$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft File: IrGnF151_9hHOR8sLpZl5O7ht0I.mft (raw, json) Hash identifier: Z74Ecpsl+TLZP8+BuI7dG3c5W6hyX2vP0YPuiEt7kZM= Subject key identifier: 17:1A:B8:A4:3A:62:FE:A0:C4:16:4B:C5:2A:A4:44:83:D6:D3:04:8F Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Certificate serial: 114C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft Manifest number: 1111 Signing time: Mon 30 Jun 2025 17:30:44 +0000 Manifest this update: Mon 30 Jun 2025 17:30:44 +0000 Manifest next update: Mon 07 Jul 2025 17:30:44 +0000 Files and hashes: 1: IrGnF151_9hHOR8sLpZl5O7ht0I.crl (hash: wDksal9fk1fKotrVbFN/nzKapOfI/5V/MeOJ7eGQNbQ=) 2: D9BBFBDA4D3111F099A48033C4F9AE02.roa (hash: A1A/LnUqdsNFUNCbA9pj78Zy7mXZZnhX+0nyseCL3vE=) 3: 13D21C6EFEBA11ED9D83553FC4F9AE02.roa (hash: mPVwkbrmgIGFwgmxOu/KgFG11TMB51WhYaitUgpspRc=) 4: 98A0F61840AD11F0BB332714C4F9AE02.roa (hash: tKQU1f9hJtuAYfiy2kdRz9mYUmd+c/z8iKCPuJpB5Jo=) 5: 97F6216640AD11F0BB332714C4F9AE02.roa (hash: D/cwdq2qeau3nAVw8Sz3zqNDQKjgr7DJFvLl2UTQid4=) 6: A9204F96917F11EDA5B26357C4F9AE02.roa (hash: GKHRKfwk3bqrqOFGPvJ+kjY0NTnB33jXoiW8bXeNOjw=) 7: 6521A70C395411F0AF136459C4F9AE02.roa (hash: 4Idad4dFmk8KzOmK1O+klRuBqcKZ7Fg2fSUd52ueJnE=) 8: 16C96BAE18E311EFB8960668C4F9AE02.roa (hash: PDXFymAQeHbTCItIfy8LqqoHr3PVKA+eJZNU6voGL5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 17:30:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4428 (0x114c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E57DC, serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Validity Not Before: Jun 30 17:30:44 2025 GMT Not After : Jul 7 17:30:44 2025 GMT Subject: CN=6862c9c4-a64c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:69:81:08:f2:94:20:01:c9:1c:ef:50:f1:8a: ee:4e:28:82:3a:27:13:2f:3f:fd:41:72:5f:24:81: f5:3a:0b:1c:88:9a:ee:3a:ea:5d:4a:d1:05:0d:1c: fb:47:cf:80:9c:8d:83:64:ef:08:d2:64:14:10:8a: ef:fc:2f:cf:3a:6a:ed:84:52:ff:dc:c9:c4:bf:3a: ba:50:87:99:68:cc:e3:95:d4:06:15:aa:98:ef:93: eb:b9:37:93:24:ad:a4:25:ac:bd:9e:3f:2d:39:06: 8a:93:03:2a:8a:1e:f5:68:da:b0:84:a2:41:9c:b7: 9f:cc:fe:c2:ca:2f:e6:e7:47:f3:7b:fa:7e:74:c0: c3:bf:0f:28:c6:57:1c:49:f0:40:dd:04:82:1c:bf: 64:03:ff:29:9f:2e:1e:8b:e1:c9:fd:34:42:62:16: 2f:b9:42:01:99:4d:22:e7:1f:b9:ac:61:e1:91:60: fc:a6:b1:db:c3:2a:39:46:96:6f:23:51:a8:e7:df: 6c:ab:a4:59:11:e8:84:e9:cf:51:8d:7e:47:07:1d: e5:b2:02:fb:a2:ba:27:a1:27:0f:77:44:3a:c8:4d: 