$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft File: ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft (raw, json) Hash identifier: 2mUVn19yVO6FohWimq3MlPPbIBxuN2M9eiH7PGrH12A= Subject key identifier: DC:69:46:BE:3A:70:90:23:DB:00:FB:6D:04:9C:7B:86:18:DD:C6:CD Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1D22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft Manifest number: 1CB1 Signing time: Mon 28 Apr 2025 16:18:00 +0000 Manifest this update: Mon 28 Apr 2025 16:17:59 +0000 Manifest next update: Mon 05 May 2025 16:17:59 +0000 Files and hashes: 1: ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl (hash: RPIfYPI9vQZMp8UJq/HMhLLVRgDFy/ZyKw2MLqEBSzA=) 2: 5AF6DD08FAE611EF88903035C4F9AE02.roa (hash: KNe37v08jiMTHI1bvjZ6KE/Vcj+r6uVPwkyGH49Kddo=) 3: 75D2A3666E8011EF92BDE465C4F9AE02.roa (hash: Geibmj5f7sWd8ePmSyK9CqZnwcGstWhLmjedleooMUY=) 4: 3BDD23E27CA611EE82D65D19C4F9AE02.roa (hash: DWVN0wHi6QUPs6snWtASAJaDoQXZR8E1QW/cZGA9SNI=) 5: 2F9A7A1648FC11EBBAE0991CC4F9AE02.roa (hash: EyyP05+w3I6zJfg1bK7YEVwaO6aHmtM/Fo2uP4RPYlc=) 6: 84064494E48F11EF8386EA50C4F9AE02.roa (hash: d3vLmOzYTOa3NHb3yIWalGAnlNbBjiF+dtQHwr43NhM=) 7: 87F433B2234C11EBA94AE637C4F9AE02.roa (hash: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk=) 8: 3EF78CAA9DF911EF971AD149C4F9AE02.roa (hash: JvMqjKLoQToshoNSeubhlEpU1GQez85G+xjPh2YQQpU=) 9: CCD092AE4E6411EF92C0EC3AC4F9AE02.roa (hash: rM2HcTN6YD/Z+cCFcZeuxrJ7Jgv3YiMIlsdFtNQfr2Q=) 10: D3C8593E905E11EFAF2C185CC4F9AE02.roa (hash: mX5h1pe0z8G3BqKuVtzq+wiHKMx8BkOvpXEXAJFLe90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 16:17:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7458 (0x1d22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Apr 28 16:17:59 2025 GMT Not After : May 5 16:17:59 2025 GMT Subject: CN=680faa37-c2fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:2e:c9:99:89:05:d7:8d:02:b6:d1:b5:a0:ef: bc:10:02:09:13:04:a3:6b:72:ed:00:da:5d:00:ea: 3e:8c:de:c4:8f:3a:7f:58:93:02:22:bb:9f:4f:40: 73:d1:5b:08:93:5a:c2:57:c5:0b:54:c8:85:9d:80: 4c:64:43:20:e7:52:34:08:1d:9b:c0:e1:5e:d3:2b: 9b:cf:cd:39:ff:e2:8e:f1:ba:69:a6:05:ce:5c:33: cd:2e:73:e2:d9:3e:a0:17:68:1a:bf:f7:72:e5:c7: 15:77:cc:e9:29:b2:14:d0:ea:68:9e:6b:88:a7:ed: 3d:cb:d6:cb:2c:fd:de:57:96:76:ea:39:b9:7e:e8: bc:c4:cc:0b:fb:19:7c:e4:86:c9:fd:8f:ac:62:65: 6b:b3:e6:c5:55:ec:ab:42:a2:b3:6e:dc:3e:b7:9b: 5a:1e:8e:f6:58:32:79:08:e5:61:23:b6:0d:fc:6b: 34:f7:ec:6b:d9:0c:da:f1:15:fb:df:20:52:45:6e: 