$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: 6fsQJ0boYSvXpzaHhqLZ67tq38rPFXTha+tsuhupZ2A= Subject key identifier: B8:C2:E2:FB:CF:D0:F9:F6:F7:56:56:C2:C1:54:40:87:3B:05:25:41 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1D20 Signing time: Tue 04 Nov 2025 16:16:09 +0000 Manifest this update: Tue 04 Nov 2025 16:16:09 +0000 Manifest next update: Tue 11 Nov 2025 16:16:09 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: kpLBJKXS2Skl7q78doVEnfzh/Ew7rPfrQk3GWwvHkxY=) 2: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: y+uJHyht1alI7ZPC3JmvnuhjGbEy3LzzaLiSY5fiRNU=) 3: 3322FCF6B8B611F09EE22E11C4F9AE02.roa (hash: nkQmProxyP6YQNqCslU/7lr0b3AmBz1GRwsmzYE8/fI=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: pnMyT26PaWSPhc4xLktPGQAXbwWHq3wiOavqQNjLHrI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: AkhO60SNFyTg9WciYKqi3vhEF3h9kd5WtxlSK6krnU0=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: AffWt9J6no4G+h1FpGfN0NTkhva8z6z11If0wdojgPY=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: /m1lXjaboioF2x7MUrTWDdQH9KVsmd4C/ofOTcRyOPg=) 8: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: ETR2zwPyd2A7y4UYuOybCcuJB7a9x37gwBrY0zAjMjI=) 9: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: nZuM2ubXC1l5NKfMUi8/1WxtFNha0sL4E6iO4pxzxgc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:16:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7582 (0x1d9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Nov 4 16:16:09 2025 GMT Not After : Nov 11 16:16:09 2025 GMT Subject: CN=690a26c9-7522 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:ed:8b:b8:a0:82:0f:4b:bc:1e:cb:c7:c4:52: 1e:90:04:86:db:37:c8:f3:c5:db:95:61:95:51:91: 8b:40:38:48:04:66:04:47:32:ce:00:8e:a8:53:77: 8d:ab:4d:cc:da:4b:4c:6c:3d:bf:5b:b4:3e:fc:7e: d4:cf:8f:a9:03:c9:b9:1c:16:22:cc:f6:dd:98:7c: 5c:2c:df:1f:ec:da:1a:d4:8f:fb:3b:cb:ab:26:39: 26:ed:62:86:49:57:37:5b:ff:38:99:3d:82:0c:92: 91:a6:4e:b4:f6:8d:a7:18:3e:71:79:fb:5b:37:cf: d5:d6:5b:91:27:ab:14:44:bf:20:85:4f:35:5b:a5: 8d:d8:8f:09:db:a3:dc:0c:46:76:7c:85:d3:8f:30: 86:38:2c:09:92:63:af:e6:e9:e1:f3:e7:9e:c4:57: 1f:87:0e:a8:1f:e5:5e:ee:48:09:18:4d:33:54:f4: 56:6d:a7:31:aa:70:2b:6d:22:ca:f6:60:fe:8c:f2: 81:53:2e:df:9e:08:6e:af:5e:f2:2f:6b:30:a9:c5: f1:cc:b9:9a:6c:e3:28:20:4b:e4:b4:c4:79:2e:df: 57:d7:d6:45:10:e7:e7:a3:22:95:53:3e:9f:6d:25: 1c:4e:4c:14:86:c0:da:2c:5b:0b:ca:76:f9:d2:51: 03:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:C2:E2:FB:CF:D0:F9:F6:F7:56:56:C2:C1:54:40:87:3B:05:25:41 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:65:9e:86:aa:63:86:27:0f:b5:eb:28:d2:dc:53:db:a0:b3: eb:a3:eb:b1:10:e7:8a:4c:1c:3c:3b:79:14:ce:b0:02:6e:fe: 65:a8:ea:ba:6c:ce:97:02:fb:18:fb:be:9b:c2:d5:59:ca:da: 1a:02:d0:a8:bd:7d:e4:2b:cd:39:bb:a4:b0:7f:eb:9a:c6:14: f2:da:8d:12:4a:f8:65:b7:ec:46:62:05:27:76:92:18:35:00: fb:2e:23:1f:7c:78:b4:af:3a:7c:e6:c6:dd:3b:c2:4d:d3:d1: 94:ce:6e:f7:19:1d:c8:40:96:7d:ae:f0:ce:bb:a5:fb:62:9c: bb:4a:82:7c:cc:32:03:4a:c3:88:03:05:b3:54:a7:d6:c9:11: f0:93:01:c2:fc:66:c0:73:3a:e9:80:6c:d2:86:9b:63:e1:5f: e8:bd:08:9e:67:4b:7e:b5:e8:65:a8:9f:ce:f6:ba:6d:1c:03: 3e:f0:9c:89:88:a2:c6:6c:20:05:ce:ac:22:82:dc:8d:87:11: 56:8a:78:36:c5:b3:14:c1:01:7d:58:c0:4c:f5:49:76:6a:27: 02:87:a2:5e:02:cb:d6:cb:20:85:cb:8b:6e:cb:b7:b7:b2:4b: f9:a1:d6:bd:41:40:0c:e2:eb:a1:8b:4d:86:f3:5e:26:cd:1e: 60:e7:16:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUxMTA0MTYxNjA5WhcNMjUxMTExMTYxNjA5WjAYMRYwFAYD VQQDEw02OTBhMjZjOS03NTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3O2LuKCCD0u8HsvHxFIekASG2zfI88XblWGVUZGLQDhIBGYERzLOAI6oU3eN q03M2ktMbD2/W7Q+/H7Uz4+pA8m5HBYizPbdmHxcLN8f7Noa1I/7O8urJjkm7WKG SVc3W/84mT2CDJKRpk609o2nGD5xeftbN8/V1luRJ6sURL8ghU81W6WN2I8J26Pc DEZ2fIXTjzCGOCwJkmOv5unh8+eexFcfhw6oH+Ve7kgJGE0zVPRWbacxqnArbSLK 9mD+jPKBUy7fnghur17yL2swqcXxzLmabOMoIEvktMR5Lt9X19ZFEOfnoyKVUz6f bSUcTkwUhsDaLFsLynb50lEDVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLjC4vvP 0Pn291ZWwsFUQIc7BSVBMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqZZ6GqmOGJw+16yjS3FPboLPro+uxEOeKTBw8O3kUzrACbv5lqOq6 bM6XAvsY+76bwtVZytoaAtCovX3kK805u6Swf+uaxhTy2o0SSvhlt+xGYgUndpIY NQD7LiMffHi0rzp85sbdO8JN09GUzm73GR3IQJZ9rvDOu6X7Ypy7SoJ8zDIDSsOI AwWzVKfWyRHwkwHC/GbAczrpgGzShptj4V/ovQieZ0t+tehlqJ/O9rptHAM+8JyJ iKLGbCAFzqwigtyNhxFWing2xbMUwQF9WMBM9Ul2aicCh6JeAsvWyyCFy4tuy7e3 skv5oda9QUAM4uuhi02G814mzR5g5xb/ -----END CERTIFICATE-----Generated at Wed Nov 5 04:04:51 2025 by rpki-client