$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft File: OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json) Hash identifier: 22FEbSXsvvLm07aYs7q/ZR6syig8HP39951vqc4bhxM= Subject key identifier: 9F:BD:A8:13:B9:5B:6A:CD:DF:99:04:E4:22:54:AE:FF:4C:12:54:4F Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 Certificate issuer: /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Certificate serial: 0860 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft Manifest number: 0859 Signing time: Sun 02 Nov 2025 20:40:17 +0000 Manifest this update: Sun 02 Nov 2025 20:40:17 +0000 Manifest next update: Sun 09 Nov 2025 20:40:17 +0000 Files and hashes: 1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: mMpcUqe5rD73NEN4nIYJXT8RbynlzzM+pjcXDaQYv/I=) 2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2144 (0x860) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Validity Not Before: Nov 2 20:40:17 2025 GMT Not After : Nov 9 20:40:17 2025 GMT Subject: CN=6907c1b1-2700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:1b:db:4c:2c:dc:bb:a6:0a:9d:ab:1b:4a:1e: 30:d9:02:60:7e:1e:91:3f:df:4f:d8:cd:ca:9a:1b: 59:c0:bb:90:3f:00:d9:63:79:ec:53:fc:b4:2f:dd: c7:c9:3b:30:55:7c:32:f2:a0:83:0f:d9:e2:02:01: f4:c2:58:24:c7:58:ae:ad:1a:87:5d:23:e2:34:e7: d5:c3:cd:ef:25:b9:51:a6:b4:d3:27:80:5c:9a:70: 6a:e4:94:b4:d6:c2:b7:c6:1d:09:2b:84:f9:eb:23: 60:07:32:ed:4d:00:47:4a:de:c4:dc:19:9f:bb:98: 65:0d:a6:e8:3b:be:23:42:6a:8c:31:0c:17:a0:ee: 52:d4:66:ba:10:c1:18:9b:58:68:57:07:19:47:f1: 38:b5:e1:76:83:bb:5b:42:eb:a5:53:4a:cc:74:48: b0:43:27:58:e3:49:7b:d9:95:e6:48:94:af:7b:34: e0:e0:8b:a8:3b:61:09:bb:19:db:c4:8c:bb:1e:c2: c8:ae:61:7f:3e:0d:36:72:8f:b2:03:1a:91:70:e3: 78:64:87:44:22:da:7a:49:15:d9:c5:0a:04:d1:fc: 2f:8a:9a:63:22:46:b1:4b:01:af:f3:40:fa:55:73: 01:6f:8a:c7:8d:a7:af:bb:a9:9a:01:15:c7:e1:01: 0b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:BD:A8:13:B9:5B:6A:CD:DF:99:04:E4:22:54:AE:FF:4C:12:54:4F X509v3 Authority Key Identifier: keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:ec:d3:13:b5:ec:a2:03:83:0e:7f:78:fd:94:c0:0d:e6:de: c7:c0:4c:66:42:d0:3c:a9:6e:e0:5a:57:e6:b0:b5:5a:e3:1a: 6a:e1:23:be:14:a7:ba:35:36:2a:0a:3b:c5:b0:9c:de:a2:ad: 84:32:40:dd:6d:19:7b:62:df:f8:ff:cd:91:68:86:d8:65:c4: a9:6d:c4:ef:61:f4:ea:13:92:90:8e:71:6a:06:2f:0a:2a:a0: 3a:50:bb:1e:2e:38:7e:59:0e:a4:64:0b:b0:4e:a6:11:e6:bf: c9:1b:94:39:e0:c2:bd:8f:2d:89:88:21:e2:3e:a9:ca:6b:b3: 64:3f:e5:35:b7:22:50:df:a3:d2:9a:cf:fd:7a:41:bf:c8:10: 81:3a:99:b4:94:a9:0d:ff:78:8d:cd:b6:d4:76:2a:29:84:26: ba:db:d8:be:75:46:8d:d1:3f:22:c4:75:19:b7:8a:8e:f4:78: 79:31:5b:24:45:cc:e9:70:43:05:f6:e5:c3:48:00:0c:2f:8c: 15:0a:2a:f9:7d:46:5e:e6:d2:9e:42:08:23:b2:5e:57:22:63: 6e:b1:09:bd:95:a8:df:83:f9:02:0f:3d:d5:13:35:68:72:79: 4e:08:42:1a:19:d5:cb:b5:a2:6d:ce:b3:f7:18:77:c9:4c:c1: 3e:0e:b1:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE QzlEMTRDQTIwHhcNMjUxMTAyMjA0MDE3WhcNMjUxMTA5MjA0MDE3WjAYMRYwFAYD VQQDEw02OTA3YzFiMS0yNzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3xvbTCzcu6YKnasbSh4w2QJgfh6RP99P2M3KmhtZwLuQPwDZY3nsU/y0L93H yTswVXwy8qCDD9niAgH0wlgkx1iurRqHXSPiNOfVw83vJblRprTTJ4BcmnBq5JS0 1sK3xh0JK4T56yNgBzLtTQBHSt7E3Bmfu5hlDaboO74jQmqMMQwXoO5S1Ga6EMEY m1hoVwcZR/E4teF2g7tbQuulU0rMdEiwQydY40l72ZXmSJSvezTg4IuoO2EJuxnb xIy7HsLIrmF/Pg02co+yAxqRcON4ZIdEItp6SRXZxQoE0fwvippjIkaxSwGv80D6 VXMBb4rHjaevu6maARXH4QELvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ+9qBO5 W2rN35kE5CJUrv9MElRPMB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB47NMTteyiA4MOf3j9lMAN5t7HwExmQtA8qW7gWlfmsLVa4xpq4SO+ FKe6NTYqCjvFsJzeoq2EMkDdbRl7Yt/4/82RaIbYZcSpbcTvYfTqE5KQjnFqBi8K KqA6ULseLjh+WQ6kZAuwTqYR5r/JG5Q54MK9jy2JiCHiPqnKa7NkP+U1tyJQ36PS ms/9ekG/yBCBOpm0lKkN/3iNzbbUdiophCa629i+dUaN0T8ixHUZt4qO9Hh5MVsk RczpcEMF9uXDSAAML4wVCir5fUZe5tKeQggjsl5XImNusQm9lajfg/kCDz3VEzVo cnlOCEIaGdXLtaJtzrP3GHfJTME+DrF6 -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:49 2025 by rpki-client