$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: I7Q+OheTFQ31FK1ck8YrYARPtOoih25K53MiB2QIn9Q= Subject key identifier: AC:5B:CF:59:23:99:F1:4F:93:8F:04:E5:53:3A:FD:5F:CF:A4:13:53 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D56 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CE1 Signing time: Fri 18 Jul 2025 16:18:06 +0000 Manifest this update: Fri 18 Jul 2025 16:18:05 +0000 Manifest next update: Fri 25 Jul 2025 16:18:05 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: G4wFGb8pcfsJnfFvFVJfWTtn9PyXw4BoEIByubdGiiE=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 10: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: UwXH1XygsxxIwL/5ppPhVWdo9CvnJPBBvjk5qqmH4lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 16:18:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7510 (0x1d56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Jul 18 16:18:05 2025 GMT Not After : Jul 25 16:18:05 2025 GMT Subject: CN=687a73be-4407 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5f:aa:44:f4:d5:78:41:b7:d5:2d:f2:64:9f: 90:6c:ea:6e:0f:2d:ab:5b:de:cf:87:84:7a:17:3a: 6f:e0:cf:bc:d0:9e:ff:e9:3c:ac:24:bc:b4:ad:b0: b1:76:b6:3b:1e:29:c6:12:08:c0:3d:38:90:11:06: 25:1b:c6:42:48:82:5f:60:05:83:17:bc:b8:a7:22: bf:8f:20:66:92:98:04:09:21:62:b9:c0:32:8b:f3: b2:fd:f6:30:73:28:14:ea:05:9d:b8:64:71:01:60: ee:5b:e2:6f:f9:06:a5:80:fc:20:69:f2:5b:12:84: 24:11:95:bd:7f:65:d7:07:3e:df:2e:83:a9:f3:ca: 6c:69:6b:20:0d:d4:1a:bb:3e:d3:d3:bb:92:1b:1d: cb:59:52:60:b5:5c:ce:84:f9:a1:cb:72:11:4f:2d: a7:65:d5:fd:3c:89:3b:cc:6a:77:39:cc:49:ae:19: 79:79:b8:8a:dc:bf:15:17:89:24:ca:cf:1a:13:55: 68:26:94:d9:e4:8d:5c:00:33:d6:e6:0a:02:9c:f5: 52:70:f0:0f:83:e9:45:84:d5:2c:f4:d8:fb:8d:88: 76:a0:2c:57:4e:fe:47:8c:92:e7:97:ac:8d:d0:c4: 3d:e3:f2:d2:77:1a:23:50:ad:82:d1:7f:27:9b:7f: fa:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:5B:CF:59:23:99:F1:4F:93:8F:04:E5:53:3A:FD:5F:CF:A4:13:53 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d3:60:71:ed:37:82:52:79:16:8d:4c:96:11:fe:2c:fb:74:cd: 9e:27:6f:f6:ef:b4:de:42:22:43:a7:f3:04:b2:a3:b2:29:6d: 0d:d0:6d:1e:90:21:e4:53:7e:0e:e5:08:80:8a:59:f9:d2:c5: 50:dc:6e:98:96:83:1a:6f:b6:3a:06:3a:17:37:6e:5c:dc:1e: 86:5e:31:00:95:60:0b:f9:d3:99:35:a5:0d:db:be:92:8b:93: f1:a2:8b:c5:c4:32:ec:da:48:e1:86:a3:95:d5:c1:51:5e:cb: dd:17:b2:40:7a:85:77:8a:b0:e5:92:15:4e:56:68:29:27:86: 0b:68:f7:55:33:de:41:3c:f6:94:c4:7c:2a:73:66:ed:b9:d3: 55:17:10:1e:33:b1:82:b9:64:0f:dd:bd:35:9b:82:ef:33:c1: 94:e3:45:1e:69:0b:e7:cf:c9:f7:00:aa:e4:5a:e4:e9:f4:58: 31:5c:d7:e6:f9:63:62:5e:7f:5e:f9:c0:dd:ed:da:ed:f3:23: 19:08:ab:1d:92:05:6e:d9:0d:b1:66:31:be:94:03:58:29:83: a1:8d:6c:aa:24:70:b7:eb:d1:35:80:7d:84:71:29:15:94:7e: 5a:a1:fc:47:51:7d:bf:35:97:fe:3b:08:04:7c:2d:c6:0b:e9: 5d:8d:7a:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwNzE4MTYxODA1WhcNMjUwNzI1MTYxODA1WjAYMRYwFAYD VQQDEw02ODdhNzNiZS00NDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtl+qRPTVeEG31S3yZJ+QbOpuDy2rW97Ph4R6Fzpv4M+80J7/6TysJLy0rbCx drY7HinGEgjAPTiQEQYlG8ZCSIJfYAWDF7y4pyK/jyBmkpgECSFiucAyi/Oy/fYw cygU6gWduGRxAWDuW+Jv+QalgPwgafJbEoQkEZW9f2XXBz7fLoOp88psaWsgDdQa uz7T07uSGx3LWVJgtVzOhPmhy3IRTy2nZdX9PIk7zGp3OcxJrhl5ebiK3L8VF4kk ys8aE1VoJpTZ5I1cADPW5goCnPVScPAPg+lFhNUs9Nj7jYh2oCxXTv5HjJLnl6yN 0MQ94/LSdxojUK2C0X8nm3/64wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKxbz1kj mfFPk48E5VM6/V/PpBNTMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDTYHHtN4JSeRaNTJYR/iz7dM2eJ2/277TeQiJDp/MEsqOyKW0N0G0e kCHkU34O5QiAiln50sVQ3G6YloMab7Y6BjoXN25c3B6GXjEAlWAL+dOZNaUN276S i5PxoovFxDLs2kjhhqOV1cFRXsvdF7JAeoV3irDlkhVOVmgpJ4YLaPdVM95BPPaU xHwqc2btudNVFxAeM7GCuWQP3b01m4LvM8GU40UeaQvnz8n3AKrkWuTp9FgxXNfm +WNiXn9e+cDd7drt8yMZCKsdkgVu2Q2xZjG+lANYKYOhjWyqJHC369E1gH2EcSkV lH5aofxHUX2/NZf+OwgEfC3GC+ldjXr1 -----END CERTIFICATE-----Generated at Sun Jul 20 10:20:40 2025 by rpki-client