$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft File: oqIX1KQS-1OPXJGjSzbOcYed22U.mft (raw, json) Hash identifier: ICUh4rJugES3q/uDiVjtmGvHCK/pjW1CUcX5P2qEa7s= Subject key identifier: CA:78:D7:54:86:B8:74:28:58:B3:AD:A1:FA:CE:88:D6:F5:22:1F:1F Authority key identifier: A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 Certificate issuer: /CN=A91CF9B0/serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Certificate serial: 0166 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft Manifest number: 0157 Signing time: Wed 17 Sep 2025 04:53:34 +0000 Manifest this update: Wed 17 Sep 2025 04:53:33 +0000 Manifest next update: Wed 24 Sep 2025 04:53:33 +0000 Files and hashes: 1: oqIX1KQS-1OPXJGjSzbOcYed22U.crl (hash: KuSuGBAenU5HigxJ5b81ElFTLGeFjTt8fH8UI53DDvM=) 2: 84D917FC9F4911EEA0C5C856C4F9AE02.roa (hash: NmyQHlBil47JzTSCPQYz/6ZBa9AnAtiDqsHIcZPO3dA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 04:53:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 358 (0x166) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF9B0, serialNumber=A2A217D4A412FB538F5C91A34B36CE71879DDB65 Validity Not Before: Sep 17 04:53:33 2025 GMT Not After : Sep 24 04:53:33 2025 GMT Subject: CN=68ca3ece-b611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a3:51:9a:f7:38:fa:ff:c9:4a:26:e4:38:b1: ce:49:fc:21:79:27:2c:d4:d9:da:54:33:69:6c:4e: 2d:28:01:59:31:17:cb:47:c1:fc:d8:3b:b4:b4:55: ce:7e:5c:2d:03:9d:8e:7c:7f:ba:45:ab:c1:41:a4: 17:8b:34:19:03:21:c1:4e:5a:e4:9e:40:81:38:ad: 4d:34:11:75:65:2a:57:92:26:c8:2b:c8:a8:8d:9c: e2:52:6c:fa:7a:ea:ef:33:51:25:1a:4b:b7:1b:42: 59:cc:4e:cb:59:f2:ba:3c:5c:58:df:ae:38:c0:61: cf:5d:68:dc:7f:4b:1a:04:1c:24:e8:64:95:22:be: c7:d7:ad:17:23:3d:bc:a2:db:67:dd:ec:17:4b:6a: 7e:fb:6f:47:e5:a0:29:bb:4f:6a:d5:75:cf:02:3a: 93:52:d4:40:e5:04:0e:52:f6:7e:d2:95:e2:df:d4: 1c:58:69:b4:48:66:eb:48:22:00:fe:26:f2:70:15: 5d:c6:1b:5b:c2:4d:32:a1:2a:ae:d1:b7:e3:20:b8: 5e:7f:02:52:66:52:ab:b2:e5:07:97:a7:44:3e:93: 11:a3:72:c9:b6:b0:60:5c:5e:08:c8:ff:7f:95:6d: 45:d9:67:9d:bb:1c:9f:74:ab:28:63:e0:55:76:39: 30:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:78:D7:54:86:B8:74:28:58:B3:AD:A1:FA:CE:88:D6:F5:22:1F:1F X509v3 Authority Key Identifier: keyid:A2:A2:17:D4:A4:12:FB:53:8F:5C:91:A3:4B:36:CE:71:87:9D:DB:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oqIX1KQS-1OPXJGjSzbOcYed22U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF9B0/14C9496E9F3F11EE801B1D62C4F9AE02/oqIX1KQS-1OPXJGjSzbOcYed22U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:d2:aa:33:e0:c3:06:ea:a6:f1:77:b3:78:42:9e:1f:1f:90: