$ rpki-client -vvf rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft File: IRoCHoq99NvyBwgibMgyj9JBMd8.mft (raw, json) Hash identifier: dwVWIRo3lNM4JIWQPGeY9C5GjEybz1DXh1IUDcb/R9c= Subject key identifier: 3A:FE:B8:74:BA:D1:77:39:2D:97:EF:2F:D1:72:80:FE:BA:19:E6:85 Authority key identifier: 21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF Certificate issuer: /CN=A9170F11/serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Certificate serial: 5E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft Manifest number: 5C Signing time: Sun 27 Apr 2025 05:56:28 +0000 Manifest this update: Sun 27 Apr 2025 05:56:28 +0000 Manifest next update: Sun 04 May 2025 05:56:28 +0000 Files and hashes: 1: IRoCHoq99NvyBwgibMgyj9JBMd8.crl (hash: XEdifhXadHAx/muYNYgX7yJVr/bi2ffBE7fzCdtFyM4=) 2: E01390DA9B4B11EFB0C10385C4F9AE02.roa (hash: 0x5TkGiSHnyFFskMts4EHmJ6yY3ZwtNmM36DRNUAT7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 94 (0x5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170F11, serialNumber=211A021E8ABDF4DBF20708226CC8328FD24131DF Validity Not Before: Apr 27 05:56:28 2025 GMT Not After : May 4 05:56:28 2025 GMT Subject: CN=680dc70c-d8e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:91:4c:03:b7:e1:99:b9:15:3e:bd:1a:65:24: a7:ba:08:16:6c:72:7f:29:28:7d:04:86:c1:bd:e9: 2d:77:3b:dc:21:d0:a1:f1:8e:49:63:11:4f:55:31: b2:64:c1:7b:92:67:c3:b8:1c:09:c8:3a:df:bd:68: d5:c6:da:67:76:ac:a3:df:90:fc:c9:d4:6b:97:ab: ea:14:ff:88:23:ad:b9:cf:7e:5e:13:2b:56:a2:c2: db:2d:9b:b7:ea:fb:7e:8e:7b:db:da:e6:11:8c:e8: 3f:42:b3:96:f9:d5:ea:0f:60:5b:04:19:7f:e3:45: fa:92:03:23:21:fd:79:53:d4:15:4f:b1:28:bc:87: a8:11:b3:24:e3:9c:95:4c:c1:55:ef:5f:ab:68:bb: 4e:cf:1a:1b:d2:e9:ff:19:67:02:51:b4:8c:bc:cc: e5:00:c9:62:eb:b3:85:31:96:d2:50:6c:8e:19:53: 08:02:d2:9a:27:0a:01:7b:cb:05:7b:f5:31:27:0c: 2a:5b:0c:6d:b0:af:23:24:95:f3:bd:ec:ce:1f:f4: 5e:ce:4e:f7:61:6a:66:58:49:4c:34:e3:47:ff:02: a5:49:42:d0:dd:0c:19:90:01:cc:3f:c8:db:4f:f5: 5f:f6:e7:d9:19:0e:89:05:5a:f3:91:15:51:8f:c1: 75:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:FE:B8:74:BA:D1:77:39:2D:97:EF:2F:D1:72:80:FE:BA:19:E6:85 X509v3 Authority Key Identifier: keyid:21:1A:02:1E:8A:BD:F4:DB:F2:07:08:22:6C:C8:32:8F:D2:41:31:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IRoCHoq99NvyBwgibMgyj9JBMd8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170F11/E16389109A7C11EF84950D33C4F9AE02/IRoCHoq99NvyBwgibMgyj9JBMd8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:42:71:51:4e:36:4e:4b:fd:0a:e1:17:51:00:bb:b5:c9:85: 