$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft File: oVZKa9a5Cg-he_V9i-rJ4pJZves.mft (raw, json) Hash identifier: QvrBkXoNyxk8jQY+rPBjbt9bUUN+w9/zhcOCaeuRXoM= Subject key identifier: C6:83:4D:76:80:F3:CD:A3:1A:C3:4F:6E:A1:7E:57:48:DD:D6:02:EE Authority key identifier: A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB Certificate issuer: /CN=A91F61DA/serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Certificate serial: 0CDF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft Manifest number: 0CD6 Signing time: Thu 18 Sep 2025 18:18:04 +0000 Manifest this update: Thu 18 Sep 2025 18:18:03 +0000 Manifest next update: Thu 25 Sep 2025 18:18:03 +0000 Files and hashes: 1: oVZKa9a5Cg-he_V9i-rJ4pJZves.crl (hash: t9NiUpBpyZsC2Yrg3J6pEdlXj0aw7/IPyTR+vmXKmYQ=) 2: EA18D5547D8F11EC8E894A1DC4F9AE02.roa (hash: Anh2GximFPk7REReNBXULcTH3P6lLG5IbasX9kKM4Fs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:18:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3295 (0xcdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DA, serialNumber=A1564A6BD6B90A0FA17BF57D8BEAC9E29259BDEB Validity Not Before: Sep 18 18:18:03 2025 GMT Not After : Sep 25 18:18:03 2025 GMT Subject: CN=68cc4cdb-b3c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:aa:d8:ce:a7:1f:76:9d:f0:a9:73:70:6f:0d: c0:09:e9:63:52:92:c6:1e:4e:b5:60:20:c5:7e:a1: ba:b6:a6:71:c5:42:2e:6b:83:da:5b:a7:ab:65:7f: 91:95:b6:17:c7:b9:5e:20:05:54:d1:4d:a3:53:72: 62:d5:78:67:98:7c:69:b3:21:ed:25:0a:9b:e7:9a: f3:f8:23:6f:d2:c2:1a:12:aa:ca:47:86:1e:db:a8: 14:3c:f4:d9:d7:f7:54:91:24:cb:6d:98:07:83:63: 90:fb:2f:06:04:8b:45:de:eb:fd:07:1d:88:b6:da: 43:dc:50:c6:db:35:ae:51:0b:8a:61:11:11:16:6f: 27:db:78:a6:5c:84:ec:5a:cf:24:59:32:b3:a5:b8: 88:f2:b7:6f:e6:d1:16:f7:42:97:ea:f1:81:ce:d9: 8e:c4:e6:d8:59:26:f9:78:26:a1:9c:ef:ff:15:b1: d7:dc:b1:57:2a:65:c8:38:ea:e7:8d:78:e6:d0:0f: 9a:ca:ca:5f:12:9f:62:bb:5d:ad:69:a3:33:a2:7a: 0d:7d:fd:80:14:c7:34:6d:db:4c:47:a4:15:77:7a: 8b:a6:20:a5:df:51:60:9f:71:3a:4d:dd:61:30:95: 98:50:15:4d:66:4f:54:01:13:d3:78:64:70:2f:5e: 77:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:83:4D:76:80:F3:CD:A3:1A:C3:4F:6E:A1:7E:57:48:DD:D6:02:EE X509v3 Authority Key Identifier: keyid:A1:56:4A:6B:D6:B9:0A:0F:A1:7B:F5:7D:8B:EA:C9:E2:92:59:BD:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oVZKa9a5Cg-he_V9i-rJ4pJZves.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DA/17C81FD0F41E11E9A8343A74C4F9AE02/oVZKa9a5Cg-he_V9i-rJ4pJZves.