$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: vQ4SMc3GGP9MKBtFqmYvn9rwxsI0kB3iH5kgJ5XgLmI= Subject key identifier: 15:47:69:6D:13:49:A3:37:FF:21:54:13:44:92:70:50:0D:76:79:60 Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 155E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 1552 Signing time: Tue 04 Nov 2025 16:53:29 +0000 Manifest this update: Tue 04 Nov 2025 16:53:29 +0000 Manifest next update: Tue 11 Nov 2025 16:53:29 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: NON3lw/92YlSM6dcbPywZ5bdxeaArU9WNX8th6zNKgU=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: Iuc0hvonCQ52vF8J3PK6U6v3ddTApNkT2+JlMCbgaDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:53:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5470 (0x155e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Nov 4 16:53:29 2025 GMT Not After : Nov 11 16:53:29 2025 GMT Subject: CN=690a2f89-a04c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:31:7b:f4:2a:58:5d:22:ad:98:86:3c:23:42: 4c:1e:0a:c3:bf:5b:ec:1e:ea:b5:9f:9a:37:9f:c2: 79:61:cb:59:40:79:f9:59:67:12:67:4b:4f:cf:27: 44:2f:df:ec:a5:2b:69:7e:fc:f0:b6:9f:46:5d:a1: b8:15:f9:28:2e:32:6e:41:06:54:1c:41:9a:fc:5e: 4a:7f:d6:05:7d:3b:06:ae:f5:3d:b9:25:5d:78:ab: 31:73:c4:36:c8:12:d6:c9:f5:e5:b7:8f:54:a4:6c: d2:82:95:49:23:be:14:06:94:31:26:81:43:b5:56: bd:4d:de:76:92:b9:55:62:b3:5a:a7:65:65:ee:66: 07:6a:02:41:1b:73:b4:03:73:c1:a6:f6:9a:5f:5b: dc:57:5f:79:e0:4e:d1:32:94:97:d3:e4:66:dd:19: 5b:80:aa:6c:46:5e:f7:51:7d:6d:58:5a:d2:02:a8: ef:45:07:a1:3d:cb:b2:4e:c1:3a:d5:1f:9d:1a:4e: ed:fd:b9:dd:b3:d0:90:24:67:26:73:44:57:68:73: 75:c5:31:76:2c:be:33:ab:d0:fb:60:3d:24:ef:2b: 84:71:b7:cb:81:7d:e9:67:69:97:ce:85:41:37:97: 4d:c3:1a:61:21:cd:85:0a:44:99:c4:23:37:e7:99: d2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:47:69:6D:13:49:A3:37:FF:21:54:13:44:92:70:50:0D:76:79:60 X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:5e:d4:49:96:44:73:b5:ea:0c:94:8e:9a:9c:1f:15:53:89: 15:b9:a0:bd:ef:45:a1:ca:24:4b:ec:44:dc:ab:2e:80:3e:39: fd:4f:df:c3:b9:50:9b:0a:b2:0c:72:ae:5e:46:8e:c1:f6:e0: a1:7e:22:3b:de:db:6d:b7:f1:6f:02:d1:a1:2d:7d:a7:b5:cf: 34:c3:f4:74:4c:29:d8:75:dd:b7:35:c9:4c:ac:55:97:03:b0: a7:48:26:b8:c4:c4:45:e5:ed:94:d8:d3:c3:20:b2:92:fb:33: a6:a1:ad:82:5d:5d:48:39:55:99:98:06:63:5e:6b:94:26:74: b0:60:71:89:54:8b:68:cf:05:a3:59:35:f1:56:84:8c:16:ee: b9:0c:7c:57:d3:e8:5f:74:cc:33:5e:08:bc:7e:24:62:d2:20: 3f:a4:94:a3:f8:02:0b:25:21:9d:4e:9e:5e:34:8f:0b:b9:10: c8:1c:44:70:0f:3f:10:e5:cd:0f:de:95:d3:3e:33:1c:16:76: bd:e4:3a:a4:83:82:d3:11:fe:e2:8e:1d:2a:cf:6e:13:ec:a2: 29:d2:07:cd:8e:de:93:be:9b:9c:60:c8:b3:c2:d9:dd:b6:ba: 50:6d:c0:39:2b:43:21:bc:8a:31:7e:c4:f7:3c:2b:73:c8:54: 24:09:37:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUxMTA0MTY1MzI5WhcNMjUxMTExMTY1MzI5WjAYMRYwFAYD VQQDEw02OTBhMmY4OS1hMDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsjF79CpYXSKtmIY8I0JMHgrDv1vsHuq1n5o3n8J5YctZQHn5WWcSZ0tPzydE L9/spStpfvzwtp9GXaG4FfkoLjJuQQZUHEGa/F5Kf9YFfTsGrvU9uSVdeKsxc8Q2 yBLWyfXlt49UpGzSgpVJI74UBpQxJoFDtVa9Td52krlVYrNap2Vl7mYHagJBG3O0 A3PBpvaaX1vcV1954E7RMpSX0+Rm3RlbgKpsRl73UX1tWFrSAqjvRQehPcuyTsE6 1R+dGk7t/bnds9CQJGcmc0RXaHN1xTF2LL4zq9D7YD0k7yuEcbfLgX3pZ2mXzoVB N5dNwxphIc2FCkSZxCM355nSlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBVHaW0T SaM3/yFUE0SScFANdnlgMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjXtRJlkRzteoMlI6anB8VU4kVuaC970WhyiRL7ETcqy6APjn9T9/D uVCbCrIMcq5eRo7B9uChfiI73tttt/FvAtGhLX2ntc80w/R0TCnYdd23NclMrFWX A7CnSCa4xMRF5e2U2NPDILKS+zOmoa2CXV1IOVWZmAZjXmuUJnSwYHGJVItozwWj WTXxVoSMFu65DHxX0+hfdMwzXgi8fiRi0iA/pJSj+AILJSGdTp5eNI8LuRDIHERw Dz8Q5c0P3pXTPjMcFna95Dqkg4LTEf7ijh0qz24T7KIp0gfNjt6TvpucYMizwtnd trpQbcA5K0MhvIoxfsT3PCtzyFQkCTcK -----END CERTIFICATE-----Generated at Wed Nov 5 13:36:13 2025 by rpki-client