14:a6:93:44:bc:f9:80:28:e2:7e:b6:14:19:31:8b:31:4c:b6: 85:74:38:9b:7a:c1:49:51:3d:a9:30:f6:9f:44:16:31:6e:41: 8a:7a:a5:b2:9b:c7:dc:9c:57:b4:77:ac:57:f2:bf:e7:aa:3c: 47:1f:16:c2:2f:81:57:6c:94:6d:6e:1b:ae:7c:45:9b:f2:aa: 17:66:a7:43:b5:42:b6:68:aa:02:87:8f:7e:04:1e:92:d9:f3: 21:fe:65:26:57:74:c8:88:93:68:e5:88:31:99:65:dd:a4:32: 2c:fc:70:2d:ad:5c:3d:68:e8:26:dd:5d:05:15:2d:78:ef:ac: 08:9e:68:8b:c4:24:e0:39:81:ae:91:a9:e9:bb:0d:43:99:33: c2:4d:49:ed:e6:e7:d7:22:3c:20:34:57:f6:b6:cd:0f:c2:54: d3:17:c4:69:fe:90:08:de:6d:a8:9a:1a:07:6d:22:97:67:8b: 39:b6:65:d7:58:26:bf:5b:4d:11:f2:5b:4d:4e:50:51:72:91: 33:9f:bf:32:1d:6d:76:dc:47:18:9d:f1:ab:d2:1b:ac:81:ce: a6:fb:45:7b:ff:ed:2a:f0:77:e0:1a:d1:eb:84:53:63:31:2a: 27:4a:4e:95 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MEYxMTExMC8GA1UEBRMoMjExQTAyMUU4QUJERjREQkYyMDcwODIyNkNDODMyOEZE MjQxMzFERjAeFw0yNTA0MjcwNTU2MjhaFw0yNTA1MDQwNTU2MjhaMBgxFjAUBgNV BAMTDTY4MGRjNzBjLWQ4ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDtkUwDt+GZuRU+vRplJKe6CBZscn8pKH0EhsG96S13O9wh0KHxjkljEU9VMbJk wXuSZ8O4HAnIOt+9aNXG2md2rKPfkPzJ1GuXq+oU/4gjrbnPfl4TK1aiwtstm7fq +36Oe9va5hGM6D9Cs5b51eoPYFsEGX/jRfqSAyMh/XlT1BVPsSi8h6gRsyTjnJVM wVXvX6tou07PGhvS6f8ZZwJRtIy8zOUAyWLrs4UxltJQbI4ZUwgC0ponCgF7ywV7 9TEnDCpbDG2wryMklfO97M4f9F7OTvdhamZYSUw040f/AqVJQtDdDBmQAcw/yNtP 9V/259kZDokFWvORFVGPwXVNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOv64dLrR dzktl+8v0XKA/roZ5oUwHwYDVR0jBBgwFoAUIRoCHoq99NvyBwgibMgyj9JBMd8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRjExL0UxNjM4OTEwOUE3 QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52eUJ3Z2liTWd5ajlKQk1k OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVJvQ0hvcTk5TnZ5QndnaWJNZ3lqOUpCTWQ4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw RjExL0UxNjM4OTEwOUE3QzExRUY4NDk1MEQzM0M0RjlBRTAyL0lSb0NIb3E5OU52 eUJ3Z2liTWd5ajlKQk1kOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACBCcVFONk5L/QrhF1EAu7XJhRSmk0S8+YAo4n62FBkxizFMtoV0OJt6 wUlRPakw9p9EFjFuQYp6pbKbx9ycV7R3rFfyv+eqPEcfFsIvgVdslG1uG658RZvy qhdmp0O1QrZoqgKHj34EHpLZ8yH+ZSZXdMiIk2jliDGZZd2kMiz8cC2tXD1o6Cbd XQUVLXjvrAieaIvEJOA5ga6Rqem7DUOZM8JNSe3m59ciPCA0V/a2zQ/CVNMXxGn+ kAjebaiaGgdtIpdnizm2ZddYJr9bTRHyW01OUFFykTOfvzIdbXbcRxid8avSG6yB zqb7RXv/7Srwd+Aa0euEU2MxKidKTpU= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:49 2025 by rpki-client on console.sobornost.net