$ rpki-client -vvf rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.mft File: oTW4FOHrHifJWX7tLoIoVJMNP88.mft (raw, json) Hash identifier: yzmgt462cCFQ57pIBwma65PT4Gv851sIrBMwfKLSkQU= Subject key identifier: FE:C2:06:FB:1B:36:EE:D0:07:DD:8F:AF:51:30:76:23:1D:B1:C6:0C Authority key identifier: A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF Certificate issuer: /CN=A9197390/serialNumber=A135B814E1EB1E27C9597EED2E822854930D3FCF Certificate serial: 01E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.mft Manifest number: 01C4 Signing time: Mon 03 Nov 2025 03:18:48 +0000 Manifest this update: Mon 03 Nov 2025 03:18:48 +0000 Manifest next update: Mon 10 Nov 2025 03:18:48 +0000 Files and hashes: 1: oTW4FOHrHifJWX7tLoIoVJMNP88.crl (hash: QnXZNzrDfrqOdl3Da6AIOMjIUUQMQQho1Vnc/DWYb58=) 2: CD168A226C2111EFB0ACC153C4F9AE02.roa (hash: F8BQEsLxz2XO34zN3GNH3AuMPZU87rOGItPVHiqWabQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.crl rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:18:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 484 (0x1e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9197390, serialNumber=A135B814E1EB1E27C9597EED2E822854930D3FCF Validity Not Before: Nov 3 03:18:48 2025 GMT Not After : Nov 10 03:18:48 2025 GMT Subject: CN=69081f18-a3c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2c:62:b6:27:5e:a4:13:d4:9f:ee:86:36:0a: d5:58:cd:54:1a:e2:63:93:fa:61:5e:28:15:6e:d1: 16:15:a0:08:78:4c:af:86:41:a6:0c:96:12:da:03: e4:ea:61:75:08:ca:49:5d:d0:f6:1c:9f:de:da:29: c5:ba:3c:70:32:2c:ac:00:bd:66:ce:2c:33:7e:a0: 0b:29:21:f5:d6:a5:51:7c:a1:a4:dd:b4:7f:4e:0c: a2:3a:28:79:46:a6:0a:5a:c0:62:50:ed:1c:69:0c: 74:82:ab:39:cc:84:a7:ed:29:fb:8a:cd:4c:d0:7e: 3d:23:7c:93:fc:98:f9:f5:b4:5f:de:40:c9:67:46: 9d:7f:7f:32:1f:e1:5b:72:cf:85:67:91:53:05:6e: 22:d2:bb:94:23:5b:bb:19:f2:dc:e1:7e:0e:8e:88: 9f:83:06:31:f2:be:57:04:d3:64:92:f5:c9:d3:75: 25:91:48:4c:76:8d:04:54:93:fb:36:81:27:3b:bc: 64:5a:9c:9c:29:58:9e:30:44:8f:23:b0:b0:6f:b7: 7e:af:89:86:88:77:c7:c4:24:8d:44:47:5c:0e:a3: fc:8e:84:cc:25:b8:ed:74:12:3c:9f:a1:f3:f9:be: c6:4f:3d:91:cc:f0:f6:7d:0a:b8:0f:b4:88:1d:23: 37:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:C2:06:FB:1B:36:EE:D0:07:DD:8F:AF:51:30:76:23:1D:B1:C6:0C X509v3 Authority Key Identifier: keyid:A1:35:B8:14:E1:EB:1E:27:C9:59:7E:ED:2E:82:28:54:93:0D:3F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oTW4FOHrHifJWX7tLoIoVJMNP88.