6s+jwe0dmxSv8q+ME -----END CERTIFICATE-----Generated at Sat Apr 27 10:20:41 2024 by rpki-client on console-ams.rpki-client.org