$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: TVCJRCscp3nqXlcMLNsFqGk5bQneE2+a7FuEGyrMGmk= Subject key identifier: BA:FB:81:CD:33:12:5A:45:82:FB:3F:72:5F:F6:E2:BA:EF:E8:B6:11 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: C4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: C0 Signing time: Wed 05 Nov 2025 06:07:43 +0000 Manifest this update: Wed 05 Nov 2025 06:07:42 +0000 Manifest next update: Wed 12 Nov 2025 06:07:42 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 6MBwbujcD/coHyiSDsP/EqVBC3zjRo8MGy8588WQiv8=) 2: 8B9AE5E6843211F099BF476CC4F9AE02.roa (hash: f0yL6dm4aQQSfB+ngsxTE6LWk8z3YuY+EKGRY0bzeRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:07:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 196 (0xc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Nov 5 06:07:42 2025 GMT Not After : Nov 12 06:07:42 2025 GMT Subject: CN=690ae9af-d8d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:bb:3e:7c:7f:50:7d:35:f5:53:b0:00:b4:e5: c8:82:71:5c:4a:80:ed:f0:70:47:eb:13:32:8b:5d: 35:a6:d1:d1:8c:9f:92:9c:37:ba:df:79:b3:be:61: 80:03:07:22:e3:b2:3a:67:b2:1e:66:4a:6b:13:ed: 8c:0b:c4:84:a1:a2:99:aa:e7:34:1f:47:97:13:67: 73:72:aa:0a:ab:1c:3f:43:e7:e6:ce:54:e4:63:8d: c7:ee:1c:7d:71:a7:1a:89:93:7b:61:bc:75:c6:61: 4f:9b:bc:a9:a8:c9:05:f4:51:e3:4f:d8:2a:8b:9d: 8b:8c:86:90:96:fb:f8:72:34:17:c9:40:9d:d3:e5: 38:7d:10:6d:c1:95:de:7c:e8:f0:6f:a7:4a:d0:63: b8:7c:d9:6b:8e:89:39:23:bc:be:ee:ca:34:23:4a: a4:b9:cd:dc:52:20:7f:f7:49:aa:9f:ef:92:04:cc: 61:c6:3a:3a:bf:32:61:5f:0d:e0:9b:13:08:df:81: e0:01:fb:07:d4:a5:8e:1c:c4:84:b6:05:be:41:be: e5:e1:5b:c6:06:81:0b:f3:44:b8:7d:54:e8:b7:58: ce:33:da:d5:41:7b:44:00:2b:45:9d:eb:71:7b:06: e7:f4:7e:86:06:a9:1d:71:df:69:29:0f:ea:c3:47: f2:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:FB:81:CD:33:12:5A:45:82:FB:3F:72:5F:F6:E2:BA:EF:E8:B6:11 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:24:28:29:11:cc:79:43:83:84:c6:5b:df:21:ae:5e:7c:7a: 58:6d:8e:7c:d8:29:4b:ac:76:25:aa:14:6c:51:bf:a8:36:8c: 81:77:bd:f4:0c:7f:bd:d9:af:88:f4:81:97:51:f8:d4:06:c5: 10:48:24:e9:a4:3a:6a:bb:01:25:e0:c7:4a:ec:e0:d8:bc:a1: 5d:2e:91:c9:8b:de:8a:84:d8:79:bd:7f:9e:b5:3d:e5:38:36: d4:f4:30:16:9c:8a:26:0a:b7:f5:a8:44:66:dc:8c:75:f8:b3: 53:a8:8f:e9:00:8b:62:e0:a1:d6:3e:7b:9d:e4:4d:d1:8c:67: 76:41:71:ec:57:c6:89:88:2c:8e:d1:2c:1a:c0:01:38:40:76: 60:03:ea:48:bc:f0:c4:b8:d1:52:7c:53:51:0b:85:82:0d:b4: 3e:69:38:b3:8a:32:55:f1:61:7e:68:1f:4a:18:68:28:b2:a8: 09:cb:34:aa:8f:3b:7d:3b:06:03:c0:9b:d7:e6:d1:46:63:ab: 37:e9:2b:3a:67:1b:50:9d:b7:29:8f:9e:72:2d:f3:4c:4f:a0: b1:70:71:e9:00:07:45:10:a1:a0:f8:c9:26:c8:8e:84:b8:9c: c9:7d:75:1e:c1:52:2b:9b:a9:ff:75:94:e4:01:47:d2:72:89: 21:41:b7:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUxMTA1MDYwNzQyWhcNMjUxMTEyMDYwNzQyWjAYMRYwFAYD VQQDEw02OTBhZTlhZi1kOGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApLs+fH9QfTX1U7AAtOXIgnFcSoDt8HBH6xMyi101ptHRjJ+SnDe633mzvmGA Awci47I6Z7IeZkprE+2MC8SEoaKZquc0H0eXE2dzcqoKqxw/Q+fmzlTkY43H7hx9 cacaiZN7Ybx1xmFPm7ypqMkF9FHjT9gqi52LjIaQlvv4cjQXyUCd0+U4fRBtwZXe fOjwb6dK0GO4fNlrjok5I7y+7so0I0qkuc3cUiB/90mqn++SBMxhxjo6vzJhXw3g mxMI34HgAfsH1KWOHMSEtgW+Qb7l4VvGBoEL80S4fVTot1jOM9rVQXtEACtFnetx ewbn9H6GBqkdcd9pKQ/qw0fysQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLr7gc0z ElpFgvs/cl/24rrv6LYRMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA5JCgpEcx5Q4OExlvfIa5efHpYbY582ClLrHYlqhRsUb+oNoyBd730 DH+92a+I9IGXUfjUBsUQSCTppDpquwEl4MdK7ODYvKFdLpHJi96KhNh5vX+etT3l ODbU9DAWnIomCrf1qERm3Ix1+LNTqI/pAIti4KHWPnud5E3RjGd2QXHsV8aJiCyO 0SwawAE4QHZgA+pIvPDEuNFSfFNRC4WCDbQ+aTizijJV8WF+aB9KGGgosqgJyzSq jzt9OwYDwJvX5tFGY6s36Ss6ZxtQnbcpj55yLfNMT6CxcHHpAAdFEKGg+MkmyI6E uJzJfXUewVIrm6n/dZTkAUfScokhQbeC -----END CERTIFICATE-----Generated at Wed Nov 5 12:03:29 2025 by rpki-client