$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: TAY1ID51Jh+VgxX3LkFTDz0jv4Ci4YZtvUIkuX+e7EU= Subject key identifier: EA:2C:95:AA:A5:50:35:37:73:0A:B7:2B:7E:70:56:06:50:E2:E3:BC Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 0976 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 096F Signing time: Sun 10 Aug 2025 20:09:48 +0000 Manifest this update: Sun 10 Aug 2025 20:09:47 +0000 Manifest next update: Sun 17 Aug 2025 20:09:47 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: 3cRpdHEjMqBPthV5CszN3MpIsQxVPxdv29TkZ6eqdpM=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Aug 2025 20:09:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2422 (0x976) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Aug 10 20:09:47 2025 GMT Not After : Aug 17 20:09:47 2025 GMT Subject: CN=6898fc8c-8be6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f3:b2:91:46:68:1b:02:9d:b0:05:42:97:00: fe:bd:49:ec:d1:f7:e2:2b:ea:c1:d2:fc:de:ff:4b: 7d:29:68:3c:1b:a0:bf:ba:3d:b3:e8:e7:d6:b0:51: ee:5c:40:82:e7:bc:da:db:07:4e:15:c8:e6:12:13: dd:1f:63:64:5f:11:86:19:7c:8a:ea:5b:a8:4b:77: 66:73:ec:99:7a:ae:b1:0b:10:78:86:49:09:aa:1e: f8:dc:01:6c:11:54:d0:54:64:86:8b:0a:41:74:4b: 1d:70:3f:7a:db:07:39:19:bb:06:91:a3:73:3e:98: d6:56:18:2c:2a:1a:34:26:a5:38:5e:9a:c1:06:66: 80:6d:eb:7f:fa:bb:45:df:70:de:98:42:f9:25:15: 97:bb:43:8b:42:f7:c9:bd:28:c8:70:df:6d:cb:a6: 34:bd:e5:8e:3c:18:4b:a4:dc:84:44:a9:c5:7f:9a: cb:0d:5b:64:84:65:85:b3:5c:a4:83:ab:93:19:85: d6:04:73:18:7a:bb:94:11:11:5e:a8:7c:8e:51:fe: fc:87:63:51:e4:4d:89:85:0b:49:ce:ff:c4:3c:88: 10:7a:d7:fa:1f:c4:0e:81:7a:6b:66:2e:e9:a1:67: 4a:a2:8a:e1:a7:91:19:81:38:ee:ec:5c:cd:be:7a: a1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:2C:95:AA:A5:50:35:37:73:0A:B7:2B:7E:70:56:06:50:E2:E3:BC X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:64:41:be:3c:53:93:61:5a:21:a9:44:5f:30:45:e5:31:80: be:61:00:bb:5f:89:64:7d:c5:b2:cc:a8:05:e9:8c:fc:13:9a: 08:67:2e:89:ca:f8:fb:49:58:42:5b:6b:a7:80:f0:c8:6f:54: af:78:dc:7b:14:ac:f7:8d:7e:5d:88:4e:5c:c4:ef:64:fe:6a: 7f:0d:4a:11:51:00:a9:56:37:4f:81:17:88:3b:b7:4c:bb:da: 23:34:45:bd:dc:e5:a8:05:1a:3a:9d:4a:41:4f:8f:4f:c3:34: d1:30:85:05:1e:63:9d:3c:d2:2e:9c:bf:03:d6:04:e9:da:65: 9c:0a:d7:f1:c7:32:b4:19:14:80:ea:09:06:5d:a0:b6:34:fc: 60:32:84:03:1d:26:7b:6a:3e:71:8a:14:5a:95:c5:a3:cd:31: 4c:0f:2b:8c:ea:73:0e:01:72:3f:66:53:5c:ac:04:69:90:d2: 7d:6a:a3:a1:54:06:25:4c:48:c1:0e:f0:05:73:eb:5c:29:0c: 78:06:ca:3b:f0:99:62:56:e0:88:98:37:09:00:98:9f:1c:3b: 1d:c8:9b:b9:7b:32:5c:5a:90:f2:d3:be:f2:6c:f3:45:83:dd: ad:37:4a:87:56:b2:0b:d1:ef:09:01:45:af:f5:ed:3f:c9:72: d7:7e:2d:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwODEwMjAwOTQ3WhcNMjUwODE3MjAwOTQ3WjAYMRYwFAYD VQQDEw02ODk4ZmM4Yy04YmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxPOykUZoGwKdsAVClwD+vUns0ffiK+rB0vze/0t9KWg8G6C/uj2z6OfWsFHu XECC57za2wdOFcjmEhPdH2NkXxGGGXyK6luoS3dmc+yZeq6xCxB4hkkJqh743AFs EVTQVGSGiwpBdEsdcD962wc5GbsGkaNzPpjWVhgsKho0JqU4XprBBmaAbet/+rtF 33DemEL5JRWXu0OLQvfJvSjIcN9ty6Y0veWOPBhLpNyERKnFf5rLDVtkhGWFs1yk g6uTGYXWBHMYeruUERFeqHyOUf78h2NR5E2JhQtJzv/EPIgQetf6H8QOgXprZi7p oWdKoorhp5EZgTju7FzNvnqhpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOoslaql UDU3cwq3K35wVgZQ4uO8MB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYZEG+PFOTYVohqURfMEXlMYC+YQC7X4lkfcWyzKgF6Yz8E5oIZy6J yvj7SVhCW2ungPDIb1SveNx7FKz3jX5diE5cxO9k/mp/DUoRUQCpVjdPgReIO7dM u9ojNEW93OWoBRo6nUpBT49PwzTRMIUFHmOdPNIunL8D1gTp2mWcCtfxxzK0GRSA 6gkGXaC2NPxgMoQDHSZ7aj5xihRalcWjzTFMDyuM6nMOAXI/ZlNcrARpkNJ9aqOh VAYlTEjBDvAFc+tcKQx4Bso78JliVuCImDcJAJifHDsdyJu5ezJcWpDy077ybPNF g92tN0qHVrIL0e8JAUWv9e0/yXLXfi1q -----END CERTIFICATE-----Generated at Tue Aug 12 18:20:45 2025 by rpki-client