$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.mft File: oL2xs_Hk5wTrTU8s5f405lA3uUM.mft (raw, json) Hash identifier: 7MDpqyYXHcNXPMbnGf6UBDwqR2srnEwCywpKcGSuKWA= Subject key identifier: F8:2A:9E:0C:F5:CE:5A:B7:FA:B5:4C:DF:3A:EB:48:18:D4:FC:5E:07 Authority key identifier: A0:BD:B1:B3:F1:E4:E7:04:EB:4D:4F:2C:E5:FE:34:E6:50:37:B9:43 Certificate issuer: /CN=A91A5B83/serialNumber=A0BDB1B3F1E4E704EB4D4F2CE5FE34E65037B943 Certificate serial: 0945 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oL2xs_Hk5wTrTU8s5f405lA3uUM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.mft Manifest number: 0938 Signing time: Tue 04 Nov 2025 20:18:49 +0000 Manifest this update: Tue 04 Nov 2025 20:18:48 +0000 Manifest next update: Tue 11 Nov 2025 20:18:48 +0000 Files and hashes: 1: oL2xs_Hk5wTrTU8s5f405lA3uUM.crl (hash: XBv6QEYnTceoeRrg7u8w126D+z+xuOlKzblFZSQKAGs=) 2: 975BB0CE73AD11EDAD75DB7DC4F9AE02.roa (hash: jBS/1Hlfhun69e6e4ZHEVPi7ipp4H+jsjI8X7M9ZNQw=) 3: A21F0938C44B11EB8CF88F1EC4F9AE02.roa (hash: /W7jNuOZe0YfOd8yIagbqgnCN+PhgeGc0tSQIMsMPPI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.crl rsync://rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oL2xs_Hk5wTrTU8s5f405lA3uUM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:18:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2373 (0x945) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5B83, serialNumber=A0BDB1B3F1E4E704EB4D4F2CE5FE34E65037B943 Validity Not Before: Nov 4 20:18:48 2025 GMT Not After : Nov 11 20:18:48 2025 GMT Subject: CN=690a5fa9-af75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:93:4f:62:5c:a3:2d:b7:72:29:c4:a8:c1:26: 31:6e:1d:5e:74:8d:18:76:eb:eb:7b:81:01:20:a8: 65:18:28:12:b5:a9:46:a3:f7:9c:39:8f:23:ee:00: cf:43:cb:3e:c7:38:c8:03:1b:22:9a:8b:49:73:7a: ad:bb:f3:f1:c2:9e:79:b5:9b:bf:ee:4c:b2:20:cf: 1d:b2:4a:2a:64:96:ba:5e:0e:c4:0f:69:dc:fe:15: 8c:79:e4:33:78:a9:98:80:27:f4:ac:c7:03:8d:af: 3f:82:d7:41:ef:fb:b0:9f:a3:99:b9:9d:41:14:a2: 09:bb:6e:50:e2:21:c3:6a:1d:8b:2e:55:0d:93:79: 59:91:ac:19:dc:8a:90:06:e9:ca:29:5c:1e:39:a5: 98:e9:52:bd:d9:64:d3:95:ec:eb:54:97:eb:c4:59: 02:cc:8f:75:95:17:d2:9a:69:bc:57:df:80:48:dc: 35:fa:8f:65:cc:75:19:fb:d5:a5:e0:d3:dc:63:8a: 55:19:70:37:a5:14:94:27:e7:3e:8c:f7:95:31:c8: 10:b9:5c:ae:97:3d:25:b3:90:5d:70:e3:7c:79:72: 68:5c:e5:9b:b7:52:22:56:5e:d6:aa:72:0d:da:e7: 7f:c0:a6:97:b1:94:12:17:e0:05:58:5f:01:ff:8e: 72:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:2A:9E:0C:F5:CE:5A:B7:FA:B5:4C:DF:3A:EB:48:18:D4:FC:5E:07 X509v3 Authority Key Identifier: keyid:A0:BD:B1:B3:F1:E4:E7:04:EB:4D:4F:2C:E5:FE:34:E6:50:37:B9:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oL2xs_Hk5wTrTU8s5f405lA3uUM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5B83/0F46CA8CADAF11EA84C04E10C4F9AE02/oL2xs_Hk5wTrTU8s5f405lA3uUM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:cb:98:25:cc:11:95:4c:80:ea:e1:45:25:8c:d1:19:31:46: dc:8c:c5:a8:ae:37:d6:08:15:4f:3c:89:92:84:05:59:ec:aa: 27:06:38:ba:62:5d:f7:c9:e1:bb:ee:37:94:70:d3:d8:bf:03: 9a:ee:e2:1e:ad:79:db:68:36:03:8e:64:c2:6a:6e:52:da:5a: ee:52:13:78:17:b3:ed:de:42:73:af:9e:04:ae:ec:05:26:ba: ce:47:a7:61:ef:9a:be:e4:70:fe:41:2f:38:90:2d:e8:ff:68: 49:09:84:07:44:bd:42:fb:b7:9d:f5:0a:d8:aa:ee:86:69:87: ff:0a:a4:e3:ee:e1:dc:ec:c1:c7:7d:89:b1:40:cb:c2:62:d7: 53:93:97:b9:48:f5:a3:f7:6b:44:20:fe:c5:28:93:ae:74:ca: e1:6a:9e:b6:da:97:ee:2b:7f:86:f9:1b:03:ef:72:18:f2:d0: 60:ba:25:68:58:81:a4:7e:7d:79:3c:47:df:ca:e8:71:50:22: 55:68:bb:a2:97:3b:cb:98:e0:97:17:97:af:15:da:4e:e7:2a: 09:8d:dc:c4:d7:4a:73:77:34:58:df:53:38:09:eb:f1:39:a5: e1:ac:58:6d:f6:c9:8b:1e:ed:35:7d:b9:4d:0c:05:c5:a2:5e: f8:dd:9f:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVCODMxMTAvBgNVBAUTKEEwQkRCMUIzRjFFNEU3MDRFQjRENEYyQ0U1RkUzNEU2 NTAzN0I5NDMwHhcNMjUxMTA0MjAxODQ4WhcNMjUxMTExMjAxODQ4WjAYMRYwFAYD VQQDEw02OTBhNWZhOS1hZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4pNPYlyjLbdyKcSowSYxbh1edI0Yduvre4EBIKhlGCgStalGo/ecOY8j7gDP Q8s+xzjIAxsimotJc3qtu/Pxwp55tZu/7kyyIM8dskoqZJa6Xg7ED2nc/hWMeeQz eKmYgCf0rMcDja8/gtdB7/uwn6OZuZ1BFKIJu25Q4iHDah2LLlUNk3lZkawZ3IqQ BunKKVweOaWY6VK92WTTlezrVJfrxFkCzI91lRfSmmm8V9+ASNw1+o9lzHUZ+9Wl 4NPcY4pVGXA3pRSUJ+c+jPeVMcgQuVyulz0ls5BdcON8eXJoXOWbt1IiVl7WqnIN 2ud/wKaXsZQSF+AFWF8B/45y/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPgqngz1 zlq3+rVM3zrrSBjU/F4HMB8GA1UdIwQYMBaAFKC9sbPx5OcE601PLOX+NOZQN7lD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUI4My8wRjQ2Q0E4Q0FE QUYxMUVBODRDMDRFMTBDNEY5QUUwMi9vTDJ4c19IazV3VHJUVThzNWY0MDVsQTN1 VU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29MMnhzX0hrNXdUclRVOHM1ZjQwNWxBM3VVTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NUI4My8wRjQ2Q0E4Q0FEQUYxMUVBODRDMDRFMTBDNEY5QUUwMi9vTDJ4c19IazV3 VHJUVThzNWY0MDVsQTN1VU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBty5glzBGVTIDq4UUljNEZMUbcjMWorjfWCBVPPImShAVZ7KonBji6 Yl33yeG77jeUcNPYvwOa7uIerXnbaDYDjmTCam5S2lruUhN4F7Pt3kJzr54EruwF JrrOR6dh75q+5HD+QS84kC3o/2hJCYQHRL1C+7ed9QrYqu6GaYf/CqTj7uHc7MHH fYmxQMvCYtdTk5e5SPWj92tEIP7FKJOudMrhap622pfuK3+G+RsD73IY8tBguiVo WIGkfn15PEffyuhxUCJVaLuilzvLmOCXF5evFdpO5yoJjdzE10pzdzRY31M4Cevx OaXhrFht9smLHu01fblNDAXFol743Z+i -----END CERTIFICATE-----Generated at Wed Nov 5 19:48:12 2025 by rpki-client