47:ea:a9:d5:e5:95:89:50:c8:87:e6:66:af:54:bb: 38:06:e0:0f:8c:cf:6c:83:07:e6:02:50:a9:14:27: 08:55:fb:40:17:d3:37:2d:0e:30:e1:01:d5:d2:76: c7:95:61:45:2b:2b:3a:7e:11:c2:75:6a:0c:2a:6c: 06:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:69:46:BE:3A:70:90:23:DB:00:FB:6D:04:9C:7B:86:18:DD:C6:CD X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:cf:6c:6d:dd:f2:e5:66:3f:af:c1:48:79:c2:f2:d6:d2:d3: f3:b3:99:92:a2:f5:c6:8b:0b:fc:de:a0:19:2c:70:6f:d3:f3: 77:9b:37:7e:cd:f1:bc:fe:99:83:3e:e8:43:3d:96:05:9b:de: 37:53:fc:de:02:f5:d6:bb:d1:5e:0a:57:3c:d8:b3:50:a4:7a: 75:8c:ec:d8:29:c6:25:ce:5f:87:15:29:86:8d:95:5c:20:29: 1e:e7:75:60:43:48:6a:c4:a8:66:e0:9c:f8:cc:a9:85:e7:29: b1:48:d5:16:78:3a:fe:92:84:8a:30:e1:ef:2c:53:ae:51:2b: 08:a5:a6:24:61:f9:51:09:5c:16:23:46:0a:6c:0e:7d:37:b5: d9:2c:b6:45:59:a3:fd:69:ae:03:b0:3e:63:4c:62:3f:02:67: 22:69:12:bb:ef:97:17:53:94:03:f4:df:47:63:78:38:02:7b: c6:a8:40:f0:e5:25:f5:cf:07:0b:cd:89:4e:7f:0b:85:fb:7d: 56:8a:65:be:e6:35:b5:47:c2:c8:f6:e9:66:6b:ea:97:8c:e2: 29:f2:a6:a8:ca:8b:a3:0c:f7:ae:5f:82:20:bb:92:2e:d2:9f: 03:d7:d3:45:d8:0a:bf:f0:17:08:08:14:28:76:af:e5:7e:26: 07:5b:9e:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHSIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwNDI4MTYxNzU5WhcNMjUwNTA1MTYxNzU5WjAYMRYwFAYD VQQDEw02ODBmYWEzNy1jMmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7C7JmYkF140CttG1oO+8EAIJEwSja3LtANpdAOo+jN7Ejzp/WJMCIrufT0Bz 0VsIk1rCV8ULVMiFnYBMZEMg51I0CB2bwOFe0yubz805/+KO8bpppgXOXDPNLnPi 2T6gF2gav/dy5ccVd8zpKbIU0OponmuIp+09y9bLLP3eV5Z26jm5fui8xMwL+xl8 5IbJ/Y+sYmVrs+bFVeyrQqKzbtw+t5taHo72WDJ5COVhI7YN/Gs09+xr2Qza8RX7 3yBSRW5H6qnV5ZWJUMiH5mavVLs4BuAPjM9sgwfmAlCpFCcIVftAF9M3LQ4w4QHV 0nbHlWFFKys6fhHCdWoMKmwGNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxpRr46 cJAj2wD7bQSce4YY3cbNMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTg0QS8xODA1MTkxQUUxRUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJj SVZMS2lWYjBNdm1vRTVZRG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFz2xt3fLlZj+vwUh5wvLW0tPzs5mSovXGiwv83qAZLHBv0/N3mzd+ zfG8/pmDPuhDPZYFm943U/zeAvXWu9FeClc82LNQpHp1jOzYKcYlzl+HFSmGjZVc ICke53VgQ0hqxKhm4Jz4zKmF5ymxSNUWeDr+koSKMOHvLFOuUSsIpaYkYflRCVwW I0YKbA59N7XZLLZFWaP9aa4DsD5jTGI/AmciaRK775cXU5QD9N9HY3g4AnvGqEDw 5SX1zwcLzYlOfwuF+31WimW+5jW1R8LI9ulma+qXjOIp8qaoyoujDPeuX4Igu5Iu 0p8D19NF2Aq/8BcICBQodq/lfiYHW54E -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:43 2025 by rpki-client on console.sobornost.net