$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft File: oRHoHEs-J72m4nEkl_bbugz7CCY.mft (raw, json) Hash identifier: q/EBUQ56zf6hJJ7VAw8pGULZro96+12nSlNVKiuRUQ4= Subject key identifier: C8:99:D7:95:3B:49:54:A6:C4:FC:ED:4A:1C:89:1D:BC:B6:A1:4A:8D Authority key identifier: A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 Certificate issuer: /CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Certificate serial: 13B1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft Manifest number: 13A5 Signing time: Fri 24 Oct 2025 17:22:37 +0000 Manifest this update: Fri 24 Oct 2025 17:22:36 +0000 Manifest next update: Fri 31 Oct 2025 17:22:36 +0000 Files and hashes: 1: oRHoHEs-J72m4nEkl_bbugz7CCY.crl (hash: jeEYxXKAuAjhU9Azpeppbq8PZAD9j5jRvuIJ2huSKug=) 2: 6D6692CAAA0211EEAADA3D32C4F9AE02.roa (hash: Lfw4Pf1U5kN1CyHW4zjiGH94Ozpr6hL2Iw69vgHFnZ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 17:22:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5041 (0x13b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1DB8, serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Validity Not Before: Oct 24 17:22:36 2025 GMT Not After : Oct 31 17:22:36 2025 GMT Subject: CN=68fbb5dc-c631 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:b9:2c:59:d2:4d:fb:34:82:4b:d9:3b:0a:00: 15:8e:27:0b:24:4d:7c:1c:41:b0:81:05:ed:25:c3: 7a:1f:c3:d2:56:4e:f2:f8:de:aa:fd:a3:f4:7b:8e: ec:89:f7:31:c9:4b:2f:ca:51:e9:28:db:3e:61:b7: f8:a0:91:d8:01:ae:8b:3c:cb:62:f6:cb:92:c3:34: 60:c3:98:24:1f:fd:2b:5e:a2:63:38:ea:71:46:08: d4:d6:2c:4b:04:71:36:f0:d3:99:c5:a7:aa:19:08: 12:86:0b:61:65:41:e6:ea:0a:bf:34:e1:fd:d5:f7: 91:86:b4:bd:29:ae:b7:72:59:35:1d:fe:bd:e9:a3: e5:82:9b:d8:84:69:8a:53:7f:67:1a:c7:37:03:92: 45:1e:0f:84:fe:be:80:a5:af:b5:3e:ed:24:5c:21: 84:65:82:91:6c:31:87:e5:a0:72:a3:2b:40:86:2c: ff:3e:d5:94:07:a7:b3:21:6f:e4:e9:8b:83:c2:8c: 65:5a:3d:8d:e0:a3:48:e0:0f:2f:39:8f:61:99:e5: ae:42:64:d3:12:7e:ed:65:52:68:5d:62:cb:d3:bb: d6:83:c7:92:8c:33:9e:bd:7a:8d:9a:5d:a9:d0:60: 61:72:52:04:a7:11:74:fb:4c:60:0e:1e:b6:14:29: 86:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:99:D7:95:3B:49:54:A6:C4:FC:ED:4A:1C:89:1D:BC:B6:A1:4A:8D X509v3 Authority Key Identifier: keyid:A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:79:d1:20:ab:eb:36:5d:a9:51:50:ce:22:72:c3:fc:4a:08: f2:0f:28:54:bc:32:26:9b:19:1e:f8:36:02:cd:b7:c4:5b:5e: f0:bf:1d:04:f1:d8:3f:bd:63:19:0e:8e:79:5a:69:b4:8a:76: 88:30:5a:01:30:40:b8:54:dd:8f:ba:f4:0f:27:d4:bc:f9:c0: 18:dd:8c:bb:a6:30:69:23:df:68:e0:fd:0a:73:30:4f:8f:fa: ab:b6:be:a2:9e:2d:c7:3b:24:c1:09:58:6d:1f:ba:cc:6d:4e: 33:86:b4:6f:cd:f3:a5:95:74:d3:f7:87:d6:28:b5:88:88:2b: fe:c7:b6:90:14:6c:65:06:14:69:66:14:7f:70:0d:d2:25:37: a8:eb:9a:2b:65:92:83:b4:79:98:d4:d2:1a:91:52:c4:80:77: 41:51:03:54:e0:d4:30:e8:b3:66:46:47:ad:5c:aa:7e:fe:d9: fe:dd:d9:75:38:b0:07:52:d4:d2:fc:69:6b:bd:8d:e7:01:81: 1b:45:79:b4:a5:79:7c:81:14:16:1d:ba:cb:29:4d:e2:20:31: 70:e4:85:ef:5a:e6:b6:96:43:b4:06:e1:fb:f3:3c:c6:a1:9c: 74:ca:80:6e:e1:9b:96:6a:a1:c3:b6:62:be:a5:4c:52:1d:be: 38:ea:e0:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFEQjgxMTAvBgNVBAUTKEExMTFFODFDNEIzRTI3QkRBNkUyNzEyNDk3RjZEQkJB MENGQjA4MjYwHhcNMjUxMDI0MTcyMjM2WhcNMjUxMDMxMTcyMjM2WjAYMRYwFAYD VQQDEw02OGZiYjVkYy1jNjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3bksWdJN+zSCS9k7CgAVjicLJE18HEGwgQXtJcN6H8PSVk7y+N6q/aP0e47s ifcxyUsvylHpKNs+Ybf4oJHYAa6LPMti9suSwzRgw5gkH/0rXqJjOOpxRgjU1ixL BHE28NOZxaeqGQgShgthZUHm6gq/NOH91feRhrS9Ka63clk1Hf696aPlgpvYhGmK U39nGsc3A5JFHg+E/r6Apa+1Pu0kXCGEZYKRbDGH5aByoytAhiz/PtWUB6ezIW/k 6YuDwoxlWj2N4KNI4A8vOY9hmeWuQmTTEn7tZVJoXWLL07vWg8eSjDOevXqNml2p 0GBhclIEpxF0+0xgDh62FCmG3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMiZ15U7 SVSmxPztShyJHby2oUqNMB8GA1UdIwQYMBaAFKER6BxLPie9puJxJJf227oM+wgm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8wRDk5MzFCQUEx MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3Mm00bkVrbF9iYnVnejdD Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29SSG9IRXMtSjcybTRuRWtsX2JidWd6N0NDWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MURCOC8wRDk5MzFCQUExMUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3 Mm00bkVrbF9iYnVnejdDQ1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYedEgq+s2XalRUM4icsP8SgjyDyhUvDImmxke+DYCzbfEW17wvx0E 8dg/vWMZDo55Wmm0inaIMFoBMEC4VN2PuvQPJ9S8+cAY3Yy7pjBpI99o4P0KczBP j/qrtr6ini3HOyTBCVhtH7rMbU4zhrRvzfOllXTT94fWKLWIiCv+x7aQFGxlBhRp ZhR/cA3SJTeo65orZZKDtHmY1NIakVLEgHdBUQNU4NQw6LNmRketXKp+/tn+3dl1 OLAHUtTS/GlrvY3nAYEbRXm0pXl8gRQWHbrLKU3iIDFw5IXvWua2lkO0BuH78zzG oZx0yoBu4ZuWaqHDtmK+pUxSHb446uDv -----END CERTIFICATE-----Generated at Sat Oct 25 17:39:49 2025 by rpki-client