$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: C8eFHWVtGky5GcthWh30lIryOpW8TK39uYn0bYiRAp8= Subject key identifier: 04:D5:97:D4:1E:12:14:70:65:81:3E:08:20:94:F3:BC:ED:4E:51:59 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: BC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: B8 Signing time: Sun 19 Oct 2025 09:11:26 +0000 Manifest this update: Sun 19 Oct 2025 09:11:26 +0000 Manifest next update: Sun 26 Oct 2025 09:11:25 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 8VeNRSF3stRUKEN29PwcOZRzpTXqHJ82dS/GlgT0nOo=) 2: 8B9AE5E6843211F099BF476CC4F9AE02.roa (hash: f0yL6dm4aQQSfB+ngsxTE6LWk8z3YuY+EKGRY0bzeRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:11:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 188 (0xbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Oct 19 09:11:26 2025 GMT Not After : Oct 26 09:11:25 2025 GMT Subject: CN=68f4ab3e-9a9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:24:5b:e4:82:00:d1:57:6a:fb:b8:90:da:ff: 62:fd:89:c7:04:fa:92:98:33:8e:8f:c0:ec:4b:0a: 97:f5:01:77:71:a4:fa:9b:c4:bc:bd:37:f5:6f:ee: c1:9a:96:72:8e:34:c3:20:a6:95:af:58:50:d4:62: dc:0d:d9:d1:ad:d8:d2:ca:44:fa:60:5c:2b:32:26: b1:f1:d5:03:ff:2b:25:2f:96:46:5d:f5:b4:69:d1: bb:32:c4:1a:7d:39:8e:5d:66:b5:c0:1b:d8:16:f8: 20:f7:04:20:07:dd:16:ae:b7:ce:e9:d9:55:34:fd: 0f:fe:82:3b:e2:83:a3:1b:1d:15:92:37:85:91:d4: 06:e9:e0:83:c1:50:af:52:c0:5e:cd:98:cc:29:d6: 0c:5c:07:9d:84:0d:db:79:0b:fa:9b:d1:98:36:dc: 6f:9c:ef:4f:79:21:38:a2:ff:76:d6:87:2d:62:aa: 11:aa:e8:8a:1a:61:4a:3f:c5:00:32:36:3f:57:c5: 36:f1:4f:0e:85:83:d1:ab:5c:be:b4:bd:d8:35:1a: dc:40:0a:17:ac:95:c5:07:8f:8e:3d:7f:86:98:53: 83:0b:17:f9:fc:e2:6b:c2:49:68:34:ae:53:86:16: 46:f0:5d:79:cf:46:da:6b:fc:59:73:b3:f9:58:35: 14:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D5:97:D4:1E:12:14:70:65:81:3E:08:20:94:F3:BC:ED:4E:51:59 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:04:8e:ca:ee:b9:42:18:23:54:4c:88:6b:fe:5f:4f:7f:1e: 10:28:0f:c1:75:59:55:6c:8c:d4:ba:10:36:7e:6a:b6:1d:9a: cc:95:37:48:c6:b2:a9:01:45:27:8e:82:ee:fb:3e:ed:74:8d: 3b:28:50:d4:fc:2b:39:65:5b:ad:6a:7c:01:c1:9c:8f:38:c6: 47:79:6d:4e:4c:c9:ad:79:2d:5b:83:7e:88:92:6a:33:9b:bb: 72:70:a2:d5:8e:c0:af:18:e2:16:95:5f:4b:4c:49:98:0f:ac: 86:df:b5:f8:dc:ee:5c:64:ca:6d:96:6e:5e:35:5a:87:fd:f5: 54:81:e8:ab:6e:a6:4c:3f:82:08:1c:c8:26:7b:8c:a9:68:24: 8e:09:b0:4c:7b:f1:2e:e4:fc:52:5f:01:9e:d8:d9:e7:17:6e: 0c:a6:bc:2d:02:8e:47:15:76:02:48:fa:99:50:62:8d:0d:40: 26:0f:29:7d:2b:1b:d1:20:36:2c:d9:6e:91:c8:05:97:0f:39: e8:87:d2:f9:3e:05:4a:11:a6:d0:08:b8:eb:21:15:67:f5:24: 31:51:66:f0:54:a1:b7:0f:f2:fd:15:50:53:64:c2:6c:af:e0: 95:8a:4b:c7:b3:e5:1c:de:ed:6d:a3:7f:05:ed:f9:cd:ff:0d: 97:09:50:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUxMDE5MDkxMTI2WhcNMjUxMDI2MDkxMTI1WjAYMRYwFAYD VQQDEw02OGY0YWIzZS05YTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyiRb5IIA0Vdq+7iQ2v9i/YnHBPqSmDOOj8DsSwqX9QF3caT6m8S8vTf1b+7B mpZyjjTDIKaVr1hQ1GLcDdnRrdjSykT6YFwrMiax8dUD/yslL5ZGXfW0adG7MsQa fTmOXWa1wBvYFvgg9wQgB90WrrfO6dlVNP0P/oI74oOjGx0VkjeFkdQG6eCDwVCv UsBezZjMKdYMXAedhA3beQv6m9GYNtxvnO9PeSE4ov921octYqoRquiKGmFKP8UA MjY/V8U28U8OhYPRq1y+tL3YNRrcQAoXrJXFB4+OPX+GmFODCxf5/OJrwkloNK5T hhZG8F15z0baa/xZc7P5WDUUaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFATVl9Qe EhRwZYE+CCCU87ztTlFZMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuBI7K7rlCGCNUTIhr/l9Pfx4QKA/BdVlVbIzUuhA2fmq2HZrMlTdI xrKpAUUnjoLu+z7tdI07KFDU/Cs5ZVutanwBwZyPOMZHeW1OTMmteS1bg36Ikmoz m7tycKLVjsCvGOIWlV9LTEmYD6yG37X43O5cZMptlm5eNVqH/fVUgeirbqZMP4II HMgme4ypaCSOCbBMe/Eu5PxSXwGe2NnnF24MprwtAo5HFXYCSPqZUGKNDUAmDyl9 KxvRIDYs2W6RyAWXDznoh9L5PgVKEabQCLjrIRVn9SQxUWbwVKG3D/L9FVBTZMJs r+CVikvHs+Uc3u1to38F7fnN/w2XCVDk -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:21 2025 by rpki-client