$ rpki-client -vvf rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft File: OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft (raw, json) Hash identifier: E0UVq564ciEkUjXN5UhvqHaTHhWjIzGhAogKbz66F6g= Subject key identifier: DE:F4:63:6F:8A:26:3B:E5:57:18:3D:06:CA:BB:EF:DF:73:2F:5B:50 Authority key identifier: 3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 Certificate issuer: /CN=A915802B/serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Certificate serial: 0AD0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft Manifest number: 0AC7 Signing time: Tue 04 Nov 2025 19:34:16 +0000 Manifest this update: Tue 04 Nov 2025 19:34:15 +0000 Manifest next update: Tue 11 Nov 2025 19:34:15 +0000 Files and hashes: 1: OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl (hash: CyW4AqTTT19nXCW9ZByTZ0DSsHw3F/FOaH2vUynTDMA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:34:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2768 (0xad0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915802B, serialNumber=3A43780F6C432DEE474A8A9568590282DBEA5DB3 Validity Not Before: Nov 4 19:34:15 2025 GMT Not After : Nov 11 19:34:15 2025 GMT Subject: CN=690a5537-5711 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e4:3f:b5:9c:55:bb:00:ef:a6:1a:2c:c3:cf: 09:9f:96:cc:0c:ae:d0:eb:38:f8:78:b6:09:fc:60: e3:ca:41:a0:b8:b8:af:07:02:ee:df:47:b2:a1:15: 5b:b0:7c:b4:e8:64:9f:e9:e8:6b:ab:e8:50:ae:69: 70:57:9a:17:23:3a:61:50:94:b7:fd:a4:49:90:8a: 21:88:03:0b:3c:2c:ed:b5:10:de:d6:db:ba:bd:32: 1b:93:32:dc:8d:32:fb:ea:77:c4:b7:59:a3:f2:3b: d5:4d:99:68:f4:d8:86:98:fe:3b:ba:96:72:e5:ac: 1a:36:7d:f4:bd:1e:a0:59:fd:f6:1d:d7:65:64:8b: 6e:7d:4e:36:cf:58:99:b6:6c:09:2e:9b:86:a5:f3: 9e:63:fd:17:9b:d2:29:25:f9:6f:eb:85:d5:7d:bf: 68:2d:98:76:54:b3:fe:de:79:fb:9a:55:f0:28:f6: a2:49:cb:00:fb:cd:dd:0c:79:3c:43:0b:6a:0a:53: f7:65:ec:95:53:19:4b:00:ab:58:e1:0c:ff:3e:5f: 67:10:06:5d:0b:90:40:89:3d:cc:e5:e0:f5:4d:1f: b9:88:1e:ff:39:55:3c:d0:3c:34:da:76:60:2c:10: ab:e8:86:3d:19:75:ff:73:38:f3:e7:d9:b1:ec:df: bf:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:F4:63:6F:8A:26:3B:E5:57:18:3D:06:CA:BB:EF:DF:73:2F:5B:50 X509v3 Authority Key Identifier: keyid:3A:43:78:0F:6C:43:2D:EE:47:4A:8A:95:68:59:02:82:DB:EA:5D:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OkN4D2xDLe5HSoqVaFkCgtvqXbM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915802B/330CC3C4605011EA95776754C4F9AE02/OkN4D2xDLe5HSoqVaFkCgtvqXbM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:b6:4e:60:5c:20:be:7e:19:3b:6f:2a:73:d7:d2:9a:7d:4d: ec:7a:59:70:66:cb:aa:52:6e:6d:e3:9d:6c:e7:88:9e:ac:9f: dc:fc:a0:e0:9f:f0:a1:a1:c9:db:a9:25:78:c1:16:a4:41:6d: a7:93:18:5a:e4:59:7f:84:2c:18:6e:41:db:30:ce:19:e8:2f: d8:79:3d:aa:85:bc:84:60:02:3d:82:83:14:0b:fd:28:eb:13: e5:1b:31:3d:b6:6d:a4:ba:f7:de:10:15:ea:9b:51:e0:74:a1: a8:83:94:5c:20:49:0b:00:39:e9:44:4e:3e:ce:2b:bc:73:92: 2e:91:7b:37:72:c3:95:f1:ce:a8:90:44:a7:5b:d0:c3:e7:f1: cb:f9:46:29:d6:c9:17:65:b2:a3:94:46:f9:74:90:70:76:09: 8e:23:5f:dc:1d:71:07:3d:cb:e4:f4:d6:f8:28:b8:fd:92:8a: 7b:7e:cf:5e:62:63:36:f3:e7:2e:ce:49:86:ec:82:af:a4:15: 54:71:fe:8c:49:1b:f1:1e:17:04:31:ab:51:65:eb:99:23:30: 9d:28:d6:ac:da:75:be:b5:cf:2b:33:6e:b2:73:1d:69:e2:05: 99:06:55:01:56:c5:18:b1:f6:ef:31:9b:33:fa:c2:65:b3:35: f7:59:a7:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgwMkIxMTAvBgNVBAUTKDNBNDM3ODBGNkM0MzJERUU0NzRBOEE5NTY4NTkwMjgy REJFQTVEQjMwHhcNMjUxMTA0MTkzNDE1WhcNMjUxMTExMTkzNDE1WjAYMRYwFAYD VQQDEw02OTBhNTUzNy01NzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzeQ/tZxVuwDvphosw88Jn5bMDK7Q6zj4eLYJ/GDjykGguLivBwLu30eyoRVb sHy06GSf6ehrq+hQrmlwV5oXIzphUJS3/aRJkIohiAMLPCzttRDe1tu6vTIbkzLc jTL76nfEt1mj8jvVTZlo9NiGmP47upZy5awaNn30vR6gWf32HddlZItufU42z1iZ tmwJLpuGpfOeY/0Xm9IpJflv64XVfb9oLZh2VLP+3nn7mlXwKPaiScsA+83dDHk8 QwtqClP3ZeyVUxlLAKtY4Qz/Pl9nEAZdC5BAiT3M5eD1TR+5iB7/OVU80Dw02nZg LBCr6IY9GXX/czjz59mx7N+/LwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN70Y2+K JjvlVxg9Bsq7799zL1tQMB8GA1UdIwQYMBaAFDpDeA9sQy3uR0qKlWhZAoLb6l2z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODAyQi8zMzBDQzNDNDYw NTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExlNUhTb3FWYUZrQ2d0dnFY Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09rTjREMnhETGU1SFNvcVZhRmtDZ3R2cVhiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODAyQi8zMzBDQzNDNDYwNTAxMUVBOTU3NzY3NTRDNEY5QUUwMi9Pa040RDJ4RExl NUhTb3FWYUZrQ2d0dnFYYk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDtk5gXCC+fhk7bypz19KafU3sellwZsuqUm5t451s54ierJ/c/KDg n/ChocnbqSV4wRakQW2nkxha5Fl/hCwYbkHbMM4Z6C/YeT2qhbyEYAI9goMUC/0o 6xPlGzE9tm2kuvfeEBXqm1HgdKGog5RcIEkLADnpRE4+ziu8c5IukXs3csOV8c6o kESnW9DD5/HL+UYp1skXZbKjlEb5dJBwdgmOI1/cHXEHPcvk9Nb4KLj9kop7fs9e YmM28+cuzkmG7IKvpBVUcf6MSRvxHhcEMatRZeuZIzCdKNas2nW+tc8rM26ycx1p 4gWZBlUBVsUYsfbvMZsz+sJlszX3WadS -----END CERTIFICATE-----Generated at Wed Nov 5 20:55:09 2025 by rpki-client