$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft File: OhpAdHHRvxyhUl8h997PWmoqZNg.mft (raw, json) Hash identifier: MQwEgNckeXBeg6yeCnjkOUgSdG/3bFNdHvRRKUpNCRA= Subject key identifier: 6C:50:A5:39:D4:04:59:81:46:7B:5A:8A:20:0E:51:27:C3:0B:D5:7B Authority key identifier: 3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 Certificate issuer: /CN=A91B7B23/serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Certificate serial: 0173 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft Manifest number: 016B Signing time: Wed 05 Nov 2025 04:09:12 +0000 Manifest this update: Wed 05 Nov 2025 04:09:11 +0000 Manifest next update: Wed 12 Nov 2025 04:09:11 +0000 Files and hashes: 1: OhpAdHHRvxyhUl8h997PWmoqZNg.crl (hash: 0VKLFUvoPCNgjj24RnkoCD9RrNdopx6O1Kc3JD2H47I=) 2: 7F6FE074B84811F091A01766C4F9AE02.roa (hash: Xgl6MR7u5W2huYUpGaD0galzVLmRgghmaKbymP8qDb8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:09:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 371 (0x173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7B23, serialNumber=3A1A407471D1BF1CA1525F21F7DECF5A6A2A64D8 Validity Not Before: Nov 5 04:09:11 2025 GMT Not After : Nov 12 04:09:11 2025 GMT Subject: CN=690acde8-6462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b5:53:9d:e4:98:77:4e:5e:07:b8:b1:0b:13: e5:ec:8b:52:8c:1b:e2:fb:a7:6b:e4:5d:0b:da:bc: 5a:05:dd:9e:84:a7:99:9b:65:0f:13:05:55:5b:c0: ab:3b:41:71:ec:59:6e:c8:54:5c:5a:52:3c:f5:a7: ae:d4:bd:cb:eb:5d:1d:ed:f2:19:bf:2c:8b:38:6c: dd:fe:46:1f:c2:a1:34:25:5a:74:a1:9d:7c:cf:dd: 2e:ac:86:0a:ba:48:a0:80:cf:f3:97:9c:31:49:cb: f4:f2:a7:cf:a1:62:7a:b6:77:9b:81:22:2c:44:25: 3c:3a:c7:49:51:1c:51:11:2c:96:d7:92:8d:b0:9f: fe:3e:ab:42:01:9e:68:64:60:4d:95:8d:98:97:71: 88:10:67:aa:22:cb:9e:2b:ac:fc:2f:91:84:25:94: 27:f7:53:27:78:22:f7:6e:c8:54:df:c1:0b:c9:72: ef:f1:fa:82:13:4d:39:f4:a9:80:d7:46:5b:d0:0b: aa:b9:1f:7c:1c:fd:d3:e2:cd:33:07:1c:83:fb:3f: a2:ee:24:18:08:8b:8d:e4:62:69:16:42:7f:0f:6b: 28:92:85:71:7d:ad:30:51:ed:71:bd:7b:57:1b:c9: 90:9f:7c:ce:ec:be:9d:fe:99:93:80:3c:2e:3b:04: fb:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:50:A5:39:D4:04:59:81:46:7B:5A:8A:20:0E:51:27:C3:0B:D5:7B X509v3 Authority Key Identifier: keyid:3A:1A:40:74:71:D1:BF:1C:A1:52:5F:21:F7:DE:CF:5A:6A:2A:64:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhpAdHHRvxyhUl8h997PWmoqZNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7B23/7545F03A97D311EEA23C660BC4F9AE02/OhpAdHHRvxyhUl8h997PWmoqZNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c9:2a:2c:95:c6:ea:d6:06:5c:b6:c7:61:b5:74:d9:d0:6f:b8: 