$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: D4brOEGm7oPMyFOHE4H5vmE61/4GgHty5UT5vy64KqU= Subject key identifier: BA:F6:74:9A:5A:AA:8A:35:02:23:AC:41:08:55:60:13:5A:CA:71:98 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 85 Signing time: Sat 19 Jul 2025 06:50:00 +0000 Manifest this update: Sat 19 Jul 2025 06:49:59 +0000 Manifest next update: Sat 26 Jul 2025 06:49:59 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 0agNbDkR5pY8d5faWxb2MwUN85QARCn/0nm0OxJHLnA=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:49:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Jul 19 06:49:59 2025 GMT Not After : Jul 26 06:49:59 2025 GMT Subject: CN=687b4018-b691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:50:e5:d9:71:72:7e:30:2c:f4:0c:10:ea:3d: 08:2d:9f:a4:86:10:81:40:e9:15:7a:87:90:8e:cf: 61:e9:33:f2:6b:0d:b9:24:26:db:23:d2:25:5b:b9: 13:a9:26:70:bb:d9:7d:db:7e:29:37:35:3b:22:ad: 96:7a:67:a1:f9:3a:3f:64:b2:a9:ae:33:82:a7:de: e0:53:fb:73:3e:98:f9:e7:89:f0:5c:83:42:c2:71: dc:a7:ca:f9:dc:33:4e:97:03:65:b0:b4:11:3a:9d: d0:66:16:ee:d8:9b:e4:be:13:7e:56:3f:ce:19:e7: 2d:ad:8c:30:1c:37:69:76:60:1a:b5:b3:68:a6:e0: 31:74:82:6d:03:6b:38:12:86:e9:d4:5f:c6:cd:6c: ff:bd:62:36:3d:0c:8c:9c:9c:6b:97:26:2a:ba:69: d5:8a:6e:33:71:d6:16:a9:e6:31:f1:8a:4d:48:d1: 2f:9b:82:eb:73:36:cd:6e:dd:ac:9e:8a:c2:5a:e9: 40:cf:bb:f5:09:e1:77:c6:fe:f8:d4:92:f2:7a:15: 16:0e:64:da:a3:8f:a5:eb:77:39:64:ff:f4:a2:01: e8:42:85:88:01:26:cc:41:b9:87:91:b7:42:51:24: 43:85:6c:e8:8d:a8:14:81:09:93:82:8b:1b:58:d2: 03:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:F6:74:9A:5A:AA:8A:35:02:23:AC:41:08:55:60:13:5A:CA:71:98 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:19:6d:2d:ad:7d:84:05:ef:d8:cd:3f:3e:b9:4d:4f:67:cd: 7e:35:b9:89:b4:07:03:b4:9e:ac:c7:46:e8:27:7a:2e:5b:d0: 86:45:50:32:4b:73:aa:c3:81:1c:b9:d3:68:51:df:b3:95:0f: e6:ef:4a:a8:14:6f:76:91:fd:0b:aa:f1:72:56:3a:16:a1:1f: 65:ed:7e:9f:5a:33:ab:81:b3:da:1f:16:bf:bf:1f:b5:1e:17: fd:20:53:20:b0:6b:05:b4:04:2e:7d:6b:9e:8e:d3:72:c3:dc: 7a:d5:28:21:8d:71:f2:d2:ec:d1:9f:18:05:7e:b0:5f:14:ed: 40:15:c0:d8:29:fe:13:3b:36:46:0e:23:a3:1f:2b:dd:42:6e: 1e:e9:ae:22:72:69:e4:ee:a2:6f:62:b4:a4:90:8b:2a:0a:b7: 81:d6:1f:ab:1c:bd:8d:89:0e:63:46:37:b4:2e:1e:d6:a6:cb: 40:cc:8b:a0:e8:7c:86:b5:c8:60:e6:e1:57:e8:aa:f4:d9:2b: 00:1c:f0:51:e6:45:29:c2:7d:b5:4d:4f:1a:2e:9a:68:07:40: 36:2a:e7:d0:ce:c8:27:ab:0e:cd:ad:43:51:13:81:03:5e:1e: da:9c:70:13:a1:fa:9e:c5:11:8e:4c:80:d6:3e:2a:f9:1f:b7: 51:b9:ca:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUwNzE5MDY0OTU5WhcNMjUwNzI2MDY0OTU5WjAYMRYwFAYD VQQDEw02ODdiNDAxOC1iNjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAolDl2XFyfjAs9AwQ6j0ILZ+khhCBQOkVeoeQjs9h6TPyaw25JCbbI9IlW7kT qSZwu9l9234pNzU7Iq2Wemeh+To/ZLKprjOCp97gU/tzPpj554nwXINCwnHcp8r5 3DNOlwNlsLQROp3QZhbu2JvkvhN+Vj/OGectrYwwHDdpdmAatbNopuAxdIJtA2s4 Eobp1F/GzWz/vWI2PQyMnJxrlyYqumnVim4zcdYWqeYx8YpNSNEvm4LrczbNbt2s norCWulAz7v1CeF3xv741JLyehUWDmTao4+l63c5ZP/0ogHoQoWIASbMQbmHkbdC USRDhWzojagUgQmTgosbWNIDuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLr2dJpa qoo1AiOsQQhVYBNaynGYMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWGW0trX2EBe/YzT8+uU1PZ81+NbmJtAcDtJ6sx0boJ3ouW9CGRVAy S3Oqw4EcudNoUd+zlQ/m70qoFG92kf0LqvFyVjoWoR9l7X6fWjOrgbPaHxa/vx+1 Hhf9IFMgsGsFtAQufWuejtNyw9x61SghjXHy0uzRnxgFfrBfFO1AFcDYKf4TOzZG DiOjHyvdQm4e6a4icmnk7qJvYrSkkIsqCreB1h+rHL2NiQ5jRje0Lh7WpstAzIug 6HyGtchg5uFX6Kr02SsAHPBR5kUpwn21TU8aLppoB0A2KufQzsgnqw7NrUNRE4ED Xh7anHATofqexRGOTIDWPir5H7dRucqq -----END CERTIFICATE-----Generated at Sun Jul 20 20:47:23 2025 by rpki-client