$ rpki-client -vvf rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.mft File: OEBSLgVtM3Uf55akOVuNTf3lj4w.mft (raw, json) Hash identifier: JnGOmwS3FTnNW2v3KxdvgKOKOpoOkmxQdiiVK5kyxOs= Subject key identifier: 84:44:59:8A:92:DB:E6:C2:90:EE:6E:3D:61:36:40:36:70:1F:CB:FC Authority key identifier: 38:40:52:2E:05:6D:33:75:1F:E7:96:A4:39:5B:8D:4D:FD:E5:8F:8C Certificate issuer: /CN=A917FEF3/serialNumber=3840522E056D33751FE796A4395B8D4DFDE58F8C Certificate serial: 0687 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OEBSLgVtM3Uf55akOVuNTf3lj4w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.mft Manifest number: 067F Signing time: Sun 02 Nov 2025 22:30:03 +0000 Manifest this update: Sun 02 Nov 2025 22:30:03 +0000 Manifest next update: Sun 09 Nov 2025 22:30:03 +0000 Files and hashes: 1: OEBSLgVtM3Uf55akOVuNTf3lj4w.crl (hash: jZRRzze7C+HxK/6SKf6GSdEM00cUhAvtJEKotDE8yIo=) 2: B21979EE9CAF11ECBFF4AF64C4F9AE02.roa (hash: sdbnkMVypf4sBW84IBpLOAa+Rd3ZV2UqRLClbIWsTfg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.crl rsync://rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OEBSLgVtM3Uf55akOVuNTf3lj4w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:30:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1671 (0x687) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917FEF3, serialNumber=3840522E056D33751FE796A4395B8D4DFDE58F8C Validity Not Before: Nov 2 22:30:03 2025 GMT Not After : Nov 9 22:30:03 2025 GMT Subject: CN=6907db6b-b622 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:76:83:37:b2:e1:28:0d:5b:af:3f:3c:b3:b8: 30:02:0d:05:7f:f4:2c:f2:48:2f:77:d8:ef:da:b9: 08:4c:bf:87:9f:7d:6c:3d:b9:9d:59:fa:ee:a8:ca: e9:2e:3f:a1:08:dc:c0:d9:ba:d4:6b:ec:13:3d:ab: a9:72:a7:d4:03:dc:1a:80:46:22:6c:3c:03:38:cb: 08:47:1f:dd:5d:03:87:14:10:c8:a3:78:0a:36:32: 9a:18:75:34:d7:6d:6a:00:0e:ef:ea:ee:4f:f7:d4: 70:fa:15:28:e6:bb:8b:23:41:03:0c:4e:4b:f0:22: 47:02:89:3d:e6:da:4d:95:7f:05:6d:04:32:1c:88: f9:22:10:d3:98:aa:3a:a8:50:c7:11:86:bd:71:66: 36:1a:a6:bb:de:13:fb:b5:b1:34:48:19:0a:bc:11: c3:8b:9d:9f:b8:93:ff:10:54:48:6e:bc:c3:3f:70: c6:f3:94:5d:6c:8a:bf:af:e7:d2:e0:cf:74:11:e7: a4:a7:21:55:51:10:e0:3f:31:cd:a8:97:e3:b6:7e: 95:af:40:4d:88:10:ff:ba:f9:6f:63:97:18:6e:91: dd:f8:26:55:8e:60:70:1f:d1:ef:82:f1:56:f0:6f: f4:2a:a0:92:29:c4:ad:f3:15:c1:43:b1:96:ca:61: 17:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:44:59:8A:92:DB:E6:C2:90:EE:6E:3D:61:36:40:36:70:1F:CB:FC X509v3 Authority Key Identifier: