$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: eg5vOjlVKu6DdgzuVXUk7qOCF7IIfYRkX1HLoiURUXM= Subject key identifier: DB:46:FA:37:EF:DF:5F:E7:ED:56:37:89:78:AE:2E:14:4A:8F:D1:D3 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CCF Signing time: Thu 12 Jun 2025 16:08:56 +0000 Manifest this update: Thu 12 Jun 2025 16:08:56 +0000 Manifest next update: Thu 19 Jun 2025 16:08:56 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: WKkznRS1RhWEf1PXVVVzB26J6m71cZgyhbJ0Q49Dgd8=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) 10: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: UwXH1XygsxxIwL/5ppPhVWdo9CvnJPBBvjk5qqmH4lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 16:08:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7492 (0x1d44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Jun 12 16:08:56 2025 GMT Not After : Jun 19 16:08:56 2025 GMT Subject: CN=684afb98-bee4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c9:ee:95:54:83:aa:a2:6b:de:1f:6f:15:35: 40:17:d6:c3:77:6a:71:a7:35:e7:6d:fc:b1:c0:b3: 35:22:bc:c0:b5:b6:c0:ed:64:65:66:f2:56:bc:ee: 84:21:fa:09:31:c2:47:84:f9:bd:7a:66:ab:6a:2c: 39:2d:f9:52:b3:96:0c:0e:89:e0:53:e9:37:d0:d2: cb:0e:17:09:cd:17:0f:6a:f9:12:90:90:83:a5:01: fb:96:97:e0:14:f6:cb:d6:29:7c:d7:e9:63:02:9e: 78:79:58:7c:79:dc:3d:25:fd:eb:e6:c8:ef:84:d9: ae:12:9d:77:93:82:24:a9:ce:4d:f3:43:18:7b:24: ff:46:18:9c:4f:34:1f:2e:44:3a:50:7c:ce:fa:b9: 68:21:3d:81:b3:db:46:be:40:1c:a9:bf:cb:8e:92: dd:dc:52:b7:75:4b:99:81:c6:38:ca:d9:78:e0:52: 28:a7:aa:05:c6:af:ee:8b:f1:95:74:0a:f6:51:fa: 7b:7a:5d:49:43:b4:c0:a1:4c:60:66:fb:ca:e6:b0: 5f:f0:56:07:23:d1:0a:4f:bd:e9:ab:1c:cc:ab:8a: 32:2d:ca:c8:97:e0:ca:70:c9:9f:f3:d4:ba:92:7e: f5:5e:e7:e4:89:f6:d7:3a:4b:5d:12:c0:cd:48:ca: 43:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:46:FA:37:EF:DF:5F:E7:ED:56:37:89:78:AE:2E:14:4A:8F:D1:D3 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:17:e8:bb:82:a1:d4:ce:01:1a:16:18:c3:74:91:19:e4:84: d1:1d:26:9b:7f:d0:65:9f:ca:9f:29:da:f0:f5:ea:77:0a:d5: a8:d4:51:9e:60:e5:7a:b2:19:68:b0:89:ef:b2:7a:70:2a:9c: 0d:74:9b:82:a3:a8:cf:65:41:57:0c:57:ad:b4:c9:b5:b1:a2: 60:53:49:b4:af:00:93:12:fa:18:9e:87:56:53:a0:7b:34:dc: c5:6b:34:97:4a:ee:a3:53:69:80:7b:09:a0:92:9b:31:cc:b8: 4d:be:0c:ef:7a:d5:9f:54:4a:58:25:69:ac:b8:db:ed:02:c8: d5:f6:15:8f:c9:81:95:1b:75:ec:f6:a8:2d:20:cb:cd:ee:1a: 4c:da:ab:00:26:5d:b7:b0:3d:75:a3:fc:19:c5:2c:77:61:25: a2:0f:a9:e8:38:34:61:8f:16:d9:7a:db:88:f0:ef:7d:e4:b9: 21:95:d2:20:9a:59:9c:fd:27:f8:30:b9:ab:e9:50:99:e6:42: 24:61:73:65:ce:e5:50:39:84:bc:02:7c:19:a1:cc:21:0b:18: fa:47:44:59:e3:40:52:c9:64:80:31:bb:84:41:9e:17:e5:38: e3:df:57:6d:19:a7:37:ae:54:2c:00:7c:7a:a1:67:8a:ad:74: 01:8a:4e:b7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwNjEyMTYwODU2WhcNMjUwNjE5MTYwODU2WjAYMRYwFAYD VQQDEw02ODRhZmI5OC1iZWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA08nulVSDqqJr3h9vFTVAF9bDd2pxpzXnbfyxwLM1IrzAtbbA7WRlZvJWvO6E IfoJMcJHhPm9emaraiw5LflSs5YMDongU+k30NLLDhcJzRcPavkSkJCDpQH7lpfg FPbL1il81+ljAp54eVh8edw9Jf3r5sjvhNmuEp13k4Ikqc5N80MYeyT/RhicTzQf LkQ6UHzO+rloIT2Bs9tGvkAcqb/LjpLd3FK3dUuZgcY4ytl44FIop6oFxq/ui/GV dAr2Ufp7el1JQ7TAoUxgZvvK5rBf8FYHI9EKT73pqxzMq4oyLcrIl+DKcMmf89S6 kn71XufkifbXOktdEsDNSMpDOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNtG+jfv 31/n7VY3iXiuLhRKj9HTMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwF+i7gqHUzgEaFhjDdJEZ5ITRHSabf9Bln8qfKdrw9ep3CtWo1FGe YOV6shlosInvsnpwKpwNdJuCo6jPZUFXDFettMm1saJgU0m0rwCTEvoYnodWU6B7 NNzFazSXSu6jU2mAewmgkpsxzLhNvgzvetWfVEpYJWmsuNvtAsjV9hWPyYGVG3Xs 9qgtIMvN7hpM2qsAJl23sD11o/wZxSx3YSWiD6noODRhjxbZetuI8O995LkhldIg mlmc/Sf4MLmr6VCZ5kIkYXNlzuVQOYS8AnwZocwhCxj6R0RZ40BSyWSAMbuEQZ4X 5Tjj31dtGac3rlQsAHx6oWeKrXQBik63 -----END CERTIFICATE-----Generated at Sat Jun 14 17:23:56 2025 by rpki-client