$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: rbFUKAKG23TIGnDtDUEKWnyWorddOQ5Ctl/Pe9inavQ= Subject key identifier: 0C:A3:70:47:AA:01:CD:CC:54:89:25:0A:32:3A:4E:28:CE:FE:3F:AA Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CEA Signing time: Mon 04 Aug 2025 16:19:59 +0000 Manifest this update: Mon 04 Aug 2025 16:19:58 +0000 Manifest next update: Mon 11 Aug 2025 16:19:58 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: +xUKIYUa/Bh2GSMOa65Sn6JqJwuy79uSWj258PfnkDU=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 10: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: UwXH1XygsxxIwL/5ppPhVWdo9CvnJPBBvjk5qqmH4lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 16:19:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7519 (0x1d5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Aug 4 16:19:58 2025 GMT Not After : Aug 11 16:19:58 2025 GMT Subject: CN=6890ddaf-0b11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c9:b4:c6:6a:ae:32:f5:f9:77:5e:dc:8e:78: b3:35:50:0a:f0:5c:d6:91:a7:09:f9:f6:0a:98:4e: c5:4d:00:52:9b:18:7c:aa:d3:de:8f:1d:a1:d2:da: 95:9c:62:c0:4a:32:59:e2:c3:ba:29:70:b7:70:ad: 90:59:42:00:cb:6b:37:66:04:20:a6:fd:d4:7f:59: 76:d6:0a:6d:c9:ac:43:ba:08:01:a0:98:16:8d:a6: ec:28:c8:58:9b:a5:2e:13:26:96:93:8a:8c:4d:ba: b7:b0:2e:14:ba:79:9c:51:1b:9a:9e:40:5f:55:a1: b1:2d:af:b5:a5:b6:eb:af:ad:b2:d3:f9:40:d0:cc: c1:1b:80:64:9c:c4:0e:c6:36:63:25:ed:59:d8:ac: f9:3a:bc:ba:01:c8:68:93:d7:b3:ea:d5:f4:7a:b0: e2:ff:39:08:74:fa:82:c5:b7:cd:e6:93:06:03:fa: 44:a9:f5:00:43:d3:48:70:b9:40:e8:03:54:b4:40: f9:21:14:dd:8b:6e:24:c6:c3:3e:1f:24:7f:30:a0: c1:9f:0a:d9:48:ba:58:15:3e:42:91:d1:a1:ed:58: 58:d0:49:76:6a:07:8f:b0:6f:9c:b6:c0:c9:e8:fb: 9b:05:7f:14:af:04:05:66:36:53:54:b2:39:58:97: c4:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:A3:70:47:AA:01:CD:CC:54:89:25:0A:32:3A:4E:28:CE:FE:3F:AA X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:85:8e:b2:7e:99:78:9a:0a:83:c4:b7:2a:00:22:d3:e9:2f: 08:8c:f8:57:7e:54:0c:04:fe:c1:c0:49:8d:9c:95:9a:80:0e: b5:76:36:13:d6:86:39:74:27:99:57:df:86:0c:b4:02:58:36: 8a:2c:05:6c:a6:41:9e:2d:1e:72:a1:24:fe:68:40:2d:20:81: 89:87:19:52:69:44:84:30:f9:28:82:cd:b2:52:a8:3c:6d:00: 42:09:c1:bb:20:21:83:b4:bb:b2:57:ab:b7:c2:3c:81:a0:f8: 9a:dd:21:1f:29:33:e9:68:34:07:ac:de:ef:b4:e2:de:42:f8: 8f:5b:c3:25:2b:9d:f9:51:28:79:d2:0f:83:b3:9a:83:cc:c3: e4:4c:d7:0c:1c:13:1b:c2:70:ee:86:a8:5a:ec:62:1b:38:f5: e7:27:1e:25:24:3b:67:b2:ec:07:7c:c4:f6:8e:9d:5f:63:9e: 41:22:82:6a:9a:23:05:c7:9e:66:26:c8:e7:1b:7a:14:4b:ad: 43:4c:67:36:cb:02:de:ce:7f:65:f1:1f:1c:6b:1d:1a:bb:c9: 7a:6b:05:de:27:9c:e1:5d:cc:84:d0:ce:3f:cc:57:e0:0a:73: 07:4b:a1:32:6e:9d:1f:12:be:41:a9:4d:04:b7:a6:18:ff:6a: f6:cd:86:20 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwODA0MTYxOTU4WhcNMjUwODExMTYxOTU4WjAYMRYwFAYD VQQDEw02ODkwZGRhZi0wYjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxsm0xmquMvX5d17cjnizNVAK8FzWkacJ+fYKmE7FTQBSmxh8qtPejx2h0tqV nGLASjJZ4sO6KXC3cK2QWUIAy2s3ZgQgpv3Uf1l21gptyaxDuggBoJgWjabsKMhY m6UuEyaWk4qMTbq3sC4UunmcURuankBfVaGxLa+1pbbrr62y0/lA0MzBG4BknMQO xjZjJe1Z2Kz5Ory6Achok9ez6tX0erDi/zkIdPqCxbfN5pMGA/pEqfUAQ9NIcLlA 6ANUtED5IRTdi24kxsM+HyR/MKDBnwrZSLpYFT5CkdGh7VhY0El2agePsG+ctsDJ 6PubBX8UrwQFZjZTVLI5WJfEGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAyjcEeq Ac3MVIklCjI6TijO/j+qMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2hY6yfpl4mgqDxLcqACLT6S8IjPhXflQMBP7BwEmNnJWagA61djYT 1oY5dCeZV9+GDLQCWDaKLAVspkGeLR5yoST+aEAtIIGJhxlSaUSEMPkogs2yUqg8 bQBCCcG7ICGDtLuyV6u3wjyBoPia3SEfKTPpaDQHrN7vtOLeQviPW8MlK535USh5 0g+Ds5qDzMPkTNcMHBMbwnDuhqha7GIbOPXnJx4lJDtnsuwHfMT2jp1fY55BIoJq miMFx55mJsjnG3oUS61DTGc2ywLezn9l8R8cax0au8l6awXeJ5zhXcyE0M4/zFfg CnMHS6Eybp0fEr5BqU0Et6YY/2r2zYYg -----END CERTIFICATE-----Generated at Wed Aug 6 00:48:34 2025 by rpki-client