keyid:38:40:52:2E:05:6D:33:75:1F:E7:96:A4:39:5B:8D:4D:FD:E5:8F:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OEBSLgVtM3Uf55akOVuNTf3lj4w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FEF3/DDDC01EC985411EBBB47964AC4F9AE02/OEBSLgVtM3Uf55akOVuNTf3lj4w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:5e:ab:c3:59:d1:27:f7:a3:55:10:31:af:43:fd:7a:77:2f: 79:27:4d:03:8f:22:77:f0:f2:af:85:0f:fb:0e:10:f1:4f:c0: 85:ee:41:17:f2:ce:0a:b5:7a:ed:91:13:bb:33:76:d0:ac:16: 14:5a:60:2c:6a:60:28:ac:6f:e9:3d:19:cc:d1:22:10:66:57: a2:29:b4:b1:d0:1b:4f:2f:e1:ce:87:3a:dd:b4:6c:c4:7e:ce: 00:98:cc:a1:1f:7f:8b:5b:d3:cc:40:bd:d6:6a:da:81:50:6d: 41:f0:e3:23:2e:80:77:fd:f9:20:ec:88:e8:c4:c0:7f:4a:f3: ff:b3:a3:b6:e1:5a:09:e0:40:37:77:2a:a8:80:6c:e5:03:c8: 52:af:54:43:23:08:79:be:96:86:48:6b:b3:8a:c5:4c:d2:16: d1:87:6c:2e:dc:c0:aa:be:1e:3e:8c:1b:b3:4a:b6:2b:3a:6d: 3c:2f:5d:da:e8:55:44:e9:26:f8:e0:79:ff:01:c4:20:81:8e: ca:33:5c:4d:fc:e5:c8:4f:59:f8:f1:1f:b2:ef:8a:b6:15:b9: c6:1d:18:f6:8b:f0:b8:b4:f8:ca:9d:ba:4a:f0:a8:76:49:13: 21:db:75:21:47:63:ee:73:2e:e7:63:fc:da:46:ed:03:30:f0: f3:b2:ee:a1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ZFRjMxMTAvBgNVBAUTKDM4NDA1MjJFMDU2RDMzNzUxRkU3OTZBNDM5NUI4RDRE RkRFNThGOEMwHhcNMjUxMTAyMjIzMDAzWhcNMjUxMTA5MjIzMDAzWjAYMRYwFAYD VQQDEw02OTA3ZGI2Yi1iNjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApHaDN7LhKA1brz88s7gwAg0Ff/Qs8kgvd9jv2rkITL+Hn31sPbmdWfruqMrp Lj+hCNzA2brUa+wTPaupcqfUA9wagEYibDwDOMsIRx/dXQOHFBDIo3gKNjKaGHU0 121qAA7v6u5P99Rw+hUo5ruLI0EDDE5L8CJHAok95tpNlX8FbQQyHIj5IhDTmKo6 qFDHEYa9cWY2Gqa73hP7tbE0SBkKvBHDi52fuJP/EFRIbrzDP3DG85RdbIq/r+fS 4M90EeekpyFVURDgPzHNqJfjtn6Vr0BNiBD/uvlvY5cYbpHd+CZVjmBwH9HvgvFW 8G/0KqCSKcSt8xXBQ7GWymEXmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIREWYqS 2+bCkO5uPWE2QDZwH8v8MB8GA1UdIwQYMBaAFDhAUi4FbTN1H+eWpDlbjU395Y+M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RkVGMy9ERERDMDFFQzk4 NTQxMUVCQkI0Nzk2NEFDNEY5QUUwMi9PRUJTTGdWdE0zVWY1NWFrT1Z1TlRmM2xq NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09FQlNMZ1Z0TTNVZjU1YWtPVnVOVGYzbGo0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RkVGMy9ERERDMDFFQzk4NTQxMUVCQkI0Nzk2NEFDNEY5QUUwMi9PRUJTTGdWdE0z VWY1NWFrT1Z1TlRmM2xqNHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnXqvDWdEn96NVEDGvQ/16dy95J00DjyJ38PKvhQ/7DhDxT8CF7kEX 8s4KtXrtkRO7M3bQrBYUWmAsamAorG/pPRnM0SIQZleiKbSx0BtPL+HOhzrdtGzE fs4AmMyhH3+LW9PMQL3WatqBUG1B8OMjLoB3/fkg7IjoxMB/SvP/s6O24VoJ4EA3 dyqogGzlA8hSr1RDIwh5vpaGSGuzisVM0hbRh2wu3MCqvh4+jBuzSrYrOm08L13a 6FVE6Sb44Hn/AcQggY7KM1xN/OXIT1n48R+y74q2FbnGHRj2i/C4tPjKnbpK8Kh2 SRMh23UhR2Pucy7nY/zaRu0DMPDzsu6h -----END CERTIFICATE-----Generated at Mon Nov 3 18:17:11 2025 by rpki-client