$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft File: IrGnF151_9hHOR8sLpZl5O7ht0I.mft (raw, json) Hash identifier: eW6llTLpIviAlLN6EpeJFT6kU29OSSgI9NA2IU4Sd+M= Subject key identifier: 9D:96:CE:FF:A6:4A:A8:62:15:6E:EC:51:B9:94:1E:FC:4A:3A:DA:15 Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Certificate serial: 1167 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft Manifest number: 112C Signing time: Fri 22 Aug 2025 17:24:51 +0000 Manifest this update: Fri 22 Aug 2025 17:24:50 +0000 Manifest next update: Fri 29 Aug 2025 17:24:50 +0000 Files and hashes: 1: IrGnF151_9hHOR8sLpZl5O7ht0I.crl (hash: SS+XkRTtUlf01NJXV8ky5ZYdm5ejY3gvnp7mjqmoSHk=) 2: D9BBFBDA4D3111F099A48033C4F9AE02.roa (hash: A1A/LnUqdsNFUNCbA9pj78Zy7mXZZnhX+0nyseCL3vE=) 3: 13D21C6EFEBA11ED9D83553FC4F9AE02.roa (hash: mPVwkbrmgIGFwgmxOu/KgFG11TMB51WhYaitUgpspRc=) 4: 98A0F61840AD11F0BB332714C4F9AE02.roa (hash: tKQU1f9hJtuAYfiy2kdRz9mYUmd+c/z8iKCPuJpB5Jo=) 5: 97F6216640AD11F0BB332714C4F9AE02.roa (hash: D/cwdq2qeau3nAVw8Sz3zqNDQKjgr7DJFvLl2UTQid4=) 6: A9204F96917F11EDA5B26357C4F9AE02.roa (hash: GKHRKfwk3bqrqOFGPvJ+kjY0NTnB33jXoiW8bXeNOjw=) 7: 6521A70C395411F0AF136459C4F9AE02.roa (hash: 4Idad4dFmk8KzOmK1O+klRuBqcKZ7Fg2fSUd52ueJnE=) 8: 16C96BAE18E311EFB8960668C4F9AE02.roa (hash: PDXFymAQeHbTCItIfy8LqqoHr3PVKA+eJZNU6voGL5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:24:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4455 (0x1167) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E57DC, serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Validity Not Before: Aug 22 17:24:50 2025 GMT Not After : Aug 29 17:24:50 2025 GMT Subject: CN=68a8a7e2-769c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:0b:7d:f6:40:f3:3d:a4:05:c5:a0:16:bf:1c: 71:67:23:ad:c7:3c:a4:01:a6:89:56:18:23:a2:41: c2:31:38:a9:b2:8c:ad:b4:96:f3:cc:01:20:de:c3: 54:24:2f:5f:91:cb:51:6b:f0:b0:34:15:85:73:eb: d5:f1:a8:a7:85:dd:4a:86:98:e0:36:c7:e0:f9:14: 11:cd:5f:c7:25:f8:b6:cd:5b:f8:2c:b1:82:fd:16: fd:23:e3:e4:60:3f:43:3b:87:25:e6:e7:8b:43:97: 1c:dc:d7:48:ee:15:f9:6a:53:94:5c:8f:70:40:44: d3:46:15:2e:b0:84:20:f0:c2:58:f7:73:2e:c5:e8: 8a:07:c1:ac:b7:18:bb:f2:7b:32:14:d2:24:de:ef: 48:dc:63:a1:4f:1c:a2:f8:34:21:e4:bd:a3:70:bd: 65:ab:5d:4f:02:7a:a4:c5:55:0f:7d:ec:84:b9:d0: 41:83:09:62:a1:37:c4:22:30:d9:c7:86:b7:04:0f: 18:38:8a:88:e0:5f:f9:a9:f7:75:53:a1:fe:29:e1: ac:ed:9a:13:90:fb:b3:53:de:1a:33:a8:57:06:b9: 