$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: jnjcpX8KCaxGa7xP3LItKOotEp+37CdOa23713p0Zsg= Subject key identifier: 59:4A:9E:8A:A9:AA:33:AA:0F:80:EC:C2:91:8A:52:DC:46:6F:62:B4 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 7F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 7D Signing time: Thu 03 Jul 2025 06:55:34 +0000 Manifest this update: Thu 03 Jul 2025 06:55:34 +0000 Manifest next update: Thu 10 Jul 2025 06:55:34 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: mQQJxpRrrqO2EL19UQMu3/cXuE9h6Bp5ptQdKFBEtRo=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 127 (0x7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Jul 3 06:55:34 2025 GMT Not After : Jul 10 06:55:34 2025 GMT Subject: CN=68662966-7d78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:39:52:5d:ac:f0:c9:b3:71:4b:54:b5:78:9e: de:d3:16:ef:c9:a3:86:a1:02:de:cf:1d:de:26:d4: 4a:83:46:d1:91:04:05:04:c1:86:88:28:05:be:88: 1b:24:b8:20:47:ba:53:9b:53:1d:86:3a:8f:0a:ad: eb:8f:ba:0b:71:fe:2b:cd:1a:a4:c8:53:69:cb:5d: 74:84:2a:2a:41:bf:db:f3:7e:43:20:91:2b:74:da: 56:3c:ca:f6:ba:41:d6:a5:d9:9c:26:b6:e0:b3:52: 93:cf:be:58:35:aa:32:97:bf:11:f5:8c:04:53:2f: d7:08:93:ff:49:c1:88:d5:83:24:2e:72:73:a8:1a: 72:56:55:dd:0c:8d:1d:ef:b2:59:17:f8:3b:c9:e2: 08:73:5a:56:15:76:63:14:d1:fb:9d:a2:c0:5a:a2: f0:73:7b:cf:6e:3b:26:52:cb:ec:10:2d:de:8a:7a: ca:b9:ae:55:a0:cf:ea:01:01:39:59:0f:88:21:f7: 88:06:49:92:6b:79:01:46:e4:e0:28:8a:23:5f:e1: 99:95:28:5c:86:78:41:a0:19:86:93:2f:19:84:79: 34:11:61:84:43:ca:ef:d3:47:0a:b9:66:29:b6:ce: 3f:1c:6b:63:f4:d3:b6:15:30:c0:e0:c0:73:4c:e6: 5a:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:4A:9E:8A:A9:AA:33:AA:0F:80:EC:C2:91:8A:52:DC:46:6F:62:B4 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:85:3a:1d:d2:ec:d0:62:93:cd:dd:14:98:cd:88:dc:0a:c9: 36:ab:2b:bb:e4:bc:5b:b6:8f:5e:77:8d:99:86:90:d5:f2:74: 4b:fb:e3:4e:11:73:b2:b7:be:b9:d5:4f:6e:81:c3:8b:2a:b6: 8d:52:dc:f0:df:4a:38:3a:60:3e:f2:7c:a4:cd:fe:ab:f1:04: 4b:01:e8:18:f1:50:67:84:43:fd:b7:b0:66:9b:e8:10:f7:ce: f3:3e:32:df:79:ab:a0:d9:4e:be:23:c3:33:45:3e:28:64:9c: aa:b8:ff:e5:75:b7:18:3c:ff:4c:f9:01:6d:aa:f7:01:f3:d9: 57:f5:ac:38:27:ca:be:01:1e:46:0f:37:f1:f5:cb:c0:28:f6: e4:d7:50:85:a1:0a:b0:31:18:10:19:ad:fb:73:c1:b0:a9:af: 6b:30:10:12:59:d2:4b:70:90:80:dd:10:81:7d:b5:0e:de:2b: 0a:b0:74:79:6c:90:7e:43:80:b3:59:67:e6:fe:2c:f4:25:fa: 6f:06:d7:20:21:54:f7:fd:d0:31:4c:e6:bd:bf:da:f3:80:49: f0:02:32:93:c4:cf:07:fa:40:0a:fc:67:0f:49:01:b5:ac:da: c0:1a:fd:77:8e:5a:87:3a:57:26:11:db:62:34:5a:18:5f:1d: ca:fe:4a:8b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA3MDMwNjU1MzRaFw0yNTA3MTAwNjU1MzRaMBgxFjAUBgNV BAMTDTY4NjYyOTY2LTdkNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJOVJdrPDJs3FLVLV4nt7TFu/Jo4ahAt7PHd4m1EqDRtGRBAUEwYaIKAW+iBsk uCBHulObUx2GOo8KreuPugtx/ivNGqTIU2nLXXSEKipBv9vzfkMgkSt02lY8yva6 Qdal2ZwmtuCzUpPPvlg1qjKXvxH1jARTL9cIk/9JwYjVgyQucnOoGnJWVd0MjR3v slkX+DvJ4ghzWlYVdmMU0fudosBaovBze89uOyZSy+wQLd6Kesq5rlWgz+oBATlZ D4gh94gGSZJreQFG5OAoiiNf4ZmVKFyGeEGgGYaTLxmEeTQRYYRDyu/TRwq5Zim2 zj8ca2P007YVMMDgwHNM5lpzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUWUqeiqmq M6oPgOzCkYpS3EZvYrQwHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD+FOh3S7NBik83dFJjNiNwKyTarK7vkvFu2j153jZmGkNXydEv7404R c7K3vrnVT26Bw4sqto1S3PDfSjg6YD7yfKTN/qvxBEsB6BjxUGeEQ/23sGab6BD3 zvM+Mt95q6DZTr4jwzNFPihknKq4/+V1txg8/0z5AW2q9wHz2Vf1rDgnyr4BHkYP N/H1y8Ao9uTXUIWhCrAxGBAZrftzwbCpr2swEBJZ0ktwkIDdEIF9tQ7eKwqwdHls kH5DgLNZZ+b+LPQl+m8G1yAhVPf90DFM5r2/2vOASfACMpPEzwf6QAr8Zw9JAbWs 2sAa/XeOWoc6VyYR22I0WhhfHcr+Sos= -----END CERTIFICATE-----Generated at Thu Jul 3 21:54:43 2025 by rpki-client