$ rpki-client -vvf rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft File: oNZvEXVTOiOoUulRUGXIWjOec4Y.mft (raw, json) Hash identifier: luckVaBx809UTSaKvahfBRQKbfu9AULr9Dk+kURFj8I= Subject key identifier: 15:6F:A2:0A:A3:15:A8:83:A3:75:31:91:25:89:60:50:20:AB:4D:26 Authority key identifier: A0:D6:6F:11:75:53:3A:23:A8:52:E9:51:50:65:C8:5A:33:9E:73:86 Certificate issuer: /CN=A9158547/serialNumber=A0D66F1175533A23A852E9515065C85A339E7386 Certificate serial: 016A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft Manifest number: 0167 Signing time: Mon 03 Nov 2025 03:57:49 +0000 Manifest this update: Mon 03 Nov 2025 03:57:49 +0000 Manifest next update: Mon 10 Nov 2025 03:57:49 +0000 Files and hashes: 1: oNZvEXVTOiOoUulRUGXIWjOec4Y.crl (hash: FK4M92r1vlXaz64Jgtm+P5ZL1zoFMfAuH1nBVecRPKM=) 2: 6E7BFE7092A611EEBD5D8720C4F9AE02.roa (hash: I77zej0g2IdMx6WMXQdInqyMmRTM3TktU3rYTAd3Uxo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.crl rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 362 (0x16a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158547, serialNumber=A0D66F1175533A23A852E9515065C85A339E7386 Validity Not Before: Nov 3 03:57:49 2025 GMT Not After : Nov 10 03:57:49 2025 GMT Subject: CN=6908283d-3a3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:54:c8:c5:ad:97:9f:53:9d:f8:ec:33:53:68: c2:4d:d3:a0:a9:97:28:ba:fa:6d:fa:36:34:ad:3b: 8f:5a:39:7a:86:0d:10:05:2b:d1:af:d9:c3:f5:34: 05:ea:20:71:e8:b9:f2:64:20:7e:9f:10:42:4a:94: 16:a0:82:58:00:e6:ad:ae:b1:06:db:94:85:db:13: f4:57:7e:20:a2:1c:04:6d:99:58:8d:e5:a0:bd:3f: 31:8e:2a:cc:72:a8:53:cf:99:ab:a7:d7:87:f7:35: 94:f2:1f:fb:d6:ad:26:2e:d3:3a:c4:73:fb:48:c0: 0b:43:21:e1:93:60:2f:bd:d7:bf:20:af:57:08:03: 2d:38:b7:47:27:69:51:f2:fa:c6:82:a8:9d:3d:31: e3:09:62:c7:21:81:ea:8a:e7:d0:29:f5:d0:12:47: 3f:a5:a6:a2:c1:14:4c:fb:4a:d6:8f:59:17:3b:85: 24:6c:13:29:57:cf:99:2b:cc:21:1a:9a:5c:ea:ef: 58:c6:86:3a:cd:9b:fd:98:8a:58:12:c7:61:47:41: bb:c5:da:dd:70:7c:01:12:b1:35:3a:75:4f:52:0c: 4c:51:74:ec:28:b4:74:90:b6:09:5f:36:f8:fe:2c: d7:1d:79:f2:1e:1f:5c:93:ce:7c:5a:06:5f:e5:f9: 28:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:6F:A2:0A:A3:15:A8:83:A3:75:31:91:25:89:60:50:20:AB:4D:26 X509v3 Authority Key Identifier: keyid:A0:D6:6F:11:75:53:3A:23:A8:52:E9:51:50:65:C8:5A:33:9E:73:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oNZvEXVTOiOoUulRUGXIWjOec4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158547/B38668E492A511EE8CD95B1EC4F9AE02/oNZvEXVTOiOoUulRUGXIWjOec4Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:00:04:e9:ba:44:dc:07:04:a7:7e:a7:17:25:d0:b2:ae:db: