$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft File: oCcZWkgg89cmSk1X7pqdTCoQySM.mft (raw, json) Hash identifier: XAYP0g2exSgD2zt0PIoLAIO+rqDJlMoNo/fQGzJ6OmQ= Subject key identifier: 2E:35:5F:1B:C5:C8:47:97:A5:B1:04:3F:A4:C4:0C:AF:F8:EE:F3:5E Authority key identifier: A0:27:19:5A:48:20:F3:D7:26:4A:4D:57:EE:9A:9D:4C:2A:10:C9:23 Certificate issuer: /CN=A91C1621/serialNumber=A027195A4820F3D7264A4D57EE9A9D4C2A10C923 Certificate serial: A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oCcZWkgg89cmSk1X7pqdTCoQySM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft Manifest number: A0 Signing time: Tue 04 Nov 2025 14:16:11 +0000 Manifest this update: Tue 04 Nov 2025 14:16:10 +0000 Manifest next update: Tue 11 Nov 2025 14:16:10 +0000 Files and hashes: 1: oCcZWkgg89cmSk1X7pqdTCoQySM.crl (hash: MbmySYeFDIf8FWJnDZzEOZoJS0JITQaAkK32bjDsIC0=) 2: 81E4D4A2053011F09C73001FC4F9AE02.roa (hash: BG8Qcl3ND1x5a+MIHh/xpmjjxkGhO2Fu+dtsOmd2KRo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.crl rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oCcZWkgg89cmSk1X7pqdTCoQySM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:16:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621, serialNumber=A027195A4820F3D7264A4D57EE9A9D4C2A10C923 Validity Not Before: Nov 4 14:16:10 2025 GMT Not After : Nov 11 14:16:10 2025 GMT Subject: CN=690a0aaa-a110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:3d:eb:06:17:d8:3e:ee:c9:83:25:7f:f6:f8: a5:a4:39:6c:bf:e1:0b:9b:04:c4:c8:ff:55:df:3e: 13:b2:16:67:0b:29:d6:43:92:f4:1a:cb:a6:ac:11: d1:00:0c:92:0c:d7:0c:3e:13:2c:14:28:c2:6b:c6: b8:c7:40:42:8e:c7:75:6e:7f:d9:a5:df:61:9e:50: dc:91:1f:b7:4c:30:79:0c:73:64:5b:f2:25:06:0c: 64:93:8f:c9:12:24:db:7b:5b:8c:e0:a2:7d:d0:78: 02:b0:a7:7a:72:b9:b9:ff:03:82:5c:ec:c5:68:d4: 1f:41:05:ae:f2:7a:84:eb:0d:9f:16:91:52:74:42: 54:ff:d6:cc:93:f3:56:3d:0a:72:d0:42:a2:65:5e: ae:1b:76:cd:44:fc:cb:50:35:c4:ec:a3:40:85:b5: 97:71:4a:ba:67:95:a3:a1:bc:eb:ea:f2:07:63:a6: bb:0a:d2:06:5a:9e:bf:cb:04:c8:a8:3b:8c:b2:05: a9:65:8b:2f:ff:b6:93:a9:71:1a:9b:27:ba:d9:89: c0:1e:2b:c8:bb:0c:2a:74:3d:af:1a:fc:d1:28:e3: 6b:ba:4d:7c:e1:6f:ce:d6:e7:1c:ca:ed:00:2b:8c: 47:fa:f3:1e:e6:25:20:70:41:8c:a8:15:e0:b9:7c: f1:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:35:5F:1B:C5:C8:47:97:A5:B1:04:3F:A4:C4:0C:AF:F8:EE:F3:5E X509v3 Authority Key Identifier: keyid:A0:27:19:5A:48:20:F3:D7:26:4A:4D:57:EE:9A:9D:4C:2A:10:C9:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oCcZWkgg89cmSk1X7pqdTCoQySM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/35EDA92ECF0D11EF92F1EC36C4F9AE02/oCcZWkgg89cmSk1X7pqdTCoQySM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:a5:79:0a:4d:77:22:44:f9:17:c0:c8:c6:79:31:b3:3c:92: 26:07:22:67:8c:88:8c:19:d9:9f:42:3a:a5:25:61:00:25:fc: ee:6f:86:6e:13:bf:f2:49:da:94:95:da:15:49:e3:36:bc:0d: 89:43:e7:cd:53:da:9a:52:c0:d5:39:d6:da:d2:6c:a0:b1:7c: d5:22:0b:41:c2:18:a4:ae:8e:cb:6f:dc:aa:78:53:f1:c9:38: 89:76:83:15:ed:6c:58:52:4e:49:05:35:b9:3e:ff:ac:c5:f9: 24:2e:7f:ab:9b:0c:83:a9:a7:a0:9b:d3:ba:c0:e7:e8:80:3f: 29:2c:68:99:29:f3:5a:b9:49:42:cd:e4:09:48:6b:0e:a2:c7: 6e:92:60:d9:8a:21:d0:21:b5:40:3c:90:83:d5:9a:0e:37:44: a2:4d:55:84:a8:c2:2d:99:86:f7:30:d2:e8:75:f0:be:0d:ee: ca:da:ca:1a:31:af:a9:bc:0a:09:72:92:a4:14:d4:fa:81:1f: 7c:34:44:4c:1c:44:81:10:d4:1a:59:bd:ad:77:99:ac:e1:bc: d4:f0:72:e9:b7:3d:42:fa:0a:31:33:c4:42:3d:f0:db:b6:6c: 20:fc:0f:99:d3:c6:6b:de:1c:3c:db:6f:10:5f:85:f8:5c:f5: 4c:19:34:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEEwMjcxOTVBNDgyMEYzRDcyNjRBNEQ1N0VFOUE5RDRD MkExMEM5MjMwHhcNMjUxMTA0MTQxNjEwWhcNMjUxMTExMTQxNjEwWjAYMRYwFAYD VQQDEw02OTBhMGFhYS1hMTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2j3rBhfYPu7JgyV/9vilpDlsv+ELmwTEyP9V3z4TshZnCynWQ5L0GsumrBHR AAySDNcMPhMsFCjCa8a4x0BCjsd1bn/Zpd9hnlDckR+3TDB5DHNkW/IlBgxkk4/J EiTbe1uM4KJ90HgCsKd6crm5/wOCXOzFaNQfQQWu8nqE6w2fFpFSdEJU/9bMk/NW PQpy0EKiZV6uG3bNRPzLUDXE7KNAhbWXcUq6Z5Wjobzr6vIHY6a7CtIGWp6/ywTI qDuMsgWpZYsv/7aTqXEamye62YnAHivIuwwqdD2vGvzRKONruk184W/O1uccyu0A K4xH+vMe5iUgcEGMqBXguXzx6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC41XxvF yEeXpbEEP6TEDK/47vNeMB8GA1UdIwQYMBaAFKAnGVpIIPPXJkpNV+6anUwqEMkj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS8zNUVEQTkyRUNG MEQxMUVGOTJGMUVDMzZDNEY5QUUwMi9vQ2NaV2tnZzg5Y21TazFYN3BxZFRDb1F5 U00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29DY1pXa2dnODljbVNrMVg3cHFkVENvUXlTTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MTYyMS8zNUVEQTkyRUNGMEQxMUVGOTJGMUVDMzZDNEY5QUUwMi9vQ2NaV2tnZzg5 Y21TazFYN3BxZFRDb1F5U00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnpXkKTXciRPkXwMjGeTGzPJImByJnjIiMGdmfQjqlJWEAJfzub4Zu E7/ySdqUldoVSeM2vA2JQ+fNU9qaUsDVOdba0mygsXzVIgtBwhikro7Lb9yqeFPx yTiJdoMV7WxYUk5JBTW5Pv+sxfkkLn+rmwyDqaegm9O6wOfogD8pLGiZKfNauUlC zeQJSGsOosdukmDZiiHQIbVAPJCD1ZoON0SiTVWEqMItmYb3MNLodfC+De7K2soa Ma+pvAoJcpKkFNT6gR98NERMHESBENQaWb2td5ms4bzU8HLptz1C+goxM8RCPfDb tmwg/A+Z08Zr3hw8228QX4X4XPVMGTTA -----END CERTIFICATE-----Generated at Wed Nov 5 07:52:27 2025 by rpki-client