$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: OL+sFIAVXaeb435GSa/QCguEviQcCEMzSFAaV1MMgHY= Subject key identifier: C5:F5:25:69:A6:00:0F:92:C7:8D:B0:1F:52:51:FD:65:9F:11:56:22 Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 096B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 0964 Signing time: Sun 20 Jul 2025 20:17:12 +0000 Manifest this update: Sun 20 Jul 2025 20:17:11 +0000 Manifest next update: Sun 27 Jul 2025 20:17:11 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: XVCmSbULdiyQqrv5tbYN7zMEzz1hvX0W+MSmOyy8c7Q=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 20:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2411 (0x96b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Jul 20 20:17:11 2025 GMT Not After : Jul 27 20:17:11 2025 GMT Subject: CN=687d4ec8-43cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:35:f5:99:af:cb:d4:fe:9c:a8:0b:a2:bb:23: ed:f8:ac:71:ee:9a:30:0c:76:6e:b6:2b:d8:83:bf: 83:fc:2b:33:a4:43:b1:74:f4:90:6c:bc:1c:57:63: 72:e7:ae:24:68:43:a0:27:8a:4f:0a:9f:b2:26:31: 0f:d3:ee:9b:f0:5d:20:34:05:18:59:79:e5:5f:23: e9:58:a0:e5:ac:4b:cc:37:1c:8e:ea:3e:e4:3c:41: a0:de:d8:e6:72:a0:06:9e:70:99:a4:3e:56:38:64: c2:06:f1:59:71:35:b5:b1:8e:24:75:56:71:47:c4: ad:45:db:f4:3e:6b:3f:e1:43:b7:f4:3d:9b:e1:3f: 38:cb:36:52:51:99:d9:24:a0:97:1f:e0:a5:06:54: a2:13:3e:54:bb:e6:9f:00:b3:67:2d:9b:c9:4c:cf: 5e:29:b9:ba:59:2c:e4:ec:dd:b1:bd:03:46:dc:b2: 49:e6:75:a0:1f:16:1c:cc:31:1d:92:cd:23:e1:5c: b1:3e:db:62:6e:c2:27:d6:0b:6e:7e:b5:d7:9a:12: a8:67:5f:17:4f:3b:62:87:52:8b:5d:61:0d:9b:e2: 10:3c:a8:bf:cd:40:35:4e:ba:f1:10:99:bc:58:76: 9d:92:83:f8:10:ce:d6:88:19:b9:4a:ec:08:1d:5c: 91:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F5:25:69:A6:00:0F:92:C7:8D:B0:1F:52:51:FD:65:9F:11:56:22 X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:f8:26:ef:07:86:ef:78:6b:9d:0a:d5:b0:14:27:78:98:40: 35:3a:de:70:ae:40:5e:99:ef:9f:ac:14:62:ee:21:1a:69:78: f6:57:ff:72:00:2b:ae:75:66:5f:aa:c3:22:c7:92:4b:f3:c2: ce:fb:ce:9b:d8:17:d8:97:0f:b8:c0:45:e9:8e:09:79:5a:8b: 0b:05:72:d6:d5:fc:f5:00:93:31:a1:46:83:0d:b9:e4:ab:2b: 39:81:5f:f8:4d:7a:64:a6:7d:33:d3:f6:5f:8c:60:66:b8:ef: 39:b0:1a:20:9a:78:67:67:9d:9f:89:24:c6:c2:03:98:91:29: 30:0c:84:29:fd:9f:2c:cc:8c:61:b6:2b:e5:e9:a3:ab:36:fb: bc:7b:17:86:f3:e1:1f:14:d8:7d:6a:30:4e:ba:fd:d5:51:32: e9:54:31:ed:0a:c1:31:8d:b7:7e:b2:c9:c0:32:48:41:f5:b8: 5b:4f:1a:2a:ce:d1:93:32:b1:09:97:a9:c5:c1:09:cb:4d:04: e6:c6:8b:65:d4:35:0a:9d:aa:a5:c9:bf:ad:65:e2:e5:ce:38: cd:4c:72:55:c3:d0:97:db:8e:17:32:6a:94:86:6a:de:92:05: 5d:81:a4:a5:83:83:9e:2f:9d:da:ce:b6:c5:41:13:e6:f1:17: 3e:d7:a1:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwNzIwMjAxNzExWhcNMjUwNzI3MjAxNzExWjAYMRYwFAYD VQQDEw02ODdkNGVjOC00M2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7DX1ma/L1P6cqAuiuyPt+Kxx7powDHZutivYg7+D/CszpEOxdPSQbLwcV2Ny 564kaEOgJ4pPCp+yJjEP0+6b8F0gNAUYWXnlXyPpWKDlrEvMNxyO6j7kPEGg3tjm cqAGnnCZpD5WOGTCBvFZcTW1sY4kdVZxR8StRdv0Pms/4UO39D2b4T84yzZSUZnZ JKCXH+ClBlSiEz5Uu+afALNnLZvJTM9eKbm6WSzk7N2xvQNG3LJJ5nWgHxYczDEd ks0j4VyxPttibsIn1gtufrXXmhKoZ18XTztih1KLXWENm+IQPKi/zUA1TrrxEJm8 WHadkoP4EM7WiBm5SuwIHVyR5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMX1JWmm AA+Sx42wH1JR/WWfEVYiMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3+CbvB4bveGudCtWwFCd4mEA1Ot5wrkBeme+frBRi7iEaaXj2V/9y ACuudWZfqsMix5JL88LO+86b2BfYlw+4wEXpjgl5WosLBXLW1fz1AJMxoUaDDbnk qys5gV/4TXpkpn0z0/ZfjGBmuO85sBogmnhnZ52fiSTGwgOYkSkwDIQp/Z8szIxh tivl6aOrNvu8exeG8+EfFNh9ajBOuv3VUTLpVDHtCsExjbd+ssnAMkhB9bhbTxoq ztGTMrEJl6nFwQnLTQTmxotl1DUKnaqlyb+tZeLlzjjNTHJVw9CX244XMmqUhmre kgVdgaSlg4OeL53azrbFQRPm8Rc+16EV -----END CERTIFICATE-----Generated at Mon Jul 21 08:06:52 2025 by rpki-client