$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: jjNaXHrM5BacKBdWmzQND/Vb5sQybL/ECVkbCixF2/Y= Subject key identifier: FD:B4:1C:54:6C:02:86:D8:7B:4D:9B:81:BA:19:08:B5:29:71:60:00 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CD7 Signing time: Sat 28 Jun 2025 16:04:54 +0000 Manifest this update: Sat 28 Jun 2025 16:04:53 +0000 Manifest next update: Sat 05 Jul 2025 16:04:53 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: I2MYZVkClotCiculRJA5Le+sn6Iqgro3yLV8Cw+jPGw=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 10: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: UwXH1XygsxxIwL/5ppPhVWdo9CvnJPBBvjk5qqmH4lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 16:04:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7500 (0x1d4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Jun 28 16:04:53 2025 GMT Not After : Jul 5 16:04:53 2025 GMT Subject: CN=686012a6-0bf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:eb:97:75:73:1d:79:27:f7:88:b5:ae:02:14: 9d:5a:89:d3:9e:2b:d1:77:c0:b3:47:6c:6f:3c:66: fe:fd:1c:53:5b:50:f4:e5:c4:1a:e2:04:32:7b:30: 8a:2e:5d:d1:d9:f7:b5:74:d9:c8:af:b2:de:25:83: 0f:59:90:04:a2:28:62:fc:29:0d:eb:e0:d0:99:f6: ef:a0:dc:95:ac:b0:48:0a:4d:ef:3d:d6:2d:40:33: f0:ef:ca:29:1c:05:93:a4:44:dc:d2:a1:7e:eb:46: 93:c9:cf:d7:b1:04:93:32:86:c2:d3:bc:6c:c3:66: 47:f1:2d:c7:bf:a1:39:b0:f5:80:c6:f3:64:45:2b: d3:e8:d0:36:48:6a:2a:ca:cd:1e:36:76:bb:bd:d9: 3f:c4:1b:19:33:b9:e4:a1:15:84:63:a9:38:f5:60: 61:f3:d1:ce:b4:ba:e4:45:c8:f3:83:3b:66:be:3f: 1a:d1:d9:09:7e:e4:2d:bc:c3:b1:10:c3:60:d1:71: ff:46:f0:f6:cf:67:b5:9e:39:d4:72:4c:01:4d:42: 36:b0:4c:81:75:f0:0b:47:b6:5e:97:ec:eb:35:db: cc:3c:a4:f2:f4:c8:23:67:44:fa:ad:0f:68:7c:56: 4f:44:6a:7f:f3:aa:2b:38:5f:4e:9a:44:89:8c:41: 76:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:B4:1C:54:6C:02:86:D8:7B:4D:9B:81:BA:19:08:B5:29:71:60:00 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:ac:23:86:0d:0c:e2:39:9b:c7:16:5c:b8:32:9c:2d:ce:c9: 47:ed:85:30:d1:9f:a6:4d:bf:29:60:6f:55:91:0a:a5:d1:a1: e9:23:11:62:c1:86:86:6f:89:8e:a4:89:fb:68:8c:a0:c6:30: 99:c0:9e:86:99:df:30:ba:9b:ef:13:ec:94:19:55:41:01:09: 3c:13:4a:f8:5d:d6:9d:a7:11:e4:7d:1a:df:7a:ec:6f:e6:23: e2:83:55:e0:33:44:d3:5e:c7:bc:90:63:90:26:c0:78:35:07: 1e:2c:d5:d4:63:31:ef:53:6e:a1:f7:3b:29:00:0c:d5:c2:ae: ef:52:9a:ba:ac:47:e7:72:c2:9e:84:5e:f4:32:8b:63:68:37: a5:b7:b4:ec:88:c3:4c:e6:ff:d9:f8:94:9f:b7:6e:3d:ec:94: 70:c0:53:f3:79:9a:91:b2:45:55:99:c2:1e:fb:18:5e:9c:5e: f6:72:57:77:de:6c:c4:c0:f4:b8:72:01:d6:b0:a2:e8:92:7c: a6:bd:bf:92:30:9b:9f:f3:14:51:97:c1:be:32:9a:08:ac:54: 35:9a:ca:7e:3f:6c:61:0f:55:c4:63:fa:7a:25:0b:66:64:3c: 42:1e:82:1e:57:45:29:cb:51:c6:d3:58:fc:92:f3:31:fd:ac: b5:7c:b1:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwNjI4MTYwNDUzWhcNMjUwNzA1MTYwNDUzWjAYMRYwFAYD VQQDEw02ODYwMTJhNi0wYmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1+uXdXMdeSf3iLWuAhSdWonTnivRd8CzR2xvPGb+/RxTW1D05cQa4gQyezCK Ll3R2fe1dNnIr7LeJYMPWZAEoihi/CkN6+DQmfbvoNyVrLBICk3vPdYtQDPw78op HAWTpETc0qF+60aTyc/XsQSTMobC07xsw2ZH8S3Hv6E5sPWAxvNkRSvT6NA2SGoq ys0eNna7vdk/xBsZM7nkoRWEY6k49WBh89HOtLrkRcjzgztmvj8a0dkJfuQtvMOx EMNg0XH/RvD2z2e1njnUckwBTUI2sEyBdfALR7Zel+zrNdvMPKTy9MgjZ0T6rQ9o fFZPRGp/86orOF9OmkSJjEF2TwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP20HFRs AobYe02bgboZCLUpcWAAMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSrCOGDQziOZvHFly4MpwtzslH7YUw0Z+mTb8pYG9VkQql0aHpIxFi wYaGb4mOpIn7aIygxjCZwJ6Gmd8wupvvE+yUGVVBAQk8E0r4XdadpxHkfRrfeuxv 5iPig1XgM0TTXse8kGOQJsB4NQceLNXUYzHvU26h9zspAAzVwq7vUpq6rEfncsKe hF70MotjaDelt7TsiMNM5v/Z+JSft2497JRwwFPzeZqRskVVmcIe+xhenF72cld3 3mzEwPS4cgHWsKLoknymvb+SMJuf8xRRl8G+MpoIrFQ1msp+P2xhD1XEY/p6JQtm ZDxCHoIeV0Upy1HG01j8kvMx/ay1fLG1 -----END CERTIFICATE-----Generated at Mon Jun 30 14:10:59 2025 by rpki-client