$ rpki-client -vvf rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft File: OIes3fccvvSnUh2EUe7LrrJRnv0.mft (raw, json) Hash identifier: yJtCsywsJ9Nidem8peV6pawkYs7PS1UV1tAU/XBOO1A= Subject key identifier: 51:7F:23:88:80:D9:EE:9C:A1:1F:A1:DE:B6:2B:BD:8A:FE:1D:C2:59 Authority key identifier: 38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD Certificate issuer: /CN=A91778D4/serialNumber=3887ACDDF71CBEF4A7521D8451EECBAEB2519EFD Certificate serial: 040D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft Manifest number: 0408 Signing time: Wed 05 Nov 2025 00:31:47 +0000 Manifest this update: Wed 05 Nov 2025 00:31:47 +0000 Manifest next update: Wed 12 Nov 2025 00:31:47 +0000 Files and hashes: 1: OIes3fccvvSnUh2EUe7LrrJRnv0.crl (hash: wem8S2D2e2rXY/siRBg6A91kZ31ddy7zBsNU40ER5ow=) 2: 13F9F650905511EC9A978D19C4F9AE02.roa (hash: LsezswxbsYTDkD8XmvSpL4OSBTZlfRn5UeJiOefMqvA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.crl rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:31:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1037 (0x40d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91778D4, serialNumber=3887ACDDF71CBEF4A7521D8451EECBAEB2519EFD Validity Not Before: Nov 5 00:31:47 2025 GMT Not After : Nov 12 00:31:47 2025 GMT Subject: CN=690a9af3-1249 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:58:56:92:fd:76:6d:c9:aa:a7:39:35:ac:28: b3:1e:25:55:4c:8e:53:ac:46:e6:6f:37:a3:60:f9: f0:1d:7b:07:b9:e4:31:e4:03:b1:7b:b8:e8:41:27: 38:41:31:c0:3b:ca:ab:75:4e:2e:d7:07:64:81:da: 73:88:cf:d5:61:2c:ec:29:aa:a9:81:06:70:5e:42: c0:e6:6a:8c:b6:b8:c8:0a:a7:34:27:97:0b:29:fa: 99:bb:8d:fd:2b:12:3d:9b:e1:66:b5:a3:12:e3:6f: 52:6f:8c:80:63:75:33:ca:16:01:29:a1:85:6f:57: 44:e8:3d:86:35:b5:3a:57:fe:c6:ec:c7:60:61:ed: 72:54:05:5e:de:a6:47:1b:af:1a:b6:ca:51:dc:b6: cc:3e:85:ec:82:45:82:bb:62:06:1f:f4:91:ee:1a: 4f:8e:0f:b3:82:19:30:20:27:53:16:bb:7a:b1:df: e7:8f:f5:56:53:c5:ab:c5:5b:ea:2d:9c:b4:29:df: 2b:21:10:bd:96:28:2e:ab:ab:5c:31:06:66:e5:e7: f7:61:33:fc:cd:cc:80:81:1d:59:e9:39:2a:e2:65: ee:8b:ce:be:4a:f0:e8:8e:56:ca:19:f2:b5:b4:d9: fe:60:58:d4:ab:91:15:94:97:46:08:c2:c6:c9:9f: 15:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:7F:23:88:80:D9:EE:9C:A1:1F:A1:DE:B6:2B:BD:8A:FE:1D:C2:59 X509v3 Authority Key Identifier: keyid:38:87:AC:DD:F7:1C:BE:F4:A7:52:1D:84:51:EE:CB:AE:B2:51:9E:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIes3fccvvSnUh2EUe7LrrJRnv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778D4/D9D5693A905111ECA3699615C4F9AE02/OIes3fccvvSnUh2EUe7LrrJRnv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:33:d3:17:e4:19:3e:7d:14:73:9c:f9:a1:92:5e:f7:c4:34: 