$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: jfOiF2zryiQF0QHSLiZgT3zJvlQbRsRXuYyCKc7n07Q= Subject key identifier: 54:D8:B7:C8:94:07:DB:0A:C8:1E:B6:D9:94:48:21:F5:C1:76:54:CE Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D94 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1D17 Signing time: Mon 20 Oct 2025 16:27:51 +0000 Manifest this update: Mon 20 Oct 2025 16:27:50 +0000 Manifest next update: Mon 27 Oct 2025 16:27:50 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: StIqEIXskhflp0SS3nn2fTyw8mz9trDXlFmBusDXaiU=) 2: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: y+uJHyht1alI7ZPC3JmvnuhjGbEy3LzzaLiSY5fiRNU=) 3: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: AkhO60SNFyTg9WciYKqi3vhEF3h9kd5WtxlSK6krnU0=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: pnMyT26PaWSPhc4xLktPGQAXbwWHq3wiOavqQNjLHrI=) 5: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: AffWt9J6no4G+h1FpGfN0NTkhva8z6z11If0wdojgPY=) 6: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: /m1lXjaboioF2x7MUrTWDdQH9KVsmd4C/ofOTcRyOPg=) 7: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: nZuM2ubXC1l5NKfMUi8/1WxtFNha0sL4E6iO4pxzxgc=) 8: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: ETR2zwPyd2A7y4UYuOybCcuJB7a9x37gwBrY0zAjMjI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 16:27:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7572 (0x1d94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Oct 20 16:27:50 2025 GMT Not After : Oct 27 16:27:50 2025 GMT Subject: CN=68f66307-93bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:54:07:29:81:45:ad:d9:05:de:76:51:ee:f8: 91:7c:ca:96:fe:37:ce:7c:b8:bb:54:7c:de:ed:41: de:a5:fa:a9:7a:7e:b1:d5:df:f8:fb:d3:79:9d:57: 2e:d0:4a:06:37:ef:89:43:e5:83:24:45:dd:9d:27: e5:2d:58:13:3b:64:11:87:d0:f2:e6:a6:f1:69:d2: d5:c3:d4:aa:3b:a0:37:e4:79:33:d1:a4:0a:28:36: 0b:4f:31:0c:ee:75:e1:30:a3:a3:8d:e9:fc:e5:e6: 1b:bd:34:c5:d1:d3:4c:86:5d:90:60:93:0b:a9:7f: dd:b3:75:4a:79:8b:d6:3b:2b:09:0f:d7:22:85:0a: f7:07:5f:06:97:21:f4:3b:67:52:3e:7b:2b:63:3e: 36:01:9c:b7:72:68:36:1c:44:7d:91:3e:36:bd:67: eb:61:86:79:70:44:a5:39:06:5a:4c:62:ad:ab:af: be:c6:5a:de:c4:43:0a:2e:cd:4f:9c:85:21:26:74: 19:9b:8b:8e:a7:ec:1b:9a:1f:e7:d5:7c:f7:36:15: 84:35:4b:b4:84:79:ab:e5:67:4c:59:a0:ba:61:62: c1:f3:ba:5d:70:21:f0:30:74:73:aa:a5:da:b2:24: 9b:81:08:2f:49:24:91:88:39:46:53:54:eb:d5:69: ce:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:D8:B7:C8:94:07:DB:0A:C8:1E:B6:D9:94:48:21:F5:C1:76:54:CE X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:85:93:26:22:70:b9:b3:6f:5d:6c:7e:f8:68:5e:16:b4:56: 6c:9a:3d:49:c3:0d:72:58:2a:3d:3c:49:87:e6:e6:65:0b:ba: 9f:40:96:9d:d2:11:6a:29:00:ab:34:3a:7d:fb:07:b4:0d:4b: 63:77:3e:c4:35:d9:2f:04:b3:17:41:de:ce:68:9e:eb:18:8a: bd:d4:30:90:41:12:2e:46:a4:f3:03:2b:90:a5:8f:b8:7a:ba: d3:d6:96:6e:d9:de:d9:cd:dd:b7:98:46:4f:79:e9:f8:33:e1: d4:c5:59:9b:32:bd:2e:ed:15:64:e2:65:20:c6:f9:fc:2d:1e: 44:fd:c1:3c:fe:70:3c:f1:9b:91:d4:ca:07:d6:a5:c9:4e:f1: d5:67:1a:23:3c:a8:3d:b1:12:77:bd:72:8a:75:90:8e:eb:56: f1:b4:df:21:4c:be:ba:f1:50:9b:a3:ec:13:c3:86:59:f3:3d: ba:bc:79:f1:f6:e7:e8:83:df:69:fc:c3:ee:4f:74:67:0a:0a: 6c:12:6a:87:b9:fe:49:ed:9d:78:18:b2:0d:ef:42:32:64:18: c8:55:a3:c9:77:e3:f4:b0:44:aa:a2:64:76:6b:ba:18:dc:0d: 27:4b:cc:6a:50:1a:cc:11:7f:66:30:bc:b3:6f:ca:df:70:6e: d8:87:33:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUxMDIwMTYyNzUwWhcNMjUxMDI3MTYyNzUwWjAYMRYwFAYD VQQDEw02OGY2NjMwNy05M2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2lQHKYFFrdkF3nZR7viRfMqW/jfOfLi7VHze7UHepfqpen6x1d/4+9N5nVcu 0EoGN++JQ+WDJEXdnSflLVgTO2QRh9Dy5qbxadLVw9SqO6A35Hkz0aQKKDYLTzEM 7nXhMKOjjen85eYbvTTF0dNMhl2QYJMLqX/ds3VKeYvWOysJD9cihQr3B18GlyH0 O2dSPnsrYz42AZy3cmg2HER9kT42vWfrYYZ5cESlOQZaTGKtq6++xlrexEMKLs1P nIUhJnQZm4uOp+wbmh/n1Xz3NhWENUu0hHmr5WdMWaC6YWLB87pdcCHwMHRzqqXa siSbgQgvSSSRiDlGU1Tr1WnOSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFTYt8iU B9sKyB622ZRIIfXBdlTOMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXhZMmInC5s29dbH74aF4WtFZsmj1Jww1yWCo9PEmH5uZlC7qfQJad 0hFqKQCrNDp9+we0DUtjdz7ENdkvBLMXQd7OaJ7rGIq91DCQQRIuRqTzAyuQpY+4 errT1pZu2d7Zzd23mEZPeen4M+HUxVmbMr0u7RVk4mUgxvn8LR5E/cE8/nA88ZuR 1MoH1qXJTvHVZxojPKg9sRJ3vXKKdZCO61bxtN8hTL668VCbo+wTw4ZZ8z26vHnx 9ufog99p/MPuT3RnCgpsEmqHuf5J7Z14GLIN70IyZBjIVaPJd+P0sESqomR2a7oY 3A0nS8xqUBrMEX9mMLyzb8rfcG7YhzP4 -----END CERTIFICATE-----Generated at Tue Oct 21 22:27:47 2025 by rpki-client