$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: o4Lb4gVIr0jgKaO8OFH2m7OJkvL1uY+0xW6JaiCcysE= Subject key identifier: 8A:80:DF:7F:96:86:E2:C8:B1:20:75:87:40:DD:7C:78:80:B8:48:7C Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 098A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 0983 Signing time: Thu 18 Sep 2025 20:20:41 +0000 Manifest this update: Thu 18 Sep 2025 20:20:41 +0000 Manifest next update: Thu 25 Sep 2025 20:20:41 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: fqCjRDYwH3uw28TiGVpWp+fTypvjjMq+qe+YwfzoVHM=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:20:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2442 (0x98a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Sep 18 20:20:41 2025 GMT Not After : Sep 25 20:20:41 2025 GMT Subject: CN=68cc6999-d27c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e0:a6:67:17:15:24:cc:78:76:29:0a:5c:c7: bd:a0:99:01:84:aa:be:f5:a2:8d:7c:02:dd:94:47: 6c:e9:34:39:80:43:e6:ea:b5:bd:49:8f:11:39:e3: 07:cb:68:73:34:88:26:3a:ef:b1:60:89:93:e8:08: 00:84:8b:74:7a:7f:58:f4:e1:56:c3:6d:4a:af:2d: 57:22:75:40:da:2c:36:9e:a6:28:f0:f4:27:97:32: 78:1b:e0:7e:b6:0b:13:5e:92:9b:7f:2b:a4:51:59: 02:99:fe:ed:2e:05:dc:c3:ca:b8:ae:9b:f4:09:f4: e3:6d:0d:8f:64:d8:fc:a8:07:8b:6e:a6:57:2f:8e: 98:28:a9:a6:9b:ba:1b:20:16:cd:85:d3:1b:84:46: 4a:34:c5:44:d1:ef:fd:ea:a0:f1:70:7c:a6:8e:60: 9b:79:2d:9e:63:c5:b4:9a:d0:df:e6:fe:9d:d5:c0: 02:d2:c5:67:69:70:4c:aa:cf:1b:61:44:4a:92:54: 17:1c:ad:c2:f0:7d:f4:81:7c:2b:4b:26:4e:ca:43: 34:10:9c:3c:e3:b6:d9:c6:aa:af:6c:5a:29:b6:f9: dd:d0:97:ad:0b:5a:da:a8:c5:94:98:b9:ce:18:c8: 2c:ad:b7:7f:74:91:10:c9:30:8c:d9:0e:cc:93:40: 2c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:80:DF:7F:96:86:E2:C8:B1:20:75:87:40:DD:7C:78:80:B8:48:7C X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:3f:09:1f:33:01:88:46:7d:9a:42:d7:ac:66:9e:d9:3b:5c: 29:7e:cf:2b:75:93:49:9c:9d:7b:4d:a2:c4:fd:d2:7b:9d:54: 0e:ad:e7:84:4e:1f:0d:38:30:00:5c:13:52:fe:0f:a5:a4:5f: 44:1c:04:49:a8:c3:60:be:9b:c6:f7:f2:da:ae:32:a0:f7:1b: 0c:d9:34:f6:bc:32:43:a1:d1:54:b6:44:aa:e2:67:a4:1d:80: c6:b5:17:b9:d0:51:2c:41:c1:76:8b:4b:36:3d:8e:ef:c0:bc: 4f:32:15:34:18:b5:ca:7d:1e:a3:ce:42:02:cf:28:d1:3e:f0: db:df:8c:4b:40:c1:60:bf:59:2f:c8:fa:ac:68:e0:3a:6f:fb: fd:1e:c1:05:02:61:89:32:13:7c:c4:6c:bd:9f:66:04:12:ed: 0a:09:82:45:8b:86:c8:cc:bb:99:5d:77:b6:40:d3:0d:84:e8: 8d:41:11:b8:8e:98:e6:fb:c1:e6:cf:ad:2f:ab:e7:95:01:35: 73:13:ba:ab:c7:7d:75:79:2f:b4:46:e2:b3:a5:50:c4:34:30: e5:77:62:a3:ba:27:19:79:57:5e:82:db:ea:c8:dc:bc:1d:c7: d2:67:bc:81:8c:27:ca:1a:1c:73:7b:7f:f1:06:8f:08:e5:a1: 15:3d:2b:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwOTE4MjAyMDQxWhcNMjUwOTI1MjAyMDQxWjAYMRYwFAYD VQQDEw02OGNjNjk5OS1kMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtOCmZxcVJMx4dikKXMe9oJkBhKq+9aKNfALdlEds6TQ5gEPm6rW9SY8ROeMH y2hzNIgmOu+xYImT6AgAhIt0en9Y9OFWw21Kry1XInVA2iw2nqYo8PQnlzJ4G+B+ tgsTXpKbfyukUVkCmf7tLgXcw8q4rpv0CfTjbQ2PZNj8qAeLbqZXL46YKKmmm7ob IBbNhdMbhEZKNMVE0e/96qDxcHymjmCbeS2eY8W0mtDf5v6d1cAC0sVnaXBMqs8b YURKklQXHK3C8H30gXwrSyZOykM0EJw847bZxqqvbFoptvnd0JetC1raqMWUmLnO GMgsrbd/dJEQyTCM2Q7Mk0As5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIqA33+W huLIsSB1h0DdfHiAuEh8MB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPPwkfMwGIRn2aQtesZp7ZO1wpfs8rdZNJnJ17TaLE/dJ7nVQOreeE Th8NODAAXBNS/g+lpF9EHARJqMNgvpvG9/LarjKg9xsM2TT2vDJDodFUtkSq4mek HYDGtRe50FEsQcF2i0s2PY7vwLxPMhU0GLXKfR6jzkICzyjRPvDb34xLQMFgv1kv yPqsaOA6b/v9HsEFAmGJMhN8xGy9n2YEEu0KCYJFi4bIzLuZXXe2QNMNhOiNQRG4 jpjm+8Hmz60vq+eVATVzE7qrx311eS+0RuKzpVDENDDld2KjuicZeVdegtvqyNy8 HcfSZ7yBjCfKGhxze3/xBo8I5aEVPSvC -----END CERTIFICATE-----Generated at Thu Sep 18 23:51:08 2025 by rpki-client