$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft File: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft (raw, json) Hash identifier: o8jxYhAk9X6pvB9UlH3eJ43oSh2kC1fiSNJ1gG4p95s= Subject key identifier: 18:AB:02:45:82:76:0E:B5:4E:A2:E0:CE:C7:D5:12:9B:DD:64:1D:F3 Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0BBA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft Manifest number: 09F3 Signing time: Sun 02 Nov 2025 21:40:58 +0000 Manifest this update: Sun 02 Nov 2025 21:40:58 +0000 Manifest next update: Sun 09 Nov 2025 21:40:58 +0000 Files and hashes: 1: OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl (hash: ID8mltrnYNcu3KLcMwo4GJNLzIHinj3e02rTFjlezdk=) 2: 93EE047E4BB511EE9309AA4EC4F9AE02.roa (hash: vQWuHkxNO3W+64VKIpJFVWJTeNRMIc+wKzNHsAhde4Q=) 3: 59DBAE3E318311F09059AF40C4F9AE02.roa (hash: 4E5Jq86BgJpIy8fM4gcOoeAcJIuBNxvyb7xjH5Wa4XY=) 4: 72C9BE36950211EFAC892C5EC4F9AE02.roa (hash: tUqKc58G4NP/ZiNhEE4m52A3vGMH09GTzhVMgnnCe/8=) 5: 263DB02C4BB611EE9B959267C4F9AE02.roa (hash: uy/Ya9Uphz8yk5gzFrvw8K92wA25vKbiFTbIY5cp56U=) 6: 61EE2500936E11F091943583C4F9AE02.roa (hash: Y25bpuOgUaH/GiCO1xkDGdq07ueO06j8BXGzSKEWtcM=) 7: AB96EF3852CD11ECAB209C5FC4F9AE02.roa (hash: KHmIhJVDnUN/JIAGOGyBUT9fEQNuIGqQSzduAjkMS7g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 21:40:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3002 (0xbba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Nov 2 21:40:58 2025 GMT Not After : Nov 9 21:40:58 2025 GMT Subject: CN=6907cfea-d305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:65:ad:4c:bf:43:bb:d6:c8:20:83:55:db:1c: 51:73:6f:3f:cb:32:4d:b1:35:b8:87:b5:ed:50:4b: 91:1a:79:62:db:65:e8:11:bf:be:e3:34:85:e0:b0: 78:4e:17:ec:d4:98:81:ca:54:54:1a:7a:76:08:07: 0d:18:4a:6b:56:8c:61:6a:15:90:2a:a6:ac:60:df: 49:24:fe:b0:18:84:52:82:b7:7a:7b:e2:6f:bf:ee: 16:5f:50:b0:10:c9:9e:f2:1d:29:8e:65:83:82:99: a3:85:d8:62:96:39:f0:50:32:a5:26:93:c9:c9:7f: 67:bb:b9:4c:a4:de:d5:0b:fd:2c:dd:68:10:35:79: a6:31:c0:20:ab:1c:ec:04:66:72:77:92:50:b6:da: bf:37:aa:9a:fb:12:b8:b5:d2:a5:01:96:c5:14:ce: 1a:fa:a0:df:1a:97:70:f8:c5:76:1f:66:9e:ff:95: 2f:a6:8b:67:f9:21:3a:0f:50:f9:54:a3:a5:56:3d: 7a:a0:a7:99:92:2a:a2:5e:65:ad:23:73:89:ab:3c: 00:12:29:c0:46:c6:ee:53:b7:ab:a3:37:ec:a2:3f: 7b:b2:8f:13:5d:0e:4f:8f:0c:4b:85:45:2e:c5:ee: a4:8b:1f:02:15:b0:0b:7e:de:fb:e2:2a:3f:e4:ac: 52:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:AB:02:45:82:76:0E:B5:4E:A2:E0:CE:C7:D5:12:9B:DD:64:1D:F3 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:90:6e:b0:4a:32:77:90:41:ba:75:a9:5a:79:56:e2:9a:b6: 99:5d:2b:4f:5c:7f:c7:ad:bd:fb:eb:7e:4d:88:51:9d:08:f4: b5:f8:f4:9a:fa:26:90:e0:f5:06:6e:13:c8:f4:ad:b7:2b:91: 6f:eb:5d:8d:36:f6:f0:76:fe:6d:f3:b0:f6:d4:20:12:a6:bc: 27:76:b8:ca:26:85:bd:34:5c:bb:9e:11:f1:0d:d5:de:93:92: 6d:85:06:d4:c2:86:08:16:44:c8:dd:49:0a:a1:4d:60:4d:c4: bb:4f:73:b1:ef:19:cc:76:d8:a8:c1:68:ba:0c:98:24:c6:c0: 7d:ac:ea:9f:a1:95:14:2e:98:6b:67:ae:95:14:99:6a:5a:75: af:bb:8f:86:0a:10:00:56:84:1d:55:f7:20:80:88:a5:de:95: f4:b0:3d:3d:a1:ad:b2:b5:7e:0c:2c:74:e3:a8:26:9c:31:86: 61:99:05:58:1a:17:4c:9d:62:6e:ab:26:e0:6a:fe:8e:fd:04: 15:a7:e3:ba:2a:3e:b8:4a:ff:84:14:28:33:7e:54:0e:9f:bc: b2:39:27:67:c3:86:eb:e1:67:4c:48:c3:63:e5:a8:ca:a6:49: 5e:c2:df:01:39:19:c3:6d:5c:d2:7f:71:c9:ae:d6:c1:99:d1: 3c:42:9c:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjUxMTAyMjE0MDU4WhcNMjUxMTA5MjE0MDU4WjAYMRYwFAYD VQQDEw02OTA3Y2ZlYS1kMzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnmWtTL9Du9bIIINV2xxRc28/yzJNsTW4h7XtUEuRGnli22XoEb++4zSF4LB4 Thfs1JiBylRUGnp2CAcNGEprVoxhahWQKqasYN9JJP6wGIRSgrd6e+Jvv+4WX1Cw EMme8h0pjmWDgpmjhdhiljnwUDKlJpPJyX9nu7lMpN7VC/0s3WgQNXmmMcAgqxzs BGZyd5JQttq/N6qa+xK4tdKlAZbFFM4a+qDfGpdw+MV2H2ae/5Uvpotn+SE6D1D5 VKOlVj16oKeZkiqiXmWtI3OJqzwAEinARsbuU7erozfsoj97so8TXQ5PjwxLhUUu xe6kix8CFbALft774io/5KxS2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBirAkWC dg61TqLgzsfVEpvdZB3zMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0Q2Ny82OUU2QzE2QTQ0MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhf V0Q1Q1dwX3B0cHVWQnFXYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZkG6wSjJ3kEG6dalaeVbimraZXStPXH/Hrb37635NiFGdCPS1+PSa +iaQ4PUGbhPI9K23K5Fv612NNvbwdv5t87D21CASprwndrjKJoW9NFy7nhHxDdXe k5JthQbUwoYIFkTI3UkKoU1gTcS7T3Ox7xnMdtiowWi6DJgkxsB9rOqfoZUULphr Z66VFJlqWnWvu4+GChAAVoQdVfcggIil3pX0sD09oa2ytX4MLHTjqCacMYZhmQVY GhdMnWJuqybgav6O/QQVp+O6Kj64Sv+EFCgzflQOn7yyOSdnw4br4WdMSMNj5ajK pklewt8BORnDbVzSf3HJrtbBmdE8Qpy9 -----END CERTIFICATE-----Generated at Tue Nov 4 12:44:43 2025 by rpki-client