$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: uDzx2fK2a9XnYTVpD5L5gTxAF7jfs7Ipui6FDp5ee5I= Subject key identifier: 60:56:C7:DD:6A:7D:9A:B7:02:A8:67:4D:1B:EE:F5:49:E1:18:0F:D1 Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0498 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 0492 Signing time: Mon 03 Nov 2025 00:00:13 +0000 Manifest this update: Mon 03 Nov 2025 00:00:13 +0000 Manifest next update: Mon 10 Nov 2025 00:00:13 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: AAHZRSzz1nH2WcoZjBxwGSB1GDIeNHiYRrEnV2UpnoM=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1176 (0x498) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Nov 3 00:00:13 2025 GMT Not After : Nov 10 00:00:13 2025 GMT Subject: CN=6907f08d-d8db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:91:c8:84:45:90:15:a2:f3:f3:70:15:c6:f3: 10:35:c7:e5:b4:e4:79:25:82:43:3d:b5:56:78:84: f6:ac:7d:70:d6:d8:4e:50:a5:21:0e:a4:44:50:64: ea:5d:ef:d5:5b:70:cb:b7:84:e6:2a:06:71:07:00: ad:ad:02:6a:ea:1e:c7:42:ab:e6:e9:79:44:97:14: 84:be:47:69:db:70:a5:8e:d5:83:4b:0e:0a:6b:17: 97:2f:a6:96:89:cd:a4:f7:a8:34:da:d9:e8:c4:e9: 54:46:9f:1a:c0:9d:f5:84:1d:a1:bd:d8:9e:9f:76: 59:97:dd:77:86:53:46:96:ba:0b:b0:21:ba:49:1d: 4b:db:a7:ef:f0:90:74:63:46:f7:25:6e:38:42:5f: 6d:69:43:51:78:78:af:ee:a2:1b:29:7c:a8:ac:e8: e2:b8:cb:da:92:de:91:98:31:62:8f:43:d1:53:c3: 05:16:e7:5f:3a:10:36:c9:8c:aa:28:97:79:66:6e: 86:eb:cf:8f:45:0f:81:47:33:d2:d8:1e:37:79:40: c4:44:b3:c5:bf:97:29:af:1a:16:6c:97:af:cc:10: 53:50:e5:e9:5d:f5:8f:4a:de:ff:3b:33:09:91:69: 95:f7:93:46:42:c0:5e:c7:a1:5b:af:49:5c:44:35: e9:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:56:C7:DD:6A:7D:9A:B7:02:A8:67:4D:1B:EE:F5:49:E1:18:0F:D1 X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:49:51:04:ee:40:5d:dd:88:fe:e2:87:4b:a4:c8:18:68:68: f0:0e:c0:46:47:11:6a:da:c0:4c:31:63:91:87:5c:30:ec:21: 5f:0f:cd:23:3e:b3:7f:c3:5d:cb:38:5a:c3:9a:05:a4:ac:e8: 28:be:b6:75:66:d0:10:0e:3e:93:95:0b:cc:1e:62:e0:76:79: 17:ae:ef:c1:31:b7:98:8c:85:c6:e1:3b:e6:5a:7d:fa:45:3e: 53:e2:bd:38:67:a2:be:c7:6f:9b:2f:48:1a:eb:d9:ee:6d:f7: f7:a9:6e:c8:49:01:ae:fd:d2:95:ec:23:83:ed:c4:e4:7b:93: d5:f4:c4:dd:1e:25:2e:9e:fa:62:ce:ea:76:4a:64:91:c4:89: da:0a:46:dd:31:e3:0b:ea:59:a5:21:2b:f6:d4:1f:74:08:d5: 6a:08:b3:1d:d5:01:a8:55:6d:b7:d1:d6:1f:fd:a4:07:3b:0b: a7:a1:ca:50:c3:bd:34:6f:a5:3a:47:a1:3d:e2:30:a0:b7:c6: d1:9a:b5:c4:fa:e2:27:3e:2e:6b:bd:17:7e:a5:66:17:02:e5: 6c:86:16:98:3e:75:64:ef:c6:15:50:84:f0:35:f3:f1:c5:cb: f2:4f:ad:ea:a2:82:17:d4:47:5e:ad:f2:69:a1:fb:4a:fe:37: ab:a1:67:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUxMTAzMDAwMDEzWhcNMjUxMTEwMDAwMDEzWjAYMRYwFAYD VQQDEw02OTA3ZjA4ZC1kOGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmJHIhEWQFaLz83AVxvMQNcfltOR5JYJDPbVWeIT2rH1w1thOUKUhDqREUGTq Xe/VW3DLt4TmKgZxBwCtrQJq6h7HQqvm6XlElxSEvkdp23CljtWDSw4KaxeXL6aW ic2k96g02tnoxOlURp8awJ31hB2hvdien3ZZl913hlNGlroLsCG6SR1L26fv8JB0 Y0b3JW44Ql9taUNReHiv7qIbKXyorOjiuMvakt6RmDFij0PRU8MFFudfOhA2yYyq KJd5Zm6G68+PRQ+BRzPS2B43eUDERLPFv5cprxoWbJevzBBTUOXpXfWPSt7/OzMJ kWmV95NGQsBex6Fbr0lcRDXpIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGBWx91q fZq3AqhnTRvu9UnhGA/RMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+SVEE7kBd3Yj+4odLpMgYaGjwDsBGRxFq2sBMMWORh1ww7CFfD80j PrN/w13LOFrDmgWkrOgovrZ1ZtAQDj6TlQvMHmLgdnkXru/BMbeYjIXG4TvmWn36 RT5T4r04Z6K+x2+bL0ga69nubff3qW7ISQGu/dKV7COD7cTke5PV9MTdHiUunvpi zup2SmSRxInaCkbdMeML6lmlISv21B90CNVqCLMd1QGoVW230dYf/aQHOwunocpQ w700b6U6R6E94jCgt8bRmrXE+uInPi5rvRd+pWYXAuVshhaYPnVk78YVUITwNfPx xcvyT63qooIX1EderfJpoftK/jeroWeQ -----END CERTIFICATE-----Generated at Tue Nov 4 08:20:03 2025 by rpki-client