a7:e2:f0:2a:03:f6:76:23:cc:fd:33:a0:a2:d1:96:34:19:0b: 15:29:aa:fb:c8:5c:83:c6:a6:5a:c6:59:cc:bd:44:c1:55:cd: 0e:78:4d:21:92:db:2f:b3:15:41:8e:32:40:27:18:2e:b7:d9: 9e:3a:57:fd:b4:f0:90:3e:c5:5d:ea:fa:50:64:53:34:12:fd: ac:95:f5:be:53:66:55:f1:b4:a9:bb:cc:1f:7a:af:d5:d9:56: 0a:83:7a:f8:7d:67:6e:36:ec:36:d4:6a:a0:70:44:ec:5f:26: 4f:69:1d:e0:aa:9b:11:e1:45:94:a5:fa:f8:34:c1:d2:13:cd: 23:92:8c:a9:20:93:d9:65:5c:9d:76:48:b6:b3:48:e1:6e:09: 39:3e:ca:c2:5f:ff:f4:32:2a:cf:8d:23:64:ec:70:90:1c:cf: 0b:61:d2:24:8f:ea:ca:15:11:4b:83:53:6c:8f:0c:4d:51:87: 95:a2:1c:3e:9c:89:b5:e6:1b:92:07:6b:e9:c6:0e:33:5e:4a: ae:0b:a6:d5:7f:c6:52:6a:50:24:2d:fc:f7:6b:83:b2:de:e1: d5:53:61:a5:df:19:12:d9:51:75:ce:82:4a:93:3b:e7:1e:cc: 7a:dc:56:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y5QjAxMTAvBgNVBAUTKEEyQTIxN0Q0QTQxMkZCNTM4RjVDOTFBMzRCMzZDRTcx ODc5RERCNjUwHhcNMjUwOTE3MDQ1MzMzWhcNMjUwOTI0MDQ1MzMzWjAYMRYwFAYD VQQDEw02OGNhM2VjZS1iNjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyKNRmvc4+v/JSibkOLHOSfwheScs1NnaVDNpbE4tKAFZMRfLR8H82Du0tFXO flwtA52OfH+6RavBQaQXizQZAyHBTlrknkCBOK1NNBF1ZSpXkibIK8iojZziUmz6 eurvM1ElGku3G0JZzE7LWfK6PFxY3644wGHPXWjcf0saBBwk6GSVIr7H160XIz28 ottn3ewXS2p++29H5aApu09q1XXPAjqTUtRA5QQOUvZ+0pXi39QcWGm0SGbrSCIA /ibycBVdxhtbwk0yoSqu0bfjILhefwJSZlKrsuUHl6dEPpMRo3LJtrBgXF4IyP9/ lW1F2WeduxyfdKsoY+BVdjkwJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMp411SG uHQoWLOtofrOiNb1Ih8fMB8GA1UdIwQYMBaAFKKiF9SkEvtTj1yRo0s2znGHndtl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjlCMC8xNEM5NDk2RTlG M0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0xT1BYSkdqU3piT2NZZWQy MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29xSVgxS1FTLTFPUFhKR2pTemJPY1llZDIyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjlCMC8xNEM5NDk2RTlGM0YxMUVFODAxQjFENjJDNEY5QUUwMi9vcUlYMUtRUy0x T1BYSkdqU3piT2NZZWQyMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCK0qoz4MMG6qbxd7N4Qp4fH5Cn4vAqA/Z2I8z9M6Ci0ZY0GQsVKar7 yFyDxqZaxlnMvUTBVc0OeE0hktsvsxVBjjJAJxgut9meOlf9tPCQPsVd6vpQZFM0 Ev2slfW+U2ZV8bSpu8wfeq/V2VYKg3r4fWduNuw21GqgcETsXyZPaR3gqpsR4UWU pfr4NMHSE80jkoypIJPZZVyddki2s0jhbgk5PsrCX//0MirPjSNk7HCQHM8LYdIk j+rKFRFLg1NsjwxNUYeVohw+nIm15huSB2vpxg4zXkquC6bVf8ZSalAkLfz3a4Oy 3uHVU2Gl3xkS2VF1zoJKkzvnHsx63FZ+ -----END CERTIFICATE-----Generated at Thu Sep 18 23:49:58 2025 by rpki-client