$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: 1aScuCjyJZ74vb7of+SyVFgu7BrG+gA6W0G0moRgM7c= Subject key identifier: DE:AE:2E:5C:0B:39:9A:02:48:55:72:29:96:89:56:4D:88:BE:A5:57 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: A2 Signing time: Fri 05 Sep 2025 06:44:48 +0000 Manifest this update: Fri 05 Sep 2025 06:44:48 +0000 Manifest next update: Fri 12 Sep 2025 06:44:48 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: Q8uo1R/VQuPV5bOxS5yDlvpRueS9O4+fwFOTa4siOm4=) 2: 8B9AE5E6843211F099BF476CC4F9AE02.roa (hash: f0yL6dm4aQQSfB+ngsxTE6LWk8z3YuY+EKGRY0bzeRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 06:44:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Sep 5 06:44:48 2025 GMT Not After : Sep 12 06:44:48 2025 GMT Subject: CN=68ba86e0-8c4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:d6:a9:5d:d6:d4:2c:3c:96:d4:76:51:5d:b6: 03:15:9d:40:dd:8a:60:08:18:22:37:ae:fa:9d:05: d8:df:4e:03:61:a6:20:1e:05:4f:74:b8:f7:e9:c7: 7b:2e:9a:e5:0a:a4:d4:79:1e:c7:f6:bc:c4:5a:7e: f4:33:60:21:4d:7d:46:af:eb:7b:c6:e4:8b:5a:50: b0:13:24:85:fa:af:1d:dc:ce:40:e7:c8:3a:ca:8c: 69:a6:27:91:a5:d0:a7:2b:8f:23:8b:5a:c4:88:91: 01:47:b4:61:8c:16:ae:6f:4d:93:4d:3f:47:05:27: f6:60:fc:c5:9e:19:e0:19:74:c9:0e:89:af:28:dd: b5:74:a6:45:d5:98:b2:f9:2c:82:b5:7b:23:41:d0: 8d:cb:a7:83:08:3c:87:45:fb:2b:5c:9d:db:2c:d6: 20:19:96:5c:b2:85:8c:1b:48:3c:6e:b1:ec:fa:1f: 6a:e7:64:01:89:39:17:cc:27:51:eb:57:17:ea:f5: 1b:7a:df:05:ed:a7:b8:34:f7:68:d5:ba:2a:d3:31: f5:94:69:c2:d1:17:fd:40:88:92:30:57:db:d8:ab: 6c:91:4f:c8:31:ee:e2:b8:30:c1:a3:5e:5a:f5:06: 17:91:fc:a3:e3:c3:e1:d5:65:01:9a:f4:a3:af:f3: 1a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:AE:2E:5C:0B:39:9A:02:48:55:72:29:96:89:56:4D:88:BE:A5:57 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:42:78:af:fa:bc:34:1c:f6:ab:6d:72:a2:f2:82:43:87:db: 8b:a6:08:ec:46:5b:9a:04:38:bc:27:40:d3:b6:30:4a:5d:28: 38:47:51:d5:d7:0f:dd:59:ec:44:23:e0:ad:e1:14:e2:a1:e4: 56:1b:78:6b:2e:a8:cc:f2:4a:53:ec:19:7d:be:13:93:15:41: c5:4e:5f:d7:5b:ec:51:a9:b6:bc:d4:56:76:4c:34:23:68:f3: 39:2e:4e:de:91:e0:bb:33:9f:10:6f:eb:08:04:36:0f:95:20: 2e:12:2e:70:03:0b:b9:bf:c8:cb:6f:7c:20:8f:77:91:7d:b9: 60:38:99:fb:9f:c2:51:46:71:e6:f7:93:48:44:d0:37:1c:e2: 85:3b:54:fc:55:99:d5:21:16:ab:d2:85:f2:49:f0:59:ec:6c: 7d:2f:09:0a:7a:bd:7a:23:2c:0b:e2:5b:e6:95:27:3d:22:f9: 29:12:4c:97:31:a0:73:c5:ca:d0:6c:40:ea:b4:36:58:66:ba: 85:66:06:9d:54:b7:f3:ec:f9:7a:81:0a:2d:4b:50:35:69:28: 28:38:c0:2e:2a:21:31:87:86:09:f6:18:eb:8d:3f:98:77:f5: 58:6f:4a:4f:c4:dc:f3:53:f7:0d:41:89:0c:20:d5:19:8c:f3: 3b:30:9b:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUwOTA1MDY0NDQ4WhcNMjUwOTEyMDY0NDQ4WjAYMRYwFAYD VQQDEw02OGJhODZlMC04YzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA39apXdbULDyW1HZRXbYDFZ1A3YpgCBgiN676nQXY304DYaYgHgVPdLj36cd7 LprlCqTUeR7H9rzEWn70M2AhTX1Gr+t7xuSLWlCwEySF+q8d3M5A58g6yoxppieR pdCnK48ji1rEiJEBR7RhjBaub02TTT9HBSf2YPzFnhngGXTJDomvKN21dKZF1Ziy +SyCtXsjQdCNy6eDCDyHRfsrXJ3bLNYgGZZcsoWMG0g8brHs+h9q52QBiTkXzCdR 61cX6vUbet8F7ae4NPdo1boq0zH1lGnC0Rf9QIiSMFfb2KtskU/IMe7iuDDBo15a 9QYXkfyj48Ph1WUBmvSjr/MaOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN6uLlwL OZoCSFVyKZaJVk2IvqVXMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAQniv+rw0HParbXKi8oJDh9uLpgjsRluaBDi8J0DTtjBKXSg4R1HV 1w/dWexEI+Ct4RTioeRWG3hrLqjM8kpT7Bl9vhOTFUHFTl/XW+xRqba81FZ2TDQj aPM5Lk7ekeC7M58Qb+sIBDYPlSAuEi5wAwu5v8jLb3wgj3eRfblgOJn7n8JRRnHm 95NIRNA3HOKFO1T8VZnVIRar0oXySfBZ7Gx9LwkKer16IywL4lvmlSc9IvkpEkyX MaBzxcrQbEDqtDZYZrqFZgadVLfz7Pl6gQotS1A1aSgoOMAuKiExh4YJ9hjrjT+Y d/VYb0pPxNzzU/cNQYkMINUZjPM7MJvd -----END CERTIFICATE-----Generated at Sat Sep 6 15:32:16 2025 by rpki-client