c6:26:33:38:92:19:72:05:35:70:e5:98:65:05:00:73:ab:6d: cb:43:5f:05:64:dd:aa:bf:e5:3a:bf:d4:65:61:d3:e4:64:12: c1:b9:47:1b:ab:29:14:8c:c3:99:9d:d3:2b:02:21:2e:2a:2a: 8f:97:93:84:ec:4e:b5:47:31:39:1c:1c:e3:e3:5e:41:90:31: 28:09:2e:bf:9d:ee:1b:e9:2f:87:2e:e4:10:64:2e:85:8a:5c: 55:f1:fb:0c:7f:53:73:a4:1a:5d:32:67:3b:57:47:91:07:63: 31:68:80:84:16:0f:dd:e8:db:ff:84:a7:6d:d1:74:5c:1f:d1: f7:97:52:69:92:0a:3c:61:3e:1a:69:5a:53:7d:e0:37:9f:4e: d5:e7:47:62:0d:db:a2:51:56:eb:4f:84:4b:f8:a6:b7:6a:a8: e7:b1:56:b2:9e:31:6a:11:43:c5:56:da:e1:b4:5f:20:34:14: e0:57:2a:2b:fb:2a:d3:fa:03:02:ef:d8:00:7c:52:c9:bc:ef: af:63:35:67:fa:87:8a:0a:4a:55:e6:6e:26:b4:ba:bb:4b:ff: 05:bd:23:f7:11:f2:1e:5c:24:e3:7a:84:5e:d9:44:0a:fd:6b: 6c:67:ad:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg1NDcxMTAvBgNVBAUTKEEwRDY2RjExNzU1MzNBMjNBODUyRTk1MTUwNjVDODVB MzM5RTczODYwHhcNMjUxMTAzMDM1NzQ5WhcNMjUxMTEwMDM1NzQ5WjAYMRYwFAYD VQQDEw02OTA4MjgzZC0zYTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAolTIxa2Xn1Od+OwzU2jCTdOgqZcouvpt+jY0rTuPWjl6hg0QBSvRr9nD9TQF 6iBx6LnyZCB+nxBCSpQWoIJYAOatrrEG25SF2xP0V34gohwEbZlYjeWgvT8xjirM cqhTz5mrp9eH9zWU8h/71q0mLtM6xHP7SMALQyHhk2Avvde/IK9XCAMtOLdHJ2lR 8vrGgqidPTHjCWLHIYHqiufQKfXQEkc/paaiwRRM+0rWj1kXO4UkbBMpV8+ZK8wh Gppc6u9YxoY6zZv9mIpYEsdhR0G7xdrdcHwBErE1OnVPUgxMUXTsKLR0kLYJXzb4 /izXHXnyHh9ck858WgZf5fkoWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBVvogqj FaiDo3UxkSWJYFAgq00mMB8GA1UdIwQYMBaAFKDWbxF1UzojqFLpUVBlyFoznnOG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU0Ny9CMzg2NjhFNDky QTUxMUVFOENEOTVCMUVDNEY5QUUwMi9vTlp2RVhWVE9pT29VdWxSVUdYSVdqT2Vj NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29OWnZFWFZUT2lPb1V1bFJVR1hJV2pPZWM0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODU0Ny9CMzg2NjhFNDkyQTUxMUVFOENEOTVCMUVDNEY5QUUwMi9vTlp2RVhWVE9p T29VdWxSVUdYSVdqT2VjNFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuAATpukTcBwSnfqcXJdCyrtvGJjM4khlyBTVw5ZhlBQBzq23LQ18F ZN2qv+U6v9RlYdPkZBLBuUcbqykUjMOZndMrAiEuKiqPl5OE7E61RzE5HBzj415B kDEoCS6/ne4b6S+HLuQQZC6FilxV8fsMf1NzpBpdMmc7V0eRB2MxaICEFg/d6Nv/ hKdt0XRcH9H3l1Jpkgo8YT4aaVpTfeA3n07V50diDduiUVbrT4RL+Ka3aqjnsVay njFqEUPFVtrhtF8gNBTgVyor+yrT+gMC79gAfFLJvO+vYzVn+oeKCkpV5m4mtLq7 S/8FvSP3EfIeXCTjeoRe2UQK/WtsZ625 -----END CERTIFICATE-----Generated at Tue Nov 4 12:34:48 2025 by rpki-client