$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: i+MfUGRJfrN0pR4zBP3DnnoonziipxO+ygFlh15gf14= Subject key identifier: 7A:8C:14:30:7F:83:B5:84:88:35:A3:D2:CC:CA:8B:17:B7:93:2E:CA Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CFC Signing time: Thu 04 Sep 2025 16:17:15 +0000 Manifest this update: Thu 04 Sep 2025 16:17:15 +0000 Manifest next update: Thu 11 Sep 2025 16:17:15 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: mFqP2M/pH29+Fgw2r4hhAXlxVJStktXiS9/ZrFPrNBw=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: Rkz8G55vowkF7kydrCN5pxGVCB20c+IGP3x592UMfSw=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 10: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: UwXH1XygsxxIwL/5ppPhVWdo9CvnJPBBvjk5qqmH4lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 16:17:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7538 (0x1d72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Sep 4 16:17:15 2025 GMT Not After : Sep 11 16:17:15 2025 GMT Subject: CN=68b9bb8b-94f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:36:7f:d4:96:8e:1f:64:7b:c2:0c:f6:68:17: 7f:18:59:b4:5c:9f:26:d9:a4:68:70:03:b3:ac:46: dd:66:8e:f0:5a:76:c9:ea:c4:1e:bf:e3:ce:c5:9d: 1d:46:e3:71:87:a2:37:9c:50:ec:02:7d:f5:81:4e: 89:58:1d:4b:df:82:40:5c:4a:37:78:41:6b:43:66: 97:78:b3:06:d5:01:c8:c1:41:43:e8:6c:d3:b3:fb: d4:ab:b3:77:c5:b7:c5:5b:01:b6:42:44:54:29:3b: 5a:fd:16:1a:ed:f0:66:07:72:eb:b1:16:63:6c:b2: b1:8e:f6:29:d1:8b:97:3b:ac:e9:32:19:94:9a:c0: d2:d5:29:cf:b6:1c:ad:ae:ae:92:25:d1:eb:cf:f0: 2f:09:79:21:98:39:5d:8c:46:e6:89:0d:64:41:80: 05:14:c3:9e:5c:8a:98:eb:af:ed:54:c0:93:1c:8e: bd:36:d6:70:90:d0:d4:cb:67:a2:89:c7:15:fe:6c: ed:35:5a:46:f2:ea:73:dc:e7:19:84:d4:03:15:c9: 01:1c:c6:64:e7:8a:9b:c9:da:37:17:77:0f:24:b3: b6:97:f1:bd:57:de:c9:cf:fc:cb:6e:b4:87:92:0f: f3:30:f4:38:a0:7d:71:50:86:4c:05:f8:c6:0d:84: 75:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:8C:14:30:7F:83:B5:84:88:35:A3:D2:CC:CA:8B:17:B7:93:2E:CA X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:e8:9c:f1:ea:ec:60:76:2c:57:fb:97:11:b4:de:5c:17:a3: e3:ea:91:eb:18:c2:2e:5a:1a:49:37:07:f0:9c:97:4d:9d:2f: 6b:47:5f:62:bd:ea:a5:9f:3c:be:91:9b:1e:41:1b:b4:09:67: c5:c8:c2:25:43:3d:f3:ba:66:c2:e3:52:d9:98:be:9d:cd:78: 2f:5e:8a:7f:f3:77:10:ac:50:4a:06:65:92:be:06:39:92:96: ab:41:06:c2:29:63:c8:8d:70:a4:61:73:73:05:44:70:b0:2e: 5f:07:5f:4d:da:fa:29:39:83:a5:bc:d7:b1:94:61:79:5e:03: 52:f4:57:a4:c8:04:38:64:39:dd:3e:eb:89:c2:ac:05:a6:32: cd:65:68:4d:2c:22:b5:c8:7f:1a:6d:87:db:4b:f5:56:a3:c1: b0:72:dc:9c:a0:74:ea:18:db:dd:7d:24:bf:25:0b:fc:9a:13: 3a:a1:6b:cb:c7:eb:06:fc:91:ac:2e:cf:79:9e:02:cc:c1:eb: f5:ad:44:73:01:2b:af:48:96:c2:5d:9a:ee:d9:d0:f5:8e:41: 0f:11:d7:95:00:e8:4d:3e:09:d6:07:d0:87:a0:32:ef:e3:8e: 1f:88:6e:d7:56:60:eb:2d:4a:ff:60:47:ed:48:28:52:fc:ff: c9:69:65:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwOTA0MTYxNzE1WhcNMjUwOTExMTYxNzE1WjAYMRYwFAYD VQQDEw02OGI5YmI4Yi05NGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5DZ/1JaOH2R7wgz2aBd/GFm0XJ8m2aRocAOzrEbdZo7wWnbJ6sQev+POxZ0d RuNxh6I3nFDsAn31gU6JWB1L34JAXEo3eEFrQ2aXeLMG1QHIwUFD6GzTs/vUq7N3 xbfFWwG2QkRUKTta/RYa7fBmB3LrsRZjbLKxjvYp0YuXO6zpMhmUmsDS1SnPthyt rq6SJdHrz/AvCXkhmDldjEbmiQ1kQYAFFMOeXIqY66/tVMCTHI69NtZwkNDUy2ei iccV/mztNVpG8upz3OcZhNQDFckBHMZk54qbydo3F3cPJLO2l/G9V97Jz/zLbrSH kg/zMPQ4oH1xUIZMBfjGDYR1sQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHqMFDB/ g7WEiDWj0szKixe3ky7KMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB06Jzx6uxgdixX+5cRtN5cF6Pj6pHrGMIuWhpJNwfwnJdNnS9rR19i veqlnzy+kZseQRu0CWfFyMIlQz3zumbC41LZmL6dzXgvXop/83cQrFBKBmWSvgY5 kparQQbCKWPIjXCkYXNzBURwsC5fB19N2vopOYOlvNexlGF5XgNS9FekyAQ4ZDnd PuuJwqwFpjLNZWhNLCK1yH8abYfbS/VWo8GwctycoHTqGNvdfSS/JQv8mhM6oWvL x+sG/JGsLs95ngLMwev1rURzASuvSJbCXZru2dD1jkEPEdeVAOhNPgnWB9CHoDLv 444fiG7XVmDrLUr/YEftSChS/P/JaWUO -----END CERTIFICATE-----Generated at Sat Sep 6 15:20:06 2025 by rpki-client