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:c5:13:bb:4b:8f:7d:4d:8f:e7:19:08:ef:7c:56:8c:50:55: c6:60:f9:17:61:b7:ee:51:72:6a:bc:f3:da:76:50:2d:9d:83: 20:e3:cb:a7:ba:46:c9:e0:8d:79:2a:a5:0c:3f:a6:c3:61:d5: f9:41:6e:d7:d2:09:4e:11:35:99:ed:6b:b6:e7:15:b8:d5:9d: 4b:1d:59:47:2c:d7:4a:59:c8:45:6d:a1:9f:e0:36:95:f9:c1: 5c:1f:d8:bb:85:6e:38:3f:f9:df:d3:c9:9a:0e:f4:64:5f:33: b2:5c:86:6d:b1:28:d5:d3:8b:fa:8c:c5:62:69:3c:91:bb:ec: 60:2d:4f:e2:fa:c4:8b:ca:fa:68:59:99:3a:55:93:1d:9a:6a: 72:e3:90:30:00:d3:d8:d3:33:c6:ca:ac:7d:02:93:1d:f7:e3: b2:79:b3:2a:49:db:3f:4f:85:f3:89:fd:be:96:16:40:65:0d: 24:9c:5a:82:07:e5:2d:0b:a1:bd:97:70:10:78:a0:0f:5b:9b: ee:a0:3b:f7:51:8c:4c:13:bd:11:00:cf:f0:05:cf:35:a9:4d: c0:ce:3e:6f:be:b2:76:65:ea:81:6f:ab:30:99:db:61:83:91: 41:e0:d3:d5:bb:8c:c3:f3:92:1e:c1:55:9d:24:fd:fe:63:e6: 19:ad:ce:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREExMTAvBgNVBAUTKEExNTY0QTZCRDZCOTBBMEZBMTdCRjU3RDhCRUFDOUUy OTI1OUJERUIwHhcNMjUwOTE4MTgxODAzWhcNMjUwOTI1MTgxODAzWjAYMRYwFAYD VQQDEw02OGNjNGNkYi1iM2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3arYzqcfdp3wqXNwbw3ACeljUpLGHk61YCDFfqG6tqZxxUIua4PaW6erZX+R lbYXx7leIAVU0U2jU3Ji1XhnmHxpsyHtJQqb55rz+CNv0sIaEqrKR4Ye26gUPPTZ 1/dUkSTLbZgHg2OQ+y8GBItF3uv9Bx2IttpD3FDG2zWuUQuKYRERFm8n23imXITs Ws8kWTKzpbiI8rdv5tEW90KX6vGBztmOxObYWSb5eCahnO//FbHX3LFXKmXIOOrn jXjm0A+ayspfEp9iu12taaMzonoNff2AFMc0bdtMR6QVd3qLpiCl31Fgn3E6Td1h MJWYUBVNZk9UARPTeGRwL153pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMaDTXaA 882jGsNPbqF+V0jd1gLuMB8GA1UdIwQYMBaAFKFWSmvWuQoPoXv1fYvqyeKSWb3r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFEQS8xN0M4MUZEMEY0 MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNnLWhlX1Y5aS1ySjRwSlp2 ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29WWkthOWE1Q2ctaGVfVjlpLXJKNHBKWnZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjFEQS8xN0M4MUZEMEY0MUUxMUU5QTgzNDNBNzRDNEY5QUUwMi9vVlpLYTlhNUNn LWhlX1Y5aS1ySjRwSlp2ZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDxRO7S499TY/nGQjvfFaMUFXGYPkXYbfuUXJqvPPadlAtnYMg48un ukbJ4I15KqUMP6bDYdX5QW7X0glOETWZ7Wu25xW41Z1LHVlHLNdKWchFbaGf4DaV +cFcH9i7hW44P/nf08maDvRkXzOyXIZtsSjV04v6jMViaTyRu+xgLU/i+sSLyvpo WZk6VZMdmmpy45AwANPY0zPGyqx9ApMd9+OyebMqSds/T4Xzif2+lhZAZQ0knFqC B+UtC6G9l3AQeKAPW5vuoDv3UYxME70RAM/wBc81qU3Azj5vvrJ2ZeqBb6swmdth g5FB4NPVu4zD85IewVWdJP3+Y+YZrc43 -----END CERTIFICATE-----Generated at Fri Sep 19 03:44:44 2025 by rpki-client