$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: O5Nm76yZkQSkceac9uIColDvM8loT1Odo3H03VTnuhg= Subject key identifier: 90:FA:E2:B8:50:83:38:D2:65:2E:98:CD:93:92:D2:5B:1F:E5:61:86 Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0499 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 0493 Signing time: Wed 05 Nov 2025 00:07:09 +0000 Manifest this update: Wed 05 Nov 2025 00:07:09 +0000 Manifest next update: Wed 12 Nov 2025 00:07:08 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: nU6FzgRs+fuBJIkSiqLXHrlg9NnyVs7pSALT8bnbitU=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1177 (0x499) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Nov 5 00:07:09 2025 GMT Not After : Nov 12 00:07:08 2025 GMT Subject: CN=690a952d-2ae8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:e2:02:a0:d8:23:37:70:b6:7d:50:a1:95:fd: 52:db:3a:03:ac:e0:0f:d4:f7:8f:35:13:9d:98:8f: db:89:06:71:62:4c:22:1d:d0:6e:bd:98:17:c1:71: ae:97:43:4d:ef:e9:f5:dc:66:8d:17:64:82:cc:1e: d0:da:52:16:24:5a:69:4a:7d:78:f0:55:8b:28:10: 8c:01:ad:a2:29:31:ca:fa:ed:e6:e0:d5:ca:c4:2b: 22:f8:8c:bc:b2:07:01:1c:7a:1e:d0:c8:4b:7a:0b: 60:d7:20:44:da:77:40:12:7a:be:a1:74:9b:b7:bb: 6b:f6:d7:a3:1c:2e:e7:f3:19:16:e6:94:0f:1c:19: d4:cc:0b:65:7c:5b:d1:90:ff:d1:6f:bc:49:53:f8: 53:68:ca:aa:b4:1c:b5:33:2d:5f:65:13:fc:1f:7e: a8:55:94:90:39:61:51:1a:8e:a2:5a:18:e8:63:b2: ea:52:ac:42:51:18:18:22:39:0f:f1:2c:05:5a:e2: b2:4d:9c:19:82:6a:01:b8:72:92:36:0b:3a:f6:1a: 23:34:df:7b:90:20:07:31:d6:25:d2:1a:4b:5d:e0: d2:c1:3e:c4:ab:d5:83:c6:0d:49:f2:52:ad:f4:49: 01:e0:30:54:db:64:7e:11:5c:10:d5:50:95:49:6d: 70:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:FA:E2:B8:50:83:38:D2:65:2E:98:CD:93:92:D2:5B:1F:E5:61:86 X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:74:0c:16:5b:9a:c8:83:e3:67:e5:33:ae:7a:cc:59:41:d0: 8a:69:58:d3:7a:24:fe:e6:2b:6a:da:9e:3d:5e:45:f2:c2:0b: f5:35:5e:19:6a:22:78:42:04:74:b2:d9:db:c9:b3:36:fb:4b: c5:27:81:0b:12:19:ad:86:5c:c8:85:07:5a:c1:cd:29:84:dd: be:45:e5:77:bf:fd:ec:1f:23:fe:f1:83:a2:bb:3f:ee:8e:e2: dc:7a:61:24:d4:6b:dd:b2:e4:dc:11:64:79:c3:3f:61:2f:14: 84:8e:58:ca:61:cd:f2:06:a3:8d:ab:b4:bd:a4:9b:85:39:55: 21:75:d0:bc:b4:34:e2:08:ed:84:30:1d:ef:b4:7f:c0:d6:74: bd:5d:66:d6:12:ba:66:70:12:24:46:ee:05:a8:5b:2f:79:b9: cf:40:0c:eb:1c:f6:b0:c0:63:56:80:c3:ab:15:6a:b2:4d:52: bb:71:d3:9a:48:ff:21:3c:4a:be:93:fe:af:af:78:e7:d8:6b: c9:28:e9:70:87:65:27:14:5c:5b:b3:c9:7e:c6:b0:b9:f6:c1: 62:00:06:dd:3e:dc:51:2d:04:23:16:dd:cb:d4:58:0e:33:01: d8:e7:95:c4:61:60:ad:f8:5c:a0:ba:9f:d5:3e:15:20:30:be: fc:57:e4:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUxMTA1MDAwNzA5WhcNMjUxMTEyMDAwNzA4WjAYMRYwFAYD VQQDEw02OTBhOTUyZC0yYWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0eICoNgjN3C2fVChlf1S2zoDrOAP1PePNROdmI/biQZxYkwiHdBuvZgXwXGu l0NN7+n13GaNF2SCzB7Q2lIWJFppSn148FWLKBCMAa2iKTHK+u3m4NXKxCsi+Iy8 sgcBHHoe0MhLegtg1yBE2ndAEnq+oXSbt7tr9tejHC7n8xkW5pQPHBnUzAtlfFvR kP/Rb7xJU/hTaMqqtBy1My1fZRP8H36oVZSQOWFRGo6iWhjoY7LqUqxCURgYIjkP 8SwFWuKyTZwZgmoBuHKSNgs69hojNN97kCAHMdYl0hpLXeDSwT7Eq9WDxg1J8lKt 9EkB4DBU22R+EVwQ1VCVSW1wZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJD64rhQ gzjSZS6YzZOS0lsf5WGGMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVdAwWW5rIg+Nn5TOuesxZQdCKaVjTeiT+5itq2p49XkXywgv1NV4Z aiJ4QgR0stnbybM2+0vFJ4ELEhmthlzIhQdawc0phN2+ReV3v/3sHyP+8YOiuz/u juLcemEk1GvdsuTcEWR5wz9hLxSEjljKYc3yBqONq7S9pJuFOVUhddC8tDTiCO2E MB3vtH/A1nS9XWbWErpmcBIkRu4FqFsvebnPQAzrHPawwGNWgMOrFWqyTVK7cdOa SP8hPEq+k/6vr3jn2GvJKOlwh2UnFFxbs8l+xrC59sFiAAbdPtxRLQQjFt3L1FgO MwHY55XEYWCt+Fygup/VPhUgML78V+R/ -----END CERTIFICATE-----Generated at Wed Nov 5 13:55:34 2025 by rpki-client