$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: ILHkx9o2OVQaaoXLuhREfA7pQM3m84qKPnRUERrQtio= Subject key identifier: E3:66:D4:3B:0E:10:15:7A:2E:57:E8:96:E6:74:45:94:27:AD:FC:EE Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 67 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 65 Signing time: Thu 15 May 2025 06:17:01 +0000 Manifest this update: Thu 15 May 2025 06:17:00 +0000 Manifest next update: Thu 22 May 2025 06:17:00 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: zKk9dQQjIWEunGSNsuAkTXBBnumd1XqRyYj21csaeJ0=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 06:17:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 103 (0x67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: May 15 06:17:00 2025 GMT Not After : May 22 06:17:00 2025 GMT Subject: CN=682586dd-4b5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:7d:16:41:e0:6d:f6:9b:e8:dd:7c:32:66:37: 6c:c0:42:8d:11:ba:90:87:c3:9d:51:7d:63:9a:12: 43:8a:37:88:97:79:09:ff:be:55:a0:e2:3c:ef:76: ab:ae:10:61:2a:59:fc:e7:84:f2:9c:58:ac:83:7f: 91:b2:c3:2c:c8:9b:ff:7d:f4:08:eb:a5:dc:12:4a: ce:a5:00:31:d5:a3:07:ae:f6:5a:67:cb:7f:96:49: 5e:f3:c8:f6:1c:d7:1d:d4:4c:72:0b:d5:8d:9f:cd: d6:97:04:1e:70:f2:c6:f6:c1:2f:52:0b:82:d0:e9: 77:c0:4f:f7:f8:f2:37:9f:a1:ca:30:3c:f2:b8:d2: 33:f4:82:09:c3:b3:b6:f4:4a:ff:2c:71:df:3b:8d: a3:44:95:55:3e:f5:ad:b1:8a:13:be:e2:d0:72:a0: 4e:2d:62:d7:e3:91:f1:55:33:08:ae:1b:0e:47:af: b0:0e:14:62:f7:e3:a2:f5:53:81:00:0d:37:e0:98: fb:30:d8:c4:a0:80:23:de:ca:24:a6:3f:12:a2:f6: 76:fc:d0:dc:68:12:13:26:0a:87:51:f4:db:1b:35: 67:6a:f4:43:94:09:0c:3d:61:3a:8a:78:b9:a8:5b: 4a:b9:eb:d0:34:ff:ba:95:bd:bf:64:0a:ef:2c:32: b2:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:66:D4:3B:0E:10:15:7A:2E:57:E8:96:E6:74:45:94:27:AD:FC:EE X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:e1:7d:14:1a:98:e2:91:19:3c:0a:5b:c1:c7:7c:ee:40:45: 6c:f6:88:93:7e:26:13:0f:41:eb:42:24:0a:66:d8:20:dc:ce: bd:ca:67:b9:68:e7:2b:c9:36:ca:8f:70:6a:28:4e:6d:bb:d6: 9b:c3:80:94:06:ba:f3:d9:52:8e:8a:72:91:11:5f:55:d8:c5: 9b:c4:59:e6:e0:92:25:88:0b:d2:78:87:a8:d7:21:65:69:c7: 73:c7:c7:74:94:46:5b:c9:ec:d9:ac:4f:b9:c9:53:4b:38:77: a7:60:0b:9a:1b:4a:b0:1d:65:9f:8d:67:90:b0:98:45:9e:38: 97:43:2b:44:75:76:58:80:d0:e2:3e:92:fe:43:b5:60:9f:3f: d7:52:ba:b0:e4:40:61:d7:9b:7d:0e:bb:61:ce:e2:3d:52:69: 40:24:a4:96:da:c2:1e:e8:21:9d:65:cd:a8:0b:6f:19:7b:2d: 4e:85:c4:e0:20:69:e9:79:bc:ec:f3:de:09:71:68:f5:76:56: e5:e7:ad:cc:68:62:3f:17:f0:fe:84:08:d1:2a:24:5a:82:82: 28:de:00:12:89:d8:93:5f:5b:fe:82:4d:73:eb:b7:8a:e9:ed: 7d:1a:f6:51:ef:fa:9a:03:06:56:aa:64:24:a0:61:c5:e9:12: 07:19:c3:f2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA1MTUwNjE3MDBaFw0yNTA1MjIwNjE3MDBaMBgxFjAUBgNV BAMTDTY4MjU4NmRkLTRiNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTfRZB4G32m+jdfDJmN2zAQo0RupCHw51RfWOaEkOKN4iXeQn/vlWg4jzvdquu EGEqWfznhPKcWKyDf5GywyzIm/999AjrpdwSSs6lADHVoweu9lpny3+WSV7zyPYc 1x3UTHIL1Y2fzdaXBB5w8sb2wS9SC4LQ6XfAT/f48jefocowPPK40jP0ggnDs7b0 Sv8scd87jaNElVU+9a2xihO+4tByoE4tYtfjkfFVMwiuGw5Hr7AOFGL346L1U4EA DTfgmPsw2MSggCPeyiSmPxKi9nb80NxoEhMmCodR9NsbNWdq9EOUCQw9YTqKeLmo W0q569A0/7qVvb9kCu8sMrJlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU42bUOw4Q FXouV+iW5nRFlCet/O4wHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF3hfRQamOKRGTwKW8HHfO5ARWz2iJN+JhMPQetCJApm2CDczr3KZ7lo 5yvJNsqPcGooTm271pvDgJQGuvPZUo6KcpERX1XYxZvEWebgkiWIC9J4h6jXIWVp x3PHx3SURlvJ7NmsT7nJU0s4d6dgC5obSrAdZZ+NZ5CwmEWeOJdDK0R1dliA0OI+ kv5DtWCfP9dSurDkQGHXm30Ou2HO4j1SaUAkpJbawh7oIZ1lzagLbxl7LU6FxOAg ael5vOzz3glxaPV2VuXnrcxoYj8X8P6ECNEqJFqCgijeABKJ2JNfW/6CTXPrt4rp 7X0a9lHv+poDBlaqZCSgYcXpEgcZw/I= -----END CERTIFICATE-----Generated at Sat May 17 04:28:15 2025 by rpki-client