$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: lSMniC5+FeKNUYjC57ZV2IFmkn0R7jcusbKvND6jVFM= Subject key identifier: DA:E3:D3:7C:24:21:FC:99:B1:A3:FD:97:83:B3:59:C3:86:9D:AE:64 Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CAF Signing time: Thu 24 Apr 2025 16:12:39 +0000 Manifest this update: Thu 24 Apr 2025 16:12:38 +0000 Manifest next update: Thu 01 May 2025 16:12:38 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: EG01K0vx+KIlemTHa+OFE/txOkbaWNI5mLvO0eHE45U=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: Geibmj5f7sWd8ePmSyK9CqZnwcGstWhLmjedleooMUY=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: rM2HcTN6YD/Z+cCFcZeuxrJ7Jgv3YiMIlsdFtNQfr2Q=) 10: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7456 (0x1d20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Apr 24 16:12:38 2025 GMT Not After : May 1 16:12:38 2025 GMT Subject: CN=680a62f6-9103 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:cf:d9:f0:21:c4:2b:71:50:75:36:57:4b:2d: df:01:83:b4:b2:67:36:9d:17:20:4a:9c:fa:c3:e4: ac:c0:f5:f1:27:ce:66:78:a4:cb:7f:ae:8b:2b:ae: 56:15:67:e3:d6:c6:88:3f:a8:e8:c2:41:3b:19:86: 59:f5:84:4b:ec:92:dd:3f:1c:57:48:23:70:f9:39: db:32:0d:ef:b8:9f:3b:6d:8e:cd:0b:ad:ff:e5:04: ca:7d:7e:ed:d8:18:04:02:bc:7d:68:9b:d7:60:08: c7:29:f7:9e:ce:b9:fe:b6:bc:c8:3e:bf:6d:5a:9e: 65:f0:5e:10:6d:cc:08:27:f2:43:4e:3c:82:6d:4c: c5:3b:57:5e:f1:8a:d0:e3:29:4b:d1:84:fc:e0:35: fb:bc:2a:84:89:e0:1c:03:f8:d9:53:8e:32:3f:bb: ba:d6:c8:0d:4b:76:c0:81:64:79:fb:77:c1:b0:e3: ad:c1:ea:16:ec:b9:07:1c:3c:ee:44:8f:2b:70:7d: 4f:48:f0:03:b8:a3:43:c8:fa:39:c8:46:d3:d7:d5: d6:c8:4c:bf:ac:34:65:1c:60:49:47:34:ad:cc:c7: 67:0b:78:75:91:ed:ad:5d:b5:72:1f:78:61:0b:d9: b0:17:6b:96:22:56:70:0f:58:51:65:66:48:d1:9c: bf:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:E3:D3:7C:24:21:FC:99:B1:A3:FD:97:83:B3:59:C3:86:9D:AE:64 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:66:37:e8:6b:30:69:b5:ff:13:14:1f:59:43:be:30:ea:e9: b3:c7:b9:f9:48:39:e8:42:cb:90:64:f2:41:79:a5:7f:6f:b5: 0b:b6:c0:00:68:da:d4:c7:8c:fa:ac:3c:38:f8:ac:62:e0:5d: 6c:3b:99:55:62:45:71:9a:ed:65:83:1c:db:a7:b6:a6:e7:9f: 3a:44:d9:3b:48:91:9f:16:f1:21:8d:81:15:f8:8e:11:ff:1d: c8:ce:26:dd:a6:b1:04:55:6b:f5:96:f9:e6:36:a2:ad:91:0c: c9:9a:1c:a4:15:05:60:c3:e2:df:8e:28:74:29:41:7d:af:1d: f8:f5:40:fe:11:e3:41:f3:87:ca:cc:8a:7a:27:35:fc:33:30: 4b:2a:10:f6:21:86:60:3f:d6:cc:18:b8:bf:91:2b:d6:5a:bd: 65:17:5f:d5:25:25:8a:b4:db:6b:01:2a:a9:0e:c3:56:0d:33: c8:7d:f5:ff:9f:d3:bd:e7:b9:7c:7c:37:b1:12:a6:41:03:ff: 60:04:cf:60:77:aa:37:19:a2:b7:70:b1:09:0e:75:a7:ff:6e: ef:2d:51:e4:a8:f6:9a:76:a9:b3:2d:08:7e:08:9c:1f:39:6a: ac:5e:5f:a2:ee:22:6d:e1:19:8c:3c:d0:6d:a6:3e:a8:f0:3a: fc:be:b0:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwNDI0MTYxMjM4WhcNMjUwNTAxMTYxMjM4WjAYMRYwFAYD VQQDEw02ODBhNjJmNi05MTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu8/Z8CHEK3FQdTZXSy3fAYO0smc2nRcgSpz6w+SswPXxJ85meKTLf66LK65W FWfj1saIP6jowkE7GYZZ9YRL7JLdPxxXSCNw+TnbMg3vuJ87bY7NC63/5QTKfX7t 2BgEArx9aJvXYAjHKfeezrn+trzIPr9tWp5l8F4QbcwIJ/JDTjyCbUzFO1de8YrQ 4ylL0YT84DX7vCqEieAcA/jZU44yP7u61sgNS3bAgWR5+3fBsOOtweoW7LkHHDzu RI8rcH1PSPADuKNDyPo5yEbT19XWyEy/rDRlHGBJRzStzMdnC3h1ke2tXbVyH3hh C9mwF2uWIlZwD1hRZWZI0Zy/oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNrj03wk IfyZsaP9l4OzWcOGna5kMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACZjfoazBptf8TFB9ZQ74w6umzx7n5SDnoQsuQZPJBeaV/b7ULtsAA aNrUx4z6rDw4+Kxi4F1sO5lVYkVxmu1lgxzbp7am5586RNk7SJGfFvEhjYEV+I4R /x3IzibdprEEVWv1lvnmNqKtkQzJmhykFQVgw+Lfjih0KUF9rx349UD+EeNB84fK zIp6JzX8MzBLKhD2IYZgP9bMGLi/kSvWWr1lF1/VJSWKtNtrASqpDsNWDTPIffX/ n9O957l8fDexEqZBA/9gBM9gd6o3GaK3cLEJDnWn/27vLVHkqPaadqmzLQh+CJwf OWqsXl+i7iJt4RmMPNBtpj6o8Dr8vrBX -----END CERTIFICATE-----Generated at Sat Apr 26 12:55:40 2025 by rpki-client