$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: mrA450hID5jZ0ZVTdO1zdbF+jGRy6t8CY2coGD2O2aM= Subject key identifier: F2:D1:7A:39:32:3C:B4:68:79:7E:94:33:BF:36:33:28:40:82:5F:29 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 97 Signing time: Sat 23 Aug 2025 06:37:00 +0000 Manifest this update: Sat 23 Aug 2025 06:36:59 +0000 Manifest next update: Sat 30 Aug 2025 06:36:59 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: Ldska0nV/aX6rRTVZA5aZQPVtrDJwUHhQaYSh4P9OXk=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:36:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Aug 23 06:36:59 2025 GMT Not After : Aug 30 06:36:59 2025 GMT Subject: CN=68a9618b-35f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:48:39:2d:5a:81:1a:0a:d9:81:45:32:6e:67: c0:fb:cb:b3:4d:31:6f:ba:91:de:da:b3:12:cf:d5: 97:92:6b:fe:42:0c:25:cb:ec:c9:e6:ef:d2:f2:7c: 21:4b:66:a7:65:64:60:25:0e:c4:f6:97:bc:f5:0d: b3:f6:27:b7:e3:a8:a3:de:48:52:73:d9:e4:64:9e: 6a:60:de:8b:48:6c:3d:0b:2e:86:65:06:12:08:b5: a5:84:aa:01:9a:63:6b:c3:88:ac:40:82:8c:3c:d5: 73:7e:9c:51:0f:0b:ad:a5:8e:1f:08:2d:f5:03:2e: 8b:c4:1f:4a:79:db:5f:e1:84:a1:ec:ca:b3:24:d3: 1a:ce:9b:ba:04:dc:d8:f2:52:b6:b8:e3:98:35:b8: 6b:d1:26:3a:7a:bb:af:e5:40:f8:14:8b:4c:b3:ce: 6c:36:f6:d2:ee:19:26:f9:33:a0:d9:31:86:85:95: 7f:0e:37:d0:5f:d5:b3:ca:ca:91:00:c8:22:06:0d: b8:0a:e1:bf:7f:d6:3d:8b:11:0f:19:49:23:6b:7d: 00:c0:51:70:f9:b6:5f:0d:08:2e:05:1f:c9:47:8d: e5:f9:6e:4a:e6:07:0f:8b:43:61:39:60:de:09:fa: c7:58:dc:f2:94:3b:ac:c8:05:52:78:47:d2:cb:03: 0d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:D1:7A:39:32:3C:B4:68:79:7E:94:33:BF:36:33:28:40:82:5F:29 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:c1:76:f1:3a:63:ff:b4:51:10:2f:45:bc:f3:83:58:b7:63: 74:23:0e:e0:d3:1a:10:2b:df:cc:cc:f3:cb:c5:e5:05:73:1d: ed:71:1d:fd:c8:a7:f8:38:07:79:6b:a0:29:f9:07:44:bf:ec: 88:2e:63:79:7c:ee:8f:fc:82:ee:53:2b:43:d3:39:70:4f:94: 90:ba:4f:d2:a4:79:cc:94:d7:a7:f1:7f:73:9e:8e:99:6e:b0: b8:d0:8a:19:25:e6:33:e5:39:30:19:13:f6:05:a3:50:97:8e: e9:2d:84:23:36:0c:1c:01:2a:1a:06:8f:9f:27:11:07:5a:d2: 2f:06:99:39:a2:68:1e:50:72:7f:4d:3e:11:db:80:7b:4b:d3: cf:36:73:e8:11:15:40:36:c2:67:b2:25:c3:05:5a:f4:d5:e1: a7:50:6e:1c:9d:45:0c:8c:73:ea:5c:c8:67:3e:06:bf:87:01: 94:f5:bd:f7:36:a4:ba:49:db:e7:47:4b:35:93:2c:75:44:c2: 68:a2:bd:9a:86:19:62:71:39:37:14:ec:5d:82:02:c9:69:bc: 85:4a:e4:91:c1:3e:bd:b3:a3:30:ba:07:4f:de:6b:af:21:49: 90:1b:d9:7a:ef:3b:14:42:50:66:c0:53:21:80:4c:56:2f:23: 2c:53:13:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUwODIzMDYzNjU5WhcNMjUwODMwMDYzNjU5WjAYMRYwFAYD VQQDEw02OGE5NjE4Yi0zNWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEg5LVqBGgrZgUUybmfA+8uzTTFvupHe2rMSz9WXkmv+Qgwly+zJ5u/S8nwh S2anZWRgJQ7E9pe89Q2z9ie346ij3khSc9nkZJ5qYN6LSGw9Cy6GZQYSCLWlhKoB mmNrw4isQIKMPNVzfpxRDwutpY4fCC31Ay6LxB9Kedtf4YSh7MqzJNMazpu6BNzY 8lK2uOOYNbhr0SY6eruv5UD4FItMs85sNvbS7hkm+TOg2TGGhZV/DjfQX9WzysqR AMgiBg24CuG/f9Y9ixEPGUkja30AwFFw+bZfDQguBR/JR43l+W5K5gcPi0NhOWDe CfrHWNzylDusyAVSeEfSywMNvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLRejky PLRoeX6UM782MyhAgl8pMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWwXbxOmP/tFEQL0W884NYt2N0Iw7g0xoQK9/MzPPLxeUFcx3tcR39 yKf4OAd5a6Ap+QdEv+yILmN5fO6P/ILuUytD0zlwT5SQuk/SpHnMlNen8X9zno6Z brC40IoZJeYz5TkwGRP2BaNQl47pLYQjNgwcASoaBo+fJxEHWtIvBpk5omgeUHJ/ TT4R24B7S9PPNnPoERVANsJnsiXDBVr01eGnUG4cnUUMjHPqXMhnPga/hwGU9b33 NqS6SdvnR0s1kyx1RMJoor2ahhlicTk3FOxdggLJabyFSuSRwT69s6MwugdP3muv IUmQG9l67zsUQlBmwFMhgExWLyMsUxOx -----END CERTIFICATE-----Generated at Sat Aug 23 20:36:34 2025 by rpki-client