7f:2c:dd:a6:8e:88:48:6a:a8:20:fc:be:b0:b2:77:18:f2:48: 2c:f1:2c:46:8a:3f:56:72:73:c4:ff:52:f4:b7:51:01:70:c5: 68:83:e2:a1:8b:bc:98:b5:b4:67:bf:c8:3e:6b:26:f7:ba:c2: 11:33:0c:e5:4d:14:de:38:79:7d:12:f1:49:90:b4:99:40:49: f0:f0:cd:ce:56:9c:f4:8e:ab:51:c3:0c:10:e0:54:6a:3c:fa: 90:47:c8:87:87:a1:d0:47:37:9a:b2:7d:d8:97:fc:7b:5d:cd: a6:34:56:d7:9a:53:a1:27:09:f1:4c:4a:50:9c:a7:c6:59:2d: e6:dd:3f:98:e1:32:31:03:55:44:ef:b8:4a:3d:3c:b0:40:93: a1:ce:1c:10:47:c5:3c:63:5e:2d:1a:ba:0c:57:0d:1c:9d:5e: fb:5b:e4:14:80:30:72:b9:38:b3:a4:62:03:66:6e:85:67:d1: 37:94:25:7f:72:c0:6c:1b:43:e3:77:4c:79:d5:4b:90:49:17: a4:b9:70:b9:52:7d:d4:db:6f:74:ca:95:29:2a:e9:ff:b2:19: 83:48:3f:00:05:88:c5:89:4c:fc:6d:72:69:eb:db:3d:2f:e2: 0e:5f:2f:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCMjMxMTAvBgNVBAUTKDNBMUE0MDc0NzFEMUJGMUNBMTUyNUYyMUY3REVDRjVB NkEyQTY0RDgwHhcNMjUxMTA1MDQwOTExWhcNMjUxMTEyMDQwOTExWjAYMRYwFAYD VQQDEw02OTBhY2RlOC02NDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7VTneSYd05eB7ixCxPl7ItSjBvi+6dr5F0L2rxaBd2ehKeZm2UPEwVVW8Cr O0Fx7FluyFRcWlI89aeu1L3L610d7fIZvyyLOGzd/kYfwqE0JVp0oZ18z90urIYK ukiggM/zl5wxScv08qfPoWJ6tnebgSIsRCU8OsdJURxRESyW15KNsJ/+PqtCAZ5o ZGBNlY2Yl3GIEGeqIsueK6z8L5GEJZQn91MneCL3bshU38ELyXLv8fqCE0059KmA 10Zb0AuquR98HP3T4s0zBxyD+z+i7iQYCIuN5GJpFkJ/D2sokoVxfa0wUe1xvXtX G8mQn3zO7L6d/pmTgDwuOwT7lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGxQpTnU BFmBRntaiiAOUSfDC9V7MB8GA1UdIwQYMBaAFDoaQHRx0b8coVJfIffez1pqKmTY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0IyMy83NTQ1RjAzQTk3 RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4eWhVbDhoOTk3UFdtb3Fa TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09ocEFkSEhSdnh5aFVsOGg5OTdQV21vcVpOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC N0IyMy83NTQ1RjAzQTk3RDMxMUVFQTIzQzY2MEJDNEY5QUUwMi9PaHBBZEhIUnZ4 eWhVbDhoOTk3UFdtb3FaTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDJKiyVxurWBly2x2G1dNnQb7h/LN2mjohIaqgg/L6wsncY8kgs8SxG ij9WcnPE/1L0t1EBcMVog+Khi7yYtbRnv8g+ayb3usIRMwzlTRTeOHl9EvFJkLSZ QEnw8M3OVpz0jqtRwwwQ4FRqPPqQR8iHh6HQRzeasn3Yl/x7Xc2mNFbXmlOhJwnx TEpQnKfGWS3m3T+Y4TIxA1VE77hKPTywQJOhzhwQR8U8Y14tGroMVw0cnV77W+QU gDByuTizpGIDZm6FZ9E3lCV/csBsG0Pjd0x51UuQSRekuXC5Un3U2290ypUpKun/ shmDSD8ABYjFiUz8bXJp69s9L+IOXy8i -----END CERTIFICATE-----Generated at Wed Nov 5 11:50:25 2025 by rpki-client