$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft File: oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json) Hash identifier: 1HWUssden9U4hra0eymbspE0PgrzZvx9asfyPjekkXk= Subject key identifier: 5D:F8:B6:49:4A:99:8A:1B:BF:D0:CB:F8:F3:45:68:ED:3F:72:A8:7F Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 Certificate issuer: /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Certificate serial: 0220 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft Manifest number: 021B Signing time: Wed 05 Nov 2025 02:16:43 +0000 Manifest this update: Wed 05 Nov 2025 02:16:42 +0000 Manifest next update: Wed 12 Nov 2025 02:16:42 +0000 Files and hashes: 1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: 45hWmKxOVQ+PFI6+5jbo1pwcirAUHH63GtJs8AJHNRU=) 2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:16:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 544 (0x220) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Validity Not Before: Nov 5 02:16:42 2025 GMT Not After : Nov 12 02:16:42 2025 GMT Subject: CN=690ab38a-583d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:0c:ca:ba:12:68:e2:87:24:e7:3c:bd:db:18: 6f:95:22:b0:29:45:d4:6b:e8:58:95:b9:a3:4b:87: d8:3d:1f:7b:ee:f4:84:6c:59:d5:00:64:c9:02:f3: 1d:1e:64:87:d7:97:ed:4f:c3:70:12:eb:bc:6f:e2: 41:f5:e4:26:b2:7e:9e:c8:10:1f:7c:e5:09:9d:e2: 1a:aa:58:aa:2c:20:5e:dd:ea:52:50:df:f8:35:d7: 7e:a3:b3:3c:00:3c:f2:7c:1f:68:00:67:8e:e6:41: ae:56:c6:28:75:6e:e6:85:c2:aa:a9:02:09:36:09: d1:70:a7:14:4c:3d:3f:34:3e:0d:50:69:a1:a3:68: 45:75:64:0a:bb:59:4a:b6:99:60:ad:33:b2:e0:8a: 71:12:f0:b4:b1:93:64:ae:f6:f2:97:98:9e:60:f7: 06:9a:fb:a2:82:7f:c0:a4:3b:c6:26:93:7f:fc:ff: 8d:b9:a4:09:d4:60:46:ea:41:35:df:54:97:7d:59: 80:78:a9:a1:81:31:44:49:2d:09:c8:da:9f:3a:6b: 28:cb:e7:bf:a5:5d:5e:59:aa:8d:18:41:78:22:e5: ce:c4:4e:4b:87:f9:fb:77:1e:ec:0c:c9:7e:4b:ff: 8c:d7:86:a6:59:5c:5b:75:5c:0d:f8:0c:4d:92:7f: ae:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:F8:B6:49:4A:99:8A:1B:BF:D0:CB:F8:F3:45:68:ED:3F:72:A8:7F X509v3 Authority Key Identifier: keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:34:00:6b:93:66:b2:c2:ef:b4:18:4c:f8:44:7c:44:6a:da: 69:d1:49:ca:3a:43:1d:e6:0a:72:d2:44:54:38:16:09:2f:02: 23:88:5e:06:67:cb:c5:e5:28:5d:22:88:d9:d5:55:d2:0c:a3: aa:08:dd:74:c5:df:36:27:30:96:93:90:30:61:ad:d6:c4:14: 32:49:a6:ae:b9:11:1a:a2:6f:2b:4b:03:ed:01:2b:4c:2e:41: 8a:df:d8:85:48:04:81:2c:96:22:20:90:c1:63:19:bb:9f:39: 13:af:a8:0c:f2:ad:55:62:f3:88:4f:b9:6b:6a:e2:6f:ff:05: cf:5d:3d:1b:1b:36:f7:60:96:38:c4:65:8a:63:50:b1:67:11: 9b:03:d2:28:6e:fa:f0:d3:1a:ce:89:22:b0:3c:1c:4e:56:d7: bc:86:64:1a:ce:cd:0d:ab:81:16:59:19:a6:2c:12:f8:53:8c: d9:06:72:44:2c:9e:d0:85:65:3b:04:43:01:16:4c:38:47:49: 65:6f:e4:80:93:6b:dd:9a:ee:e7:53:be:09:44:ae:e4:e1:bd: 7c:af:58:a7:d3:22:7d:88:7d:48:93:ff:43:e0:59:ba:2b:f8: 4e:3c:47:ea:e2:9e:93:0d:cd:e7:00:33:85:d2:48:65:b0:8f: 07:1f:95:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw MTVCMEQ4RDgwHhcNMjUxMTA1MDIxNjQyWhcNMjUxMTEyMDIxNjQyWjAYMRYwFAYD VQQDEw02OTBhYjM4YS01ODNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8wzKuhJo4ock5zy92xhvlSKwKUXUa+hYlbmjS4fYPR977vSEbFnVAGTJAvMd HmSH15ftT8NwEuu8b+JB9eQmsn6eyBAffOUJneIaqliqLCBe3epSUN/4Ndd+o7M8 ADzyfB9oAGeO5kGuVsYodW7mhcKqqQIJNgnRcKcUTD0/ND4NUGmho2hFdWQKu1lK tplgrTOy4IpxEvC0sZNkrvbyl5ieYPcGmvuign/ApDvGJpN//P+NuaQJ1GBG6kE1 31SXfVmAeKmhgTFESS0JyNqfOmsoy+e/pV1eWaqNGEF4IuXOxE5Lh/n7dx7sDMl+ S/+M14amWVxbdVwN+AxNkn+u9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF34tklK mYobv9DL+PNFaO0/cqh/MB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWNABrk2aywu+0GEz4RHxEatpp0UnKOkMd5gpy0kRUOBYJLwIjiF4G Z8vF5ShdIojZ1VXSDKOqCN10xd82JzCWk5AwYa3WxBQySaauuREaom8rSwPtAStM LkGK39iFSASBLJYiIJDBYxm7nzkTr6gM8q1VYvOIT7lrauJv/wXPXT0bGzb3YJY4 xGWKY1CxZxGbA9Iobvrw0xrOiSKwPBxOVte8hmQazs0Nq4EWWRmmLBL4U4zZBnJE LJ7QhWU7BEMBFkw4R0llb+SAk2vdmu7nU74JRK7k4b18r1in0yJ9iH1Ik/9D4Fm6 K/hOPEfq4p6TDc3nADOF0khlsI8HH5U8 -----END CERTIFICATE-----Generated at Wed Nov 5 23:47:20 2025 by rpki-client