$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: 6cwZvoo+IzAJHG/F4xAs9/orDaNayOjkFC+qqJ3zugo= Subject key identifier: 01:57:CC:57:17:EB:CE:1E:35:12:22:B6:39:5F:6E:13:60:AF:E1:B5 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 6F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 6D Signing time: Sun 01 Jun 2025 06:36:43 +0000 Manifest this update: Sun 01 Jun 2025 06:36:42 +0000 Manifest next update: Sun 08 Jun 2025 06:36:42 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: m8dhAy2SsvEIjmyfKQKa+ZHuUC1L/WM97K5d+WP9tAg=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:36:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 111 (0x6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Jun 1 06:36:42 2025 GMT Not After : Jun 8 06:36:42 2025 GMT Subject: CN=683bf4fb-5de6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:aa:6c:c1:ef:91:5e:25:ff:3c:20:bb:7b:3a: bc:b4:41:61:5a:98:22:ef:83:e9:d1:e1:22:79:41: 32:38:1e:78:e4:2c:10:1e:41:ac:1d:5d:31:0c:24: ae:04:ec:3f:25:5d:51:b3:9d:36:92:57:a7:02:0f: 7b:21:4c:03:03:7d:5a:02:7e:ba:1f:24:26:98:d4: 5f:db:54:d3:6f:5f:63:a3:af:dd:18:08:ca:8b:aa: 41:c8:43:ea:70:bc:50:84:44:ee:61:6a:0a:6f:ed: 18:d8:ef:35:f5:5d:d5:67:3f:1a:97:30:6e:50:70: 4b:f1:a5:13:f5:76:fe:03:a1:64:72:52:a6:4c:5f: 2e:fd:d5:16:04:8e:dd:ae:ef:37:88:aa:02:ff:05: fe:da:47:07:88:39:22:93:17:bb:28:3d:e5:93:58: 44:b6:fa:9c:1d:b3:e3:4e:be:91:07:fa:7a:17:9c: 28:c3:fe:29:fe:84:7c:fd:a5:4d:29:8d:d7:17:17: 94:65:49:8a:b9:e6:cd:35:3f:4c:6e:f3:86:2a:71: 82:e9:05:32:fc:fe:01:b9:b9:7d:0a:58:d4:66:b6: 07:d9:61:75:20:1b:fd:f2:bc:1f:46:f7:33:c6:dd: 1e:bb:a8:d1:f8:d9:f0:d3:ad:b1:f6:96:44:d4:35: cd:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:57:CC:57:17:EB:CE:1E:35:12:22:B6:39:5F:6E:13:60:AF:E1:B5 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:c5:66:eb:95:7f:58:48:90:e0:44:a0:3f:c0:fa:4e:a5:ef: 23:1f:fa:73:8e:bf:07:71:2d:e4:55:e1:35:d9:13:4f:17:de: 2f:45:a9:75:de:40:a2:b6:86:f3:99:da:95:55:50:cf:1b:b3: 57:ea:5c:70:99:67:22:20:12:81:6d:0c:4b:81:54:b8:5d:7a: e8:c3:99:ef:1f:01:f9:6d:0a:00:83:46:d3:9f:97:09:17:94: d5:a7:25:84:85:f8:f0:12:21:fa:6e:99:c4:07:66:80:d2:00: 72:a0:76:6d:49:02:29:2f:75:79:f3:36:3f:d4:d3:52:17:39: a6:d9:08:49:4d:bb:79:91:5c:a5:8f:ed:12:1a:9b:b4:b7:1f: fe:08:bb:30:74:da:13:18:61:9a:41:b8:16:15:85:12:37:5c: d1:80:42:f9:30:22:ad:67:21:66:8e:77:5a:67:d8:fa:22:d1: a9:72:18:5d:40:12:ae:e8:3b:01:82:7b:30:47:2e:46:97:dd: e8:68:4a:43:2f:f2:f7:d7:71:48:9b:fb:2a:a3:e6:29:04:02: be:fd:21:cd:d3:e6:3e:a1:5f:50:b8:1e:95:4d:b4:d5:0b:80: f8:5d:d4:2f:c2:2c:43:45:f8:43:7a:68:f1:23:6e:e9:09:d4: 6f:fc:95:52 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBbzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA2MDEwNjM2NDJaFw0yNTA2MDgwNjM2NDJaMBgxFjAUBgNV BAMTDTY4M2JmNGZiLTVkZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCyqmzB75FeJf88ILt7Ory0QWFamCLvg+nR4SJ5QTI4HnjkLBAeQawdXTEMJK4E 7D8lXVGznTaSV6cCD3shTAMDfVoCfrofJCaY1F/bVNNvX2Ojr90YCMqLqkHIQ+pw vFCERO5hagpv7RjY7zX1XdVnPxqXMG5QcEvxpRP1dv4DoWRyUqZMXy791RYEjt2u 7zeIqgL/Bf7aRweIOSKTF7soPeWTWES2+pwds+NOvpEH+noXnCjD/in+hHz9pU0p jdcXF5RlSYq55s01P0xu84YqcYLpBTL8/gG5uX0KWNRmtgfZYXUgG/3yvB9G9zPG 3R67qNH42fDTrbH2lkTUNc2TAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAVfMVxfr zh41EiK2OV9uE2Cv4bUwHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMHFZuuVf1hIkOBEoD/A+k6l7yMf+nOOvwdxLeRV4TXZE08X3i9FqXXe QKK2hvOZ2pVVUM8bs1fqXHCZZyIgEoFtDEuBVLhdeujDme8fAfltCgCDRtOflwkX lNWnJYSF+PASIfpumcQHZoDSAHKgdm1JAikvdXnzNj/U01IXOabZCElNu3mRXKWP 7RIam7S3H/4IuzB02hMYYZpBuBYVhRI3XNGAQvkwIq1nIWaOd1pn2Poi0alyGF1A Eq7oOwGCezBHLkaX3ehoSkMv8vfXcUib+yqj5ikEAr79Ic3T5j6hX1C4HpVNtNUL gPhd1C/CLENF+EN6aPEjbukJ1G/8lVI= -----END CERTIFICATE-----Generated at Mon Jun 2 21:09:24 2025 by rpki-client