83:3b:ee:61:bb:00:41:8f:d7:b5:6e:0c:cc:3f:d3: 7c:44:28:c8:1d:66:0a:f8:9c:5b:82:eb:c3:f2:1c: 45:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:1A:B8:A4:3A:62:FE:A0:C4:16:4B:C5:2A:A4:44:83:D6:D3:04:8F X509v3 Authority Key Identifier: keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:d5:bc:89:fe:8b:fb:91:61:13:f3:25:a2:4f:83:8b:6d:a9: b4:09:54:bf:6d:af:57:73:12:b8:20:c2:35:c4:f9:10:f5:94: aa:aa:6f:ee:d9:1d:ff:d2:bd:42:3f:9c:90:ec:d3:15:e9:1c: eb:8d:b4:52:e3:c2:21:ed:cf:0e:a3:5d:8a:31:60:f2:d1:0c: 2c:57:8e:39:3a:8c:fe:99:f0:b0:a7:5e:d0:77:96:19:2d:e3: 1f:0b:c1:e1:df:63:4b:36:5c:14:5e:2b:72:fb:64:d3:51:d8: 29:87:b8:d9:bd:38:7e:e5:2d:e4:8c:07:c6:d1:ed:75:a4:61: 7a:fd:8d:0f:8c:39:59:21:5d:71:27:e1:14:5d:e2:09:b3:5c: 03:36:34:a2:6a:db:60:f0:aa:47:65:e7:71:a2:46:ce:8f:fd: b2:60:33:73:cd:ed:b4:11:fb:02:75:a5:cc:03:4c:53:94:40: b3:1d:a4:46:8a:75:bd:e6:4b:5e:23:3a:3e:dc:d4:7f:5a:83: e9:dd:47:9e:c7:bf:b4:81:09:00:ec:ac:6e:ff:e4:42:17:7a: 0c:1f:5f:f0:aa:30:a8:e7:1a:78:45:c5:f2:f4:7b:16:6e:49: e3:9e:43:0e:39:4a:0a:52:66:b7:7f:cc:35:fb:6e:57:22:34: 51:e1:fb:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0 RUVFMUI3NDIwHhcNMjUwNjMwMTczMDQ0WhcNMjUwNzA3MTczMDQ0WjAYMRYwFAYD VQQDEw02ODYyYzljNC1hNjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxWmBCPKUIAHJHO9Q8YruTiiCOicTLz/9QXJfJIH1OgsciJruOupdStEFDRz7 R8+AnI2DZO8I0mQUEIrv/C/POmrthFL/3MnEvzq6UIeZaMzjldQGFaqY75PruTeT JK2kJay9nj8tOQaKkwMqih71aNqwhKJBnLefzP7Cyi/m50fze/p+dMDDvw8oxlcc SfBA3QSCHL9kA/8pny4ei+HJ/TRCYhYvuUIBmU0i5x+5rGHhkWD8prHbwyo5RpZv I1Go599sq6RZEeiE6c9RjX5HBx3lsgL7oronoScPd0Q6yE2DO+5huwBBj9e1bgzM P9N8RCjIHWYK+JxbguvD8hxFhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBcauKQ6 Yv6gxBZLxSqkRIPW0wSPMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0 MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTdEQy8zNUY3OTg2NjFGMDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85 aEhPUjhzTHBabDVPN2h0MEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+1byJ/ov7kWET8yWiT4OLbam0CVS/ba9XcxK4IMI1xPkQ9ZSqqm/u 2R3/0r1CP5yQ7NMV6RzrjbRS48Ih7c8Oo12KMWDy0QwsV445Ooz+mfCwp17Qd5YZ LeMfC8Hh32NLNlwUXity+2TTUdgph7jZvTh+5S3kjAfG0e11pGF6/Y0PjDlZIV1x J+EUXeIJs1wDNjSiattg8KpHZedxokbOj/2yYDNzze20EfsCdaXMA0xTlECzHaRG inW95kteIzo+3NR/WoPp3Ueex7+0gQkA7Kxu/+RCF3oMH1/wqjCo5xp4RcXy9HsW bknjnkMOOUoKUma3f8w1+25XIjRR4fuh -----END CERTIFICATE-----Generated at Wed Jul 2 13:31:49 2025 by rpki-client