$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: jGYqlSAE/7n3VkRW3lgJ5fImE/FOh0dQSnwsdkLRpkY= Subject key identifier: 2A:1B:A9:B7:98:60:59:3C:C8:45:8A:8B:93:F5:3C:83:00:B0:E7:3D Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 5B Signing time: Fri 25 Apr 2025 06:07:10 +0000 Manifest this update: Fri 25 Apr 2025 06:07:10 +0000 Manifest next update: Fri 02 May 2025 06:07:10 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: 36hELTTj2scnuyzSGbA8Tt/ayS1L0i4AIfdCmyjCtNw=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Apr 25 06:07:10 2025 GMT Not After : May 2 06:07:10 2025 GMT Subject: CN=680b268e-6a21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:65:56:88:80:70:34:e5:9a:8b:c6:78:35:fb: 6a:1e:aa:15:c0:98:5e:ec:83:64:86:b5:08:e1:11: 7e:03:b2:13:31:e8:29:d1:df:96:ff:2b:dc:df:ad: db:1a:62:f5:da:c6:f5:92:ae:36:d8:ae:f8:a2:13: 68:93:c1:7f:3f:2c:0f:7e:29:1a:7a:d5:1f:c6:9a: 49:cb:69:34:a7:2a:68:17:81:b9:9d:7a:ee:dd:ae: a1:27:99:cc:9e:5d:5c:e8:1b:9a:5e:65:bf:64:2e: d8:3b:94:b0:35:ed:af:9a:69:16:54:df:96:91:b0: 20:c7:2a:50:de:6f:09:84:ad:1f:9b:09:38:97:5c: b9:00:d2:82:6d:8b:0f:54:50:29:0c:22:a5:46:4f: 79:f9:1b:85:9a:58:bc:7a:0d:8a:f6:7b:c4:00:09: 05:3f:28:bb:45:25:bf:c6:e8:e9:1c:7f:c1:eb:2d: 3d:46:07:e1:95:28:d8:d0:41:d0:c2:c9:2f:45:08: 05:f2:23:b4:bd:cb:4b:f0:6e:74:0d:de:ac:b5:80: e8:d6:21:6c:1c:93:0c:07:b9:ed:d8:05:fa:d3:91: c2:0d:1e:4c:5d:24:3b:a1:86:dd:ad:55:9f:bf:38: 7f:1b:54:fa:9a:4f:d5:16:ae:64:3b:7e:e0:05:0d: 29:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:1B:A9:B7:98:60:59:3C:C8:45:8A:8B:93:F5:3C:83:00:B0:E7:3D X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:8b:4a:b3:93:ba:55:93:7c:1a:e4:4a:46:a1:e8:5c:c2:10: 23:8d:6d:87:1d:f3:19:0d:ef:de:21:aa:fd:f0:5e:6a:41:6a: 88:71:9e:2a:c6:56:16:88:56:6f:b6:ca:ee:55:1c:f3:07:26: 5a:b7:a9:c5:39:e8:31:92:75:80:f9:c3:c4:e0:74:05:a1:b8: 47:b9:f8:ac:ce:6a:c9:f1:ac:6f:9c:af:e4:0b:f6:44:b7:1e: 1f:29:c7:e7:37:23:f4:8b:0d:9c:78:7b:c6:90:e9:17:2a:47: 2e:36:e1:50:7a:a8:e9:82:12:7b:b5:5a:82:19:06:3f:7e:fe: 63:d6:8c:9e:40:85:c1:2f:17:9f:31:87:9e:44:42:eb:8d:c4: 02:80:a9:08:0a:82:b2:2d:6d:f8:94:c9:0b:26:c8:c3:97:28: 3f:75:00:2d:4e:b1:f7:7e:42:55:14:a3:84:bb:05:8e:ff:31: 14:a7:4f:4e:8e:ab:14:be:20:2f:35:37:3a:7b:3f:fb:be:6d: 2d:de:20:6f:12:fa:53:7e:26:7c:0c:48:bb:73:af:7b:af:b1: a3:f8:cd:15:91:2c:a0:fd:b9:e7:ab:ac:17:7e:70:f0:5e:89: 6d:c2:74:2a:f0:91:6b:7a:02:52:e6:22:3c:ba:ac:b7:94:8b: c2:66:07:f7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA0MjUwNjA3MTBaFw0yNTA1MDIwNjA3MTBaMBgxFjAUBgNV BAMTDTY4MGIyNjhlLTZhMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDSZVaIgHA05ZqLxng1+2oeqhXAmF7sg2SGtQjhEX4DshMx6CnR35b/K9zfrdsa YvXaxvWSrjbYrviiE2iTwX8/LA9+KRp61R/GmknLaTSnKmgXgbmdeu7drqEnmcye XVzoG5peZb9kLtg7lLA17a+aaRZU35aRsCDHKlDebwmErR+bCTiXXLkA0oJtiw9U UCkMIqVGT3n5G4WaWLx6DYr2e8QACQU/KLtFJb/G6Okcf8HrLT1GB+GVKNjQQdDC yS9FCAXyI7S9y0vwbnQN3qy1gOjWIWwckwwHue3YBfrTkcINHkxdJDuhht2tVZ+/ OH8bVPqaT9UWrmQ7fuAFDSk5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUKhupt5hg WTzIRYqLk/U8gwCw5z0wHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJuLSrOTulWTfBrkSkah6FzCECONbYcd8xkN794hqv3wXmpBaohxnirG VhaIVm+2yu5VHPMHJlq3qcU56DGSdYD5w8TgdAWhuEe5+KzOasnxrG+cr+QL9kS3 Hh8px+c3I/SLDZx4e8aQ6RcqRy424VB6qOmCEnu1WoIZBj9+/mPWjJ5AhcEvF58x h55EQuuNxAKAqQgKgrItbfiUyQsmyMOXKD91AC1Osfd+QlUUo4S7BY7/MRSnT06O qxS+IC81Nzp7P/u+bS3eIG8S+lN+JnwMSLtzr3uvsaP4zRWRLKD9ueerrBd+cPBe iW3CdCrwkWt6AlLmIjy6rLeUi8JmB/c= -----END CERTIFICATE-----Generated at Sat Apr 26 14:31:42 2025 by rpki-client