$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: elsNlYUsCcYzKVchBV2pIDqVOS8qVjJPVS+qTOi402g= Subject key identifier: 22:75:DB:5C:99:08:18:9F:B6:75:25:A7:2B:E3:8E:DD:8B:2D:C7:D9 Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 222F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 21E5 Signing time: Fri 24 Oct 2025 16:10:04 +0000 Manifest this update: Fri 24 Oct 2025 16:10:03 +0000 Manifest next update: Fri 31 Oct 2025 16:10:03 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: G5V6e7BAEJyC2fQiH5qFR51AXmzit0qzLR8tksbg+K0=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 9qbnU5NoZnRKr5UON4q3pztK39xd0U7HOmGKLDSw1XM=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: IkaJ8i577C8HJn9L10GXsDg7dnEgDNc7V/0u1lmvtUc=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: W3kQqETMCmWx1rkG4UQFdMD9AvtHip25lMvzH/UT/O4=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: d+3xI/dPiUPnPzisac55VOoaa2WbK4PwW/+8FsppPKo=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: VRoVKZ5apQPibJfYuezBj0SVEXkfapSpmG0vCNALPFk=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: tha3MuUqAY4uta6oQkpRf/6b/EDrjv+89kT9R3U6DBE=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 8CfQ0/1GwUUp0J0kvZBXA7fizuzpoZuw6UptgYm1mO8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 16:10:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8751 (0x222f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Oct 24 16:10:03 2025 GMT Not After : Oct 31 16:10:03 2025 GMT Subject: CN=68fba4db-d400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f8:1c:36:54:71:16:f2:2a:26:ec:2b:42:46: 15:cd:11:8c:b7:7d:cb:68:9e:89:24:34:3f:8a:a8: a7:96:e3:e0:53:87:be:7c:d7:7b:26:e9:88:bf:59: 74:33:05:84:30:72:5d:5e:ba:03:b2:3b:c6:17:93: da:99:10:8e:1d:cc:2c:b9:ca:a0:e9:d7:26:41:89: c1:5d:50:9f:45:f3:37:bb:3f:3b:3a:1c:28:84:da: b3:f8:e8:06:32:b3:d0:d3:43:c4:7b:12:6d:17:ab: 60:77:b4:ba:cd:44:1d:69:c3:40:7d:fb:0a:cc:23: 1c:ef:57:02:0e:ec:d7:90:16:50:ba:4e:aa:ac:97: 50:82:01:ae:31:7d:2b:cd:41:8f:02:96:3b:7c:de: 2c:4e:59:7c:00:3e:6f:27:8a:97:0f:30:d4:8f:0a: ac:0b:a9:be:24:77:c5:dc:01:0e:92:69:92:48:24: 25:1f:c3:b0:fb:f3:1d:3e:68:ef:e5:2f:68:5a:f3: 59:4c:4a:bb:27:38:3f:46:f0:69:c3:14:12:4f:54: 55:c8:ea:58:15:94:78:fb:4d:11:ab:bb:13:27:99: 6b:39:79:9b:18:93:67:9b:a1:8a:c1:23:bf:13:0d: 6e:78:8c:9e:8a:54:a5:25:ab:bc:8a:a4:15:6e:33: 78:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:75:DB:5C:99:08:18:9F:B6:75:25:A7:2B:E3:8E:DD:8B:2D:C7:D9 X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:76:b8:55:1b:6d:44:8a:af:fe:2e:48:e5:d2:b3:96:15:d8: 2e:91:60:bc:30:e0:a1:3d:22:0f:85:35:2d:6f:5f:26:22:59: 17:0f:ac:6b:df:57:72:3c:fe:a0:a0:7a:01:b9:f4:5a:28:87: 43:41:5e:e1:7b:c8:1d:e1:01:fa:af:e0:bf:37:1f:cc:d7:6e: 9a:5d:9f:41:79:02:09:f9:2b:5b:df:e5:af:aa:f8:58:4b:32: 9e:d2:42:76:1f:84:d8:81:4a:69:c7:0f:05:fe:10:65:1d:b1: 8c:c0:d4:b5:3d:16:ba:a7:1f:65:d9:52:15:28:14:dd:65:b1: 28:d5:0b:ce:5d:07:4d:34:62:38:ab:5c:89:43:78:07:bb:6f: ec:33:98:b8:43:5f:36:b2:3b:42:fe:f5:9f:97:b3:49:f1:00: de:d3:66:63:e9:a9:53:69:d3:4a:97:2a:6c:72:c5:d3:43:57: 42:11:d2:c5:9f:cf:e6:6b:16:f9:01:b6:6e:70:e3:be:02:41: e7:ce:b4:bb:ef:7f:b6:36:b6:10:7c:bb:e8:5e:99:3b:91:c5: 4a:7b:90:69:65:69:de:15:e4:bd:53:33:94:ce:68:b9:16:66: 95:33:08:64:62:a7:57:10:1f:c9:40:50:02:10:ce:a9:ae:58: 6d:90:0a:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUxMDI0MTYxMDAzWhcNMjUxMDMxMTYxMDAzWjAYMRYwFAYD VQQDEw02OGZiYTRkYi1kNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwfgcNlRxFvIqJuwrQkYVzRGMt33LaJ6JJDQ/iqinluPgU4e+fNd7JumIv1l0 MwWEMHJdXroDsjvGF5PamRCOHcwsucqg6dcmQYnBXVCfRfM3uz87OhwohNqz+OgG MrPQ00PEexJtF6tgd7S6zUQdacNAffsKzCMc71cCDuzXkBZQuk6qrJdQggGuMX0r zUGPApY7fN4sTll8AD5vJ4qXDzDUjwqsC6m+JHfF3AEOkmmSSCQlH8Ow+/MdPmjv 5S9oWvNZTEq7Jzg/RvBpwxQST1RVyOpYFZR4+00Rq7sTJ5lrOXmbGJNnm6GKwSO/ Ew1ueIyeilSlJau8iqQVbjN4DQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCJ121yZ CBiftnUlpyvjjt2LLcfZMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOdrhVG21Eiq/+Lkjl0rOWFdgukWC8MOChPSIPhTUtb18mIlkXD6xr 31dyPP6goHoBufRaKIdDQV7he8gd4QH6r+C/Nx/M126aXZ9BeQIJ+Stb3+WvqvhY SzKe0kJ2H4TYgUppxw8F/hBlHbGMwNS1PRa6px9l2VIVKBTdZbEo1QvOXQdNNGI4 q1yJQ3gHu2/sM5i4Q182sjtC/vWfl7NJ8QDe02Zj6alTadNKlypscsXTQ1dCEdLF n8/maxb5AbZucOO+AkHnzrS773+2NrYQfLvoXpk7kcVKe5BpZWneFeS9UzOUzmi5 FmaVMwhkYqdXEB/JQFACEM6prlhtkAqU -----END CERTIFICATE-----Generated at Sat Oct 25 11:24:16 2025 by rpki-client