$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: Ch14yZFWg8ioqzHz7N/oUK3gi8iMdBoykLJ4h4MWfFI= Subject key identifier: 65:4A:52:F8:2A:99:DC:AD:78:E3:A6:50:3B:E4:EB:57:B7:2B:98:60 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 51 Signing time: Sat 05 Apr 2025 06:31:36 +0000 Manifest this update: Sat 05 Apr 2025 06:31:36 +0000 Manifest next update: Sat 12 Apr 2025 06:31:36 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: qXizLI5bQOsWmYfxeSS6/MJ+dCWeP3CRMucbn+nd2Ks=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:31:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11 Validity Not Before: Apr 5 06:31:36 2025 GMT Not After : Apr 12 06:31:36 2025 GMT Subject: CN=67f0ce48-198e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:d5:ce:ae:c8:fb:a1:0d:95:34:8f:46:b4:11: 43:d8:fb:d0:9d:86:d9:62:dc:d1:8c:36:c0:f9:37: d9:c3:15:82:0e:69:5d:ba:6a:1b:f9:5e:8d:26:8e: 98:c8:1c:43:e8:d4:c5:4f:f3:a4:bf:25:12:4b:ef: 84:b4:b6:7f:e8:6b:22:29:68:b2:1a:9f:d3:ea:2c: 6d:7b:e7:ab:69:39:33:83:56:80:c6:31:5f:d8:e6: 3c:bf:fb:c6:be:cb:ab:5c:6d:e0:70:31:30:05:f1: 0f:5e:70:9d:0b:ca:8f:f7:f1:16:b5:91:13:9b:d9: d8:37:8c:c9:fa:01:8e:f8:51:73:d6:7b:15:41:a9: 1b:4d:94:ef:bb:a0:7a:73:44:45:06:53:33:e9:24: 69:19:a0:0c:af:fe:e0:25:47:34:cb:c6:d0:1c:33: b8:5f:94:06:89:ae:d7:bb:76:81:31:5a:ee:fe:d1: 0c:d9:bf:b7:03:1b:7c:f1:09:4f:a0:e1:ee:af:11: 01:70:59:39:fd:89:22:df:bd:40:fe:13:d9:58:15: c1:9a:35:6e:72:68:7c:79:d8:5d:b9:c6:12:7d:f0: 40:fe:ca:8b:d3:25:3f:26:85:46:10:93:52:df:4b: 72:db:2c:14:28:3b:f1:a9:90:1e:09:a3:1a:fd:ef: 92:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4A:52:F8:2A:99:DC:AD:78:E3:A6:50:3B:E4:EB:57:B7:2B:98:60 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:c6:79:b3:aa:cd:ef:9e:5b:19:ec:d8:d4:72:32:d5:e7:a0: 8f:ed:73:f5:b0:be:95:9d:78:15:c6:cc:29:4b:56:0a:5a:79: 9a:61:0f:01:1e:ac:1b:a2:6c:11:2f:59:83:8d:b6:7a:b6:99: 63:8b:26:cf:5f:e0:3f:50:e4:f6:77:c5:55:3f:3f:71:30:dd: 7c:b0:07:57:75:94:e6:b5:50:02:bd:a4:61:2c:3c:3e:f5:c9: c7:47:54:d1:74:3c:2d:4e:90:8e:e3:ad:e4:60:ea:31:39:85: 8f:0e:31:6d:89:45:e1:8c:a2:10:e4:02:1f:f9:83:30:d4:1a: 75:42:5e:aa:04:1d:46:da:f2:2f:83:ba:c6:a3:46:d6:72:02: 03:e8:a1:a0:28:e1:27:82:24:34:64:d1:8d:40:e3:ee:33:a5: ac:13:7c:b6:b7:db:a5:d4:92:1b:ef:e6:09:e7:23:fc:fc:55: 78:c9:a0:cd:b1:4b:62:cc:c9:34:1d:30:32:f7:1e:e6:8a:cf: 31:0c:aa:76:d8:38:6f:bb:c0:21:63:9b:b5:aa:ed:37:bb:49: 24:bf:ed:f8:5c:ce:d1:19:7a:9e:bc:05:94:de:c5:74:21:d8: 6b:2a:be:51:3c:5d:5a:21:7c:84:00:0f:97:e0:c4:c9:61:ba: 4b:a8:83:89 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA0MDUwNjMxMzZaFw0yNTA0MTIwNjMxMzZaMBgxFjAUBgNV BAMTDTY3ZjBjZTQ4LTE5OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDz1c6uyPuhDZU0j0a0EUPY+9Cdhtli3NGMNsD5N9nDFYIOaV26ahv5Xo0mjpjI HEPo1MVP86S/JRJL74S0tn/oayIpaLIan9PqLG1756tpOTODVoDGMV/Y5jy/+8a+ y6tcbeBwMTAF8Q9ecJ0Lyo/38Ra1kROb2dg3jMn6AY74UXPWexVBqRtNlO+7oHpz REUGUzPpJGkZoAyv/uAlRzTLxtAcM7hflAaJrte7doExWu7+0QzZv7cDG3zxCU+g 4e6vEQFwWTn9iSLfvUD+E9lYFcGaNW5yaHx52F25xhJ98ED+yovTJT8mhUYQk1Lf S3LbLBQoO/GpkB4Joxr975KRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZUpS+CqZ 3K1446ZQO+TrV7crmGAwHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAbGebOqze+eWxns2NRyMtXnoI/tc/WwvpWdeBXGzClLVgpaeZphDwEe rBuibBEvWYONtnq2mWOLJs9f4D9Q5PZ3xVU/P3Ew3XywB1d1lOa1UAK9pGEsPD71 ycdHVNF0PC1OkI7jreRg6jE5hY8OMW2JReGMohDkAh/5gzDUGnVCXqoEHUba8i+D usajRtZyAgPooaAo4SeCJDRk0Y1A4+4zpawTfLa326XUkhvv5gnnI/z8VXjJoM2x S2LMyTQdMDL3HuaKzzEMqnbYOG+7wCFjm7Wq7Te7SSS/7fhcztEZep68BZTexXQh 2GsqvlE8XVohfIQAD5fgxMlhukuog4k= -----END CERTIFICATE-----Generated at Sat Apr 5 23:51:53 2025 by rpki-client