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197390/D2C7E7163E7A11EEA977D620C4F9AE02/oTW4FOHrHifJWX7tLoIoVJMNP88.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:0c:4e:b4:a7:af:53:a6:fc:ef:b3:f1:7d:46:1e:7d:cf:fe: 21:a6:38:94:4d:1b:d7:c5:da:e7:d7:41:41:3b:af:79:05:59: 02:2b:d6:46:89:6a:f5:64:60:61:c4:95:22:e1:4f:dd:21:c2: 01:79:a8:a8:8c:c4:99:f6:19:e4:a4:e4:f1:e4:63:b5:eb:e5: d6:21:97:54:c3:d6:ae:92:2f:19:15:2f:45:13:2f:be:95:57: 02:e6:92:fa:45:38:04:d1:e1:22:93:8e:ee:c7:86:0c:9f:1c: 59:71:84:a5:ba:ea:bb:0f:41:4c:f5:74:70:92:ed:4c:64:0b: d5:d9:ff:30:aa:40:81:6e:7f:b0:d4:7d:f2:ed:d0:0d:c9:f9: f7:29:bf:27:dd:55:95:fb:71:47:c4:c2:cf:e9:44:24:53:6c: 2b:84:64:5e:4d:70:de:04:f2:4c:02:b9:7f:02:0f:f3:10:8e: 28:65:0a:0d:07:77:45:ef:c9:31:ab:22:9f:66:75:84:42:d7: 3e:38:05:71:16:05:c8:33:dd:1d:86:20:9b:8b:af:bc:ad:c5: 75:0d:97:71:ab:c7:9c:12:22:b1:d7:e0:1d:9c:78:ad:21:eb: 81:1c:28:f2:16:a0:ec:1a:2e:61:2d:a0:52:6c:4a:12:e2:08: 38:dd:6c:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTczOTAxMTAvBgNVBAUTKEExMzVCODE0RTFFQjFFMjdDOTU5N0VFRDJFODIyODU0 OTMwRDNGQ0YwHhcNMjUxMTAzMDMxODQ4WhcNMjUxMTEwMDMxODQ4WjAYMRYwFAYD VQQDEw02OTA4MWYxOC1hM2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxixitidepBPUn+6GNgrVWM1UGuJjk/phXigVbtEWFaAIeEyvhkGmDJYS2gPk 6mF1CMpJXdD2HJ/e2inFujxwMiysAL1mziwzfqALKSH11qVRfKGk3bR/TgyiOih5 RqYKWsBiUO0caQx0gqs5zISn7Sn7is1M0H49I3yT/Jj59bRf3kDJZ0adf38yH+Fb cs+FZ5FTBW4i0ruUI1u7GfLc4X4OjoifgwYx8r5XBNNkkvXJ03UlkUhMdo0EVJP7 NoEnO7xkWpycKVieMESPI7Cwb7d+r4mGiHfHxCSNREdcDqP8joTMJbjtdBI8n6Hz +b7GTz2RzPD2fQq4D7SIHSM3bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7CBvsb Nu7QB92Pr1EwdiMdscYMMB8GA1UdIwQYMBaAFKE1uBTh6x4nyVl+7S6CKFSTDT/P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzM5MC9EMkM3RTcxNjNF N0ExMUVFQTk3N0Q2MjBDNEY5QUUwMi9vVFc0Rk9IckhpZkpXWDd0TG9Jb1ZKTU5Q ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29UVzRGT0hySGlmSldYN3RMb0lvVkpNTlA4OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NzM5MC9EMkM3RTcxNjNFN0ExMUVFQTk3N0Q2MjBDNEY5QUUwMi9vVFc0Rk9Ickhp ZkpXWDd0TG9Jb1ZKTU5QODgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeDE60p69Tpvzvs/F9Rh59z/4hpjiUTRvXxdrn10FBO695BVkCK9ZG iWr1ZGBhxJUi4U/dIcIBeaiojMSZ9hnkpOTx5GO16+XWIZdUw9auki8ZFS9FEy++ lVcC5pL6RTgE0eEik47ux4YMnxxZcYSluuq7D0FM9XRwku1MZAvV2f8wqkCBbn+w 1H3y7dANyfn3Kb8n3VWV+3FHxMLP6UQkU2wrhGReTXDeBPJMArl/Ag/zEI4oZQoN B3dF78kxqyKfZnWEQtc+OAVxFgXIM90dhiCbi6+8rcV1DZdxq8ecEiKx1+AdnHit IeuBHCjyFqDsGi5hLaBSbEoS4gg43Wxo -----END CERTIFICATE-----Generated at Mon Nov 3 18:14:39 2025 by rpki-client