$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: Mhrrd198D+ne/GiD81joy8hmUc1K+4DLWQy0Y5fB6V4= Subject key identifier: FD:E8:A8:28:A9:65:2B:18:13:FD:9F:8F:FB:7B:7F:0D:D6:A7:BF:08 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 010A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 0101 Signing time: Sun 01 Mar 2026 07:18:08 +0000 Manifest this update: Sun 01 Mar 2026 07:18:07 +0000 Manifest next update: Sun 08 Mar 2026 07:18:07 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 3E4RaI2Z8DErWQNfT6X3eHmvq40baRHOJIcQloD1ejs=) 2: 00926CA2D41F11F092947183C4F9AE02.roa (hash: 6Kb8qTYjaoIOVP7kkTd2rIa7gwLmY36EevcUKuSxehs=) 3: 0029F6EAD41F11F0B1A47183C4F9AE02.roa (hash: S2OZL34K7y7KU66LSbkx0n+jdpTeHIrf5kcKi6P19ww=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 07:18:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 266 (0x10a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Mar 1 07:18:07 2026 GMT Not After : Mar 8 07:18:07 2026 GMT Subject: CN=69a3e82f-4d5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:6f:c7:5b:ce:91:c6:cb:f3:ff:f5:1c:8e:9d: ba:b4:2f:73:73:67:a7:d9:d2:fe:92:5c:0c:2e:b7: 6d:d2:a6:56:d7:5b:ae:5b:6c:d4:2d:9b:30:48:e8: ce:56:de:af:67:a6:e0:60:16:8c:c2:48:2b:44:6e: 3a:6a:49:28:cd:29:a4:ed:06:81:63:25:c7:89:6a: 8b:96:92:c4:ee:45:60:e0:8a:9a:2e:ab:3f:14:5e: 29:1b:cc:f6:e7:18:01:06:ae:d5:8b:0b:74:13:0e: 3f:2b:e6:13:7d:4c:7c:73:4e:4c:df:96:16:90:6e: c8:a4:05:fb:26:65:bc:c5:11:5e:10:fa:2a:88:0e: 52:3f:65:59:3c:cf:73:71:2d:12:34:da:99:4e:21: e9:3c:82:6c:55:35:16:25:4f:16:ef:15:d5:bd:01: 4f:8d:1d:69:d2:ca:6f:a6:42:5e:eb:ea:29:ab:67: d8:13:ae:ea:87:80:1a:7d:8f:a0:b3:41:89:3b:7f: e3:02:53:1e:98:b7:2c:1b:84:29:81:3f:9b:15:14: 5c:92:e1:f2:3c:2d:7d:7a:50:9d:bb:4b:67:57:40: 01:51:6a:21:23:46:0a:ae:be:fe:17:6c:3a:39:3a: 84:a9:b6:b1:8b:62:0d:94:b2:88:5d:35:35:c2:9b: d3:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:E8:A8:28:A9:65:2B:18:13:FD:9F:8F:FB:7B:7F:0D:D6:A7:BF:08 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:81:58:1f:63:d6:97:4e:0a:c8:4e:76:ce:32:44:f1:d0:42: 27:dc:a4:1e:a3:6b:3b:cf:7e:ee:22:4b:b5:46:7a:30:33:de: 32:74:13:79:60:dc:92:78:07:41:15:04:fc:8a:78:b2:90:d3: 1f:ea:e3:a6:63:28:17:e1:33:d8:48:0a:5c:9c:29:0a:c7:ea: 52:2c:cf:38:1f:db:c3:b0:e7:27:84:09:98:02:67:68:90:7b: 7a:cb:b1:23:51:50:96:d6:f4:73:b4:63:64:a1:93:b0:11:1a: 59:ce:a3:ba:67:47:f3:71:5d:ad:bf:07:5b:41:68:e7:eb:88: e9:3f:f4:de:46:c6:70:d5:70:4a:5b:4a:1f:6c:a4:04:3a:12: 78:dc:48:93:9c:24:67:c3:7b:75:3f:ba:dc:26:a1:29:55:5e: 51:7d:da:1b:aa:6f:7c:cd:f9:31:32:1a:3d:0c:fd:9e:99:10: 4c:02:81:7a:4c:16:e9:43:e2:b5:c4:94:43:64:7a:47:ed:63: 90:cf:89:ac:19:a3:a5:a2:64:6b:36:6b:58:93:e0:f0:59:b7: 65:b7:2f:61:bc:df:71:23:f1:43:62:6c:b4:df:81:ae:bf:13: d0:84:7c:e1:55:04:da:8d:59:14:ff:ac:5b:c0:8e:a0:69:89: fa:52:55:e3 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICAQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjYwMzAxMDcxODA3WhcNMjYwMzA4MDcxODA3WjAYMRYwFAYD VQQDEw02OWEzZTgyZi00ZDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnG/HW86Rxsvz//Ucjp26tC9zc2en2dL+klwMLrdt0qZW11uuW2zULZswSOjO Vt6vZ6bgYBaMwkgrRG46akkozSmk7QaBYyXHiWqLlpLE7kVg4IqaLqs/FF4pG8z2 5xgBBq7Viwt0Ew4/K+YTfUx8c05M35YWkG7IpAX7JmW8xRFeEPoqiA5SP2VZPM9z cS0SNNqZTiHpPIJsVTUWJU8W7xXVvQFPjR1p0spvpkJe6+opq2fYE67qh4AafY+g s0GJO3/jAlMemLcsG4QpgT+bFRRckuHyPC19elCdu0tnV0ABUWohI0YKrr7+F2w6 OTqEqbaxi2INlLKIXTU1wpvTqwIDAQABo4ICczCCAm8wHQYDVR0OBBYEFP3oqCip ZSsYE/2fj/t7fw3Wp78IMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAM4FYH2PWl04KyE52zjJE8dBCJ9ykHqNrO89+7iJLtUZ6MDPeMnQTeWDckngH QRUE/Ip4spDTH+rjpmMoF+Ez2EgKXJwpCsfqUizPOB/bw7DnJ4QJmAJnaJB7esux I1FQltb0c7RjZKGTsBEaWc6jumdH83Fdrb8HW0Fo5+uI6T/03kbGcNVwSltKH2yk BDoSeNxIk5wkZ8N7dT+63CahKVVeUX3aG6pvfM35MTIaPQz9npkQTAKBekwW6UPi tcSUQ2R6R+1jkM+JrBmjpaJkazZrWJPg8Fm3ZbcvYbzfcSPxQ2JstN+Brr8T0IR8 4VUE2o1ZFP+sW8COoGmJ+lJV4w== -----END CERTIFICATE-----Generated at Mon Mar 2 15:42:44 2026 by rpki-client