$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: Aion5+POufKuiN2GPbtkdiO0+CVulyqJNtn7ceFsiTk= Subject key identifier: 63:E4:AB:91:30:93:D0:1A:C9:0C:52:52:37:F1:24:C5:FC:4A:2A:C9 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 90 Signing time: Sat 09 Aug 2025 06:55:47 +0000 Manifest this update: Sat 09 Aug 2025 06:55:46 +0000 Manifest next update: Sat 16 Aug 2025 06:55:46 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: iWWu2ZmRYOhm4djcaWJ/URelOWaJ09sOxMP4oqN7ePI=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Aug 9 06:55:46 2025 GMT Not After : Aug 16 06:55:46 2025 GMT Subject: CN=6896f0f2-e8f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:20:85:30:5e:d2:fa:8c:c6:a7:21:32:ab:40: 80:0e:f2:03:e8:6d:2f:c8:38:c7:c8:b9:41:4c:19: 19:0f:a3:2a:77:51:bc:49:b9:dd:00:45:69:1b:60: ab:b5:f1:17:17:88:ae:bf:6e:a6:7c:84:23:e0:01: b2:ca:57:89:e9:5d:47:cc:5a:71:98:80:82:68:d6: 80:5e:45:9d:8d:b1:c8:e6:c4:b6:66:9e:39:09:99: 99:fd:b5:ab:12:42:ba:38:52:f0:89:e9:1c:fb:51: ec:f0:01:4d:8b:16:f6:8e:07:d0:55:14:90:a0:8e: 7c:e9:b6:cf:07:52:ad:11:5f:b8:bc:bb:7c:0e:d5: 2e:83:69:0b:f2:89:7f:aa:69:a4:90:03:f1:0b:6a: 90:9f:74:c7:07:30:a7:60:7f:03:d4:58:22:b6:36: e1:84:cf:a5:0d:72:ae:28:45:82:be:bd:ea:c7:66: 8b:49:48:3f:54:05:dd:5c:90:7d:4f:78:d0:28:d5: 5c:91:4b:42:73:dc:ac:a4:d5:1f:90:3d:26:0b:f6: cd:96:8e:3b:a6:82:87:e3:64:aa:d0:fc:8a:ac:6e: d2:0d:a0:63:46:8b:4c:02:ae:a2:fc:fe:2c:21:b6: dd:15:e1:bb:7e:85:80:27:c0:3a:d2:3e:b3:be:36: 35:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:E4:AB:91:30:93:D0:1A:C9:0C:52:52:37:F1:24:C5:FC:4A:2A:C9 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:56:f3:f7:11:ac:ff:56:53:37:b1:49:67:15:16:28:0e:07: df:85:95:68:65:85:f0:9b:27:d1:48:ff:dc:e5:91:1a:26:c0: b7:0d:e3:2a:12:f3:50:a8:fa:f2:a9:6f:54:b6:02:76:d7:3d: 94:0a:cc:7a:8d:55:8b:bc:64:10:b8:46:b4:4b:0f:2b:ef:c4: a7:9d:63:ea:d3:65:1d:ac:71:3d:21:fd:d2:6a:f6:d7:87:0d: 17:4c:41:85:02:3b:79:54:1d:96:68:63:ba:7c:91:f4:54:b1: 6a:96:69:32:74:39:39:c3:39:fc:00:4c:51:58:08:77:b9:c4: ed:7d:d0:1d:59:74:f4:81:a8:95:83:a3:74:9f:c2:c9:96:ab: 9e:62:77:f4:48:8e:b9:f5:71:1d:51:bd:53:93:7d:78:ce:4b: 05:74:71:49:65:1b:73:df:3b:e5:8f:f3:a3:55:dd:d5:89:d2: 7b:ad:6a:f0:02:7e:de:cb:1a:55:d1:83:9a:83:62:7e:4f:59: b9:e1:1d:54:24:33:ff:5a:cc:f7:1c:9f:99:44:29:5f:1b:e4: 21:9d:5d:66:68:a4:56:31:d6:f3:02:72:b6:d8:44:36:6e:9e: 4c:a1:dd:6b:1b:61:52:7d:6d:48:56:d6:ec:4c:b4:e3:e1:25: 4c:d6:14:f8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBGMTExMTAvBgNVBAUTKDIxMUEwMjFFOEFCREY0REJGMjA3MDgyMjZDQzgzMjhG RDI0MTMxREYwHhcNMjUwODA5MDY1NTQ2WhcNMjUwODE2MDY1NTQ2WjAYMRYwFAYD VQQDEw02ODk2ZjBmMi1lOGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAySCFMF7S+ozGpyEyq0CADvID6G0vyDjHyLlBTBkZD6Mqd1G8SbndAEVpG2Cr tfEXF4iuv26mfIQj4AGyyleJ6V1HzFpxmICCaNaAXkWdjbHI5sS2Zp45CZmZ/bWr EkK6OFLwiekc+1Hs8AFNixb2jgfQVRSQoI586bbPB1KtEV+4vLt8DtUug2kL8ol/ qmmkkAPxC2qQn3THBzCnYH8D1FgitjbhhM+lDXKuKEWCvr3qx2aLSUg/VAXdXJB9 T3jQKNVckUtCc9yspNUfkD0mC/bNlo47poKH42Sq0PyKrG7SDaBjRotMAq6i/P4s IbbdFeG7foWAJ8A60j6zvjY1LQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGPkq5Ew k9AayQxSUjfxJMX8SirJMB8GA1UdIwQYMBaAFCEaAh6KvfTb8gcIImzIMo/SQTHf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEYxMS9FMTYzODkxMDlB N0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlOdnlCd2dpYk1neWo5SkJN ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEYxMS9FMTYzODkxMDlBN0MxMUVGODQ5NTBEMzNDNEY5QUUwMi9JUm9DSG9xOTlO dnlCd2dpYk1neWo5SkJNZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbVvP3Eaz/VlM3sUlnFRYoDgffhZVoZYXwmyfRSP/c5ZEaJsC3DeMq EvNQqPryqW9UtgJ21z2UCsx6jVWLvGQQuEa0Sw8r78SnnWPq02UdrHE9If3SavbX hw0XTEGFAjt5VB2WaGO6fJH0VLFqlmkydDk5wzn8AExRWAh3ucTtfdAdWXT0gaiV g6N0n8LJlqueYnf0SI659XEdUb1Tk314zksFdHFJZRtz3zvlj/OjVd3VidJ7rWrw An7eyxpV0YOag2J+T1m54R1UJDP/Wsz3HJ+ZRClfG+QhnV1maKRWMdbzAnK22EQ2 bp5Mod1rG2FSfW1IVtbsTLTj4SVM1hT4 -----END CERTIFICATE-----Generated at Mon Aug 11 07:45:19 2025 by rpki-client