6f:ed:0e:34:3e:23:08:67:b9:85:e0:3b:04:ce:6a: 4a:37:0c:c1:ff:7e:3f:a7:91:35:bb:fe:61:d0:6f: b0:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:96:CE:FF:A6:4A:A8:62:15:6E:EC:51:B9:94:1E:FC:4A:3A:DA:15 X509v3 Authority Key Identifier: keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:81:c9:04:d1:e5:2e:ba:be:e9:a0:8e:51:9c:2c:0e:b8:a2: a0:1f:25:89:83:b6:40:9b:be:6e:93:d0:ef:1b:d9:7f:4f:4e: a7:06:d6:00:90:f8:0c:ee:6d:2e:a4:8b:15:4c:d2:65:1f:7e: 7b:dc:1d:32:41:21:07:c4:a5:13:69:4e:a2:90:4d:cd:86:5e: b0:8f:85:ef:65:b4:e0:15:29:e7:16:6b:8e:1f:28:3e:82:b5: 0d:8e:f5:65:06:f0:aa:cc:1f:f2:82:63:aa:e4:e7:ac:84:00: a9:5c:9b:5c:35:73:d7:4e:d1:86:3c:c7:0c:ff:ec:3e:ac:47: ac:ca:91:3c:83:fc:13:bd:4b:66:75:1b:f3:e6:ae:8f:6e:4a: be:40:41:3f:c3:7d:95:9f:0e:20:54:b4:9a:18:8b:82:e1:c1: 77:3e:dd:f1:7f:45:3f:69:b8:ce:0f:79:f9:3f:3b:5c:33:3f: a9:1d:33:53:ab:32:58:6e:1e:ac:e8:6d:a9:9a:c3:8e:cf:74: 5f:cc:98:1b:74:e0:b0:4d:c4:cd:cc:13:e8:d7:f8:8c:90:47: 6a:5c:1b:2a:4c:37:fe:3b:b5:6e:0e:e9:e9:a6:ea:27:6f:79: 6e:c5:af:24:32:b5:85:55:86:d2:09:eb:34:34:30:65:e5:f6: b4:72:ab:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0 RUVFMUI3NDIwHhcNMjUwODIyMTcyNDUwWhcNMjUwODI5MTcyNDUwWjAYMRYwFAYD VQQDEw02OGE4YTdlMi03NjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1At99kDzPaQFxaAWvxxxZyOtxzykAaaJVhgjokHCMTipsoyttJbzzAEg3sNU JC9fkctRa/CwNBWFc+vV8ainhd1KhpjgNsfg+RQRzV/HJfi2zVv4LLGC/Rb9I+Pk YD9DO4cl5ueLQ5cc3NdI7hX5alOUXI9wQETTRhUusIQg8MJY93MuxeiKB8Gstxi7 8nsyFNIk3u9I3GOhTxyi+DQh5L2jcL1lq11PAnqkxVUPfeyEudBBgwlioTfEIjDZ x4a3BA8YOIqI4F/5qfd1U6H+KeGs7ZoTkPuzU94aM6hXBrlv7Q40PiMIZ7mF4DsE zmpKNwzB/34/p5E1u/5h0G+wawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ2Wzv+m SqhiFW7sUbmUHvxKOtoVMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0 MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTdEQy8zNUY3OTg2NjFGMDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85 aEhPUjhzTHBabDVPN2h0MEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKgckE0eUuur7poI5RnCwOuKKgHyWJg7ZAm75uk9DvG9l/T06nBtYA kPgM7m0upIsVTNJlH3573B0yQSEHxKUTaU6ikE3Nhl6wj4XvZbTgFSnnFmuOHyg+ grUNjvVlBvCqzB/ygmOq5OeshACpXJtcNXPXTtGGPMcM/+w+rEesypE8g/wTvUtm dRvz5q6Pbkq+QEE/w32Vnw4gVLSaGIuC4cF3Pt3xf0U/abjOD3n5PztcMz+pHTNT qzJYbh6s6G2pmsOOz3RfzJgbdOCwTcTNzBPo1/iMkEdqXBsqTDf+O7VuDunppuon b3luxa8kMrWFVYbSCes0NDBl5fa0cqu3 -----END CERTIFICATE-----Generated at Sat Aug 23 17:09:05 2025 by rpki-client