$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: HHm+gYfjI0yrNcvRWEUg1J1XNlEGUMpjsPaZ+VMQqJA= Subject key identifier: 07:E8:E6:4C:4E:0C:AC:2E:B0:7C:C4:AF:41:5D:38:62:5D:95:B2:AC Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 79 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 77 Signing time: Sat 21 Jun 2025 05:49:31 +0000 Manifest this update: Sat 21 Jun 2025 05:49:30 +0000 Manifest next update: Sat 28 Jun 2025 05:49:30 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: fdYjfqDD4eune+l4RcHS6PE2lIY0MOpIx0VgSgCmmMw=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Jun 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 121 (0x79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Jun 21 05:49:30 2025 GMT Not After : Jun 28 05:49:30 2025 GMT Subject: CN=685647ea-2977 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:86:81:c0:ed:0b:c5:b9:6b:20:fd:2c:95:1c: 88:9b:d9:eb:1e:af:26:56:de:d2:da:c2:6a:fc:f8: e6:b5:dd:2b:0d:4e:08:22:f3:b2:9e:d8:f2:7e:b0: 4a:70:c6:9d:21:52:11:ac:df:60:11:fd:08:fb:73: e7:2f:be:27:bf:29:3c:2c:1b:a2:3f:23:19:d6:fe: 1c:a5:43:11:0d:75:88:76:3b:fe:ee:08:8f:de:d4: 47:0c:e4:68:39:a2:ae:c6:cc:5d:c5:73:57:3f:7d: a9:6b:32:56:5a:5e:67:ca:98:94:90:53:d9:71:d7: a7:90:b5:4a:d0:64:d5:b9:d1:dc:b0:a7:78:ee:0c: 45:15:d3:8c:81:ca:c4:0b:0f:fc:6c:3b:f0:a1:ee: f1:81:00:df:a8:c0:71:25:59:de:d8:4f:0d:41:41: a6:95:71:93:1d:fa:b1:3a:d1:df:d9:25:0c:0e:8e: 7a:dd:41:60:65:af:a5:56:67:ea:46:d3:22:98:d0: 9a:0f:49:f9:b5:d6:53:cb:ab:14:e8:76:70:65:d9: 5a:67:77:3a:62:50:67:bd:5a:a8:ff:6c:6d:15:3a: 69:55:76:d5:99:58:1b:0f:02:a0:0e:24:a8:26:e8: bb:cc:a5:78:62:68:1f:14:dc:92:32:8f:72:07:55: e6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:E8:E6:4C:4E:0C:AC:2E:B0:7C:C4:AF:41:5D:38:62:5D:95:B2:AC X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:2b:77:85:ae:2c:f9:c2:79:76:86:2e:d9:47:22:e9:d0:bb: 08:4c:e2:b3:fc:29:70:7d:78:f7:a6:c0:64:f2:f5:f8:c7:a5: 05:f8:16:5e:08:c9:b7:23:09:8e:f9:8b:de:46:ec:04:74:9c: 70:1c:c8:3d:30:9f:a9:16:bb:38:ae:1e:56:48:98:5f:9a:8e: 9a:f5:42:a8:4a:86:8d:8c:d2:cd:b9:1d:cb:d2:f9:b3:d0:49: 86:42:43:ce:6d:80:25:e3:56:4c:0d:2d:9c:cb:67:7d:93:f9: 40:28:7e:6b:12:c2:77:e3:db:f1:f1:b0:3c:aa:be:c7:1b:6e: 74:36:32:6b:d8:80:0e:fd:de:64:79:4c:ee:06:55:63:8b:b9: 2d:52:45:96:d7:04:f0:88:ec:11:dd:b1:dc:40:4f:db:11:e3: 7b:e1:ef:e4:00:ae:30:f9:ef:7c:15:f6:a0:14:2c:58:a2:fe: 8e:f2:dd:e1:b1:5a:63:f9:23:44:13:94:30:f0:6e:f0:c8:ce: 46:34:d8:78:ac:5a:a6:28:a4:6a:12:dd:0e:dd:17:6e:75:7f: 06:65:b9:d2:06:d2:88:95:23:dd:c3:f0:20:06:40:1f:c9:82: 74:f8:1f:5c:a3:fa:3b:2d:66:fd:c9:b7:03:8e:02:6f:af:88: 8e:a0:2e:47 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA2MjEwNTQ5MzBaFw0yNTA2MjgwNTQ5MzBaMBgxFjAUBgNV BAMTDTY4NTY0N2VhLTI5NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOhoHA7QvFuWsg/SyVHIib2eseryZW3tLawmr8+Oa13SsNTggi87Ke2PJ+sEpw xp0hUhGs32AR/Qj7c+cvvie/KTwsG6I/IxnW/hylQxENdYh2O/7uCI/e1EcM5Gg5 oq7GzF3Fc1c/falrMlZaXmfKmJSQU9lx16eQtUrQZNW50dywp3juDEUV04yBysQL D/xsO/Ch7vGBAN+owHElWd7YTw1BQaaVcZMd+rE60d/ZJQwOjnrdQWBlr6VWZ+pG 0yKY0JoPSfm11lPLqxTodnBl2VpndzpiUGe9Wqj/bG0VOmlVdtWZWBsPAqAOJKgm 6LvMpXhiaB8U3JIyj3IHVeapAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUB+jmTE4M rC6wfMSvQV04Yl2VsqwwHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABUrd4WuLPnCeXaGLtlHIunQuwhM4rP8KXB9ePemwGTy9fjHpQX4Fl4I ybcjCY75i95G7AR0nHAcyD0wn6kWuziuHlZImF+ajpr1QqhKho2M0s25HcvS+bPQ SYZCQ85tgCXjVkwNLZzLZ32T+UAofmsSwnfj2/HxsDyqvscbbnQ2MmvYgA793mR5 TO4GVWOLuS1SRZbXBPCI7BHdsdxAT9sR43vh7+QArjD573wV9qAULFii/o7y3eGx WmP5I0QTlDDwbvDIzkY02HisWqYopGoS3Q7dF251fwZludIG0oiVI93D8CAGQB/J gnT4H1yj+jstZv3JtwOOAm+viI6gLkc= -----END CERTIFICATE-----Generated at Sat Jun 21 16:25:24 2025 by rpki-client