69:54:23:ba:82:34:b0:1e:38:fc:67:5c:f1:f2:57:21:4e:f8: 00:3a:06:c2:0d:1d:c4:8f:9d:ca:ed:e3:c8:0c:63:f5:60:aa: cb:f5:53:f0:6b:b5:68:73:b7:ff:59:1c:93:46:5c:ec:73:c3: 8d:e1:63:b4:78:a3:67:f0:df:4a:ee:88:4e:67:23:5b:17:bd: 60:d0:5d:8e:5b:44:70:ce:78:48:d5:6f:90:f5:ac:02:61:6c: 3a:41:94:4d:42:4b:b0:ea:1b:c5:b4:24:02:ef:d5:2d:27:74: a1:3a:a9:e1:13:de:62:92:cc:ff:cf:97:2c:1b:8f:25:17:68: d1:bf:76:b0:73:40:b3:55:6e:7c:c2:81:f9:91:04:28:5e:5c: c8:41:98:7d:af:6b:bc:dd:bd:f2:48:f7:d0:69:87:ec:9d:23: a7:dd:d0:a3:cd:e8:e2:20:ac:ec:c4:32:6e:85:eb:fb:37:86: c9:d9:f7:2d:a3:ca:e7:29:e0:d6:46:6f:5c:f3:d7:e9:24:67: 5b:03:5e:ad:2e:3d:c0:8b:ca:a9:05:fc:d8:88:19:1b:28:85: d2:4f:c1:0b:26:bc:46:44:e0:52:8f:a7:8b:2b:6d:bf:2b:8c: cd:04:19:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzc4RDQxMTAvBgNVBAUTKDM4ODdBQ0RERjcxQ0JFRjRBNzUyMUQ4NDUxRUVDQkFF QjI1MTlFRkQwHhcNMjUxMTA1MDAzMTQ3WhcNMjUxMTEyMDAzMTQ3WjAYMRYwFAYD VQQDEw02OTBhOWFmMy0xMjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxlhWkv12bcmqpzk1rCizHiVVTI5TrEbmbzejYPnwHXsHueQx5AOxe7joQSc4 QTHAO8qrdU4u1wdkgdpziM/VYSzsKaqpgQZwXkLA5mqMtrjICqc0J5cLKfqZu439 KxI9m+FmtaMS429Sb4yAY3UzyhYBKaGFb1dE6D2GNbU6V/7G7MdgYe1yVAVe3qZH G68atspR3LbMPoXsgkWCu2IGH/SR7hpPjg+zghkwICdTFrt6sd/nj/VWU8WrxVvq LZy0Kd8rIRC9liguq6tcMQZm5ef3YTP8zcyAgR1Z6Tkq4mXui86+SvDojlbKGfK1 tNn+YFjUq5EVlJdGCMLGyZ8VCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFF/I4iA 2e6coR+h3rYrvYr+HcJZMB8GA1UdIwQYMBaAFDiHrN33HL70p1IdhFHuy66yUZ79 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhENC9EOUQ1NjkzQTkw NTExMUVDQTM2OTk2MTVDNEY5QUUwMi9PSWVzM2ZjY3Z2U25VaDJFVWU3THJySlJu djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09JZXMzZmNjdnZTblVoMkVVZTdMcnJKUm52MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NzhENC9EOUQ1NjkzQTkwNTExMUVDQTM2OTk2MTVDNEY5QUUwMi9PSWVzM2ZjY3Z2 U25VaDJFVWU3THJySlJudjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+M9MX5Bk+fRRznPmhkl73xDRpVCO6gjSwHjj8Z1zx8lchTvgAOgbC DR3Ej53K7ePIDGP1YKrL9VPwa7Voc7f/WRyTRlzsc8ON4WO0eKNn8N9K7ohOZyNb F71g0F2OW0RwznhI1W+Q9awCYWw6QZRNQkuw6hvFtCQC79UtJ3ShOqnhE95iksz/ z5csG48lF2jRv3awc0CzVW58woH5kQQoXlzIQZh9r2u83b3ySPfQaYfsnSOn3dCj zejiIKzsxDJuhev7N4bJ2fcto8rnKeDWRm9c89fpJGdbA16tLj3Ai8qpBfzYiBkb KIXST8ELJrxGROBSj6eLK22/K4zNBBnG -----END CERTIFICATE-----Generated at Wed Nov 5 03:57:20 2025 by rpki-client