$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft File: OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft (raw, json) Hash identifier: L3IPhX0XiJWtkPN/VxQZcyigcMRSyKmD8UhYVSDezWI= Subject key identifier: DA:08:91:91:74:5F:FC:91:CC:CE:A8:E8:1E:8C:E4:6B:05:29:83:E7 Authority key identifier: 3A:14:94:25:BE:32:85:D6:11:4B:01:F6:C2:FC:88:A1:7A:FF:4B:EC Certificate issuer: /CN=A91CAB4E/serialNumber=3A149425BE3285D6114B01F6C2FC88A17AFF4BEC Certificate serial: 13DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft Manifest number: 13D4 Signing time: Tue 04 Nov 2025 17:01:50 +0000 Manifest this update: Tue 04 Nov 2025 17:01:50 +0000 Manifest next update: Tue 11 Nov 2025 17:01:50 +0000 Files and hashes: 1: OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl (hash: TF0bbUvNHAdH49R/tsIjUBL2wUp46YrKf6rk57n+Fg4=) 2: 7F662C72997011E8B0FDEF57C4F9AE02.roa (hash: 9C6Tg9SKyHhrTv8/E20KOofW2E66mUILhErIQqYMZ/U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5086 (0x13de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAB4E, serialNumber=3A149425BE3285D6114B01F6C2FC88A17AFF4BEC Validity Not Before: Nov 4 17:01:50 2025 GMT Not After : Nov 11 17:01:50 2025 GMT Subject: CN=690a317e-634d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b1:46:bd:c7:11:ba:f9:5e:8f:6a:ac:90:4f: 95:89:a3:8c:b0:87:b8:50:be:0f:fd:29:cc:2d:e4: 2c:8a:e6:7f:cb:c3:a8:ef:ed:e5:41:fc:ed:25:f5: 14:fa:01:a7:c4:72:bb:17:9c:4f:af:f2:e1:19:36: 86:de:f4:87:a8:49:ff:5d:e6:25:24:fd:ec:a3:b2: d2:95:95:1a:d6:b1:a6:0d:59:59:a2:c1:d3:00:0d: c9:9b:e2:75:f9:af:37:68:29:5b:31:25:57:33:c2: d6:4e:a7:0d:50:1c:c6:b4:0b:c1:bd:ae:02:46:f0: d5:18:c4:f5:05:1a:15:e5:ea:6b:7f:e9:70:d2:24: 17:b2:74:00:f8:17:16:5a:d3:74:3e:a6:13:3d:f6: 1b:41:fc:5b:e1:b1:2f:bc:ff:a6:a4:d7:cd:cb:1c: 6b:c1:54:b5:07:11:8b:85:74:4b:59:53:55:7a:de: 84:c3:dd:4f:67:92:dd:d4:20:bf:7e:da:30:56:fc: 7c:61:47:5f:c3:62:18:33:3d:eb:d7:a7:35:c1:a7: dc:6f:a9:d7:91:9d:bb:5d:32:05:31:d6:ce:bd:07: 3f:4d:36:05:30:64:a2:6d:75:7d:e4:7e:40:11:11: 8c:33:05:07:5f:00:2d:82:9e:71:5f:57:5d:79:bb: ad:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:08:91:91:74:5F:FC:91:CC:CE:A8:E8:1E:8C:E4:6B:05:29:83:E7 X509v3 Authority Key Identifier: keyid:3A:14:94:25:BE:32:85:D6:11:4B:01:F6:C2:FC:88:A1:7A:FF:4B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhSUJb4yhdYRSwH2wvyIoXr_S-w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAB4E/2CA47066997011E8861DD057C4F9AE02/OhSUJb4yhdYRSwH2wvyIoXr_S-w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:99:02:d1:db:ee:39:d8:58:ca:60:9a:23:4d:d4:e5:75:d8: f5:45:ce:bf:0e:9c:59:47:92:42:2f:f9:34:bf:9a:a9:fe:de: 49:5d:56:6e:25:4f:24:8b:67:0c:ad:f9:a3:74:ca:e4:84:52: df:a1:3a:e5:d4:2c:1d:db:ea:41:59:39:d2:8d:2d:ba:31:d6: b8:ba:ee:54:ac:13:b3:3d:7d:ec:c9:01:51:41:33:a9:02:18: 01:74:32:6d:bf:3d:8a:40:bc:b3:0f:a0:ac:d2:0e:5d:cb:e6: 43:43:54:7b:40:f5:e5:bd:24:03:3a:a8:87:83:5f:11:86:89: 1f:f6:bf:ac:64:e8:ee:03:1e:e4:2f:b3:97:46:bb:f6:dd:b4: 44:4b:c9:dc:cf:e4:78:2b:83:74:4a:b0:99:cd:49:8c:a2:84: 91:cd:e9:c6:31:e8:cc:d0:9f:b9:e3:0e:f2:56:d3:00:93:59: 54:73:05:51:7d:b9:ec:ec:94:ce:70:32:23:e1:25:fc:ed:5d: bf:f3:11:fb:22:4f:a1:f3:92:b0:f7:0d:4a:5a:89:a2:5a:3c: 4b:dc:58:24:bb:43:65:7f:dd:d2:59:f9:31:d2:86:30:01:d6: 23:49:8a:a2:33:ab:f3:32:c5:39:73:92:38:16:b8:53:9b:7a: 12:b3:53:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FCNEUxMTAvBgNVBAUTKDNBMTQ5NDI1QkUzMjg1RDYxMTRCMDFGNkMyRkM4OEEx N0FGRjRCRUMwHhcNMjUxMTA0MTcwMTUwWhcNMjUxMTExMTcwMTUwWjAYMRYwFAYD VQQDEw02OTBhMzE3ZS02MzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAurFGvccRuvlej2qskE+ViaOMsIe4UL4P/SnMLeQsiuZ/y8Oo7+3lQfztJfUU +gGnxHK7F5xPr/LhGTaG3vSHqEn/XeYlJP3so7LSlZUa1rGmDVlZosHTAA3Jm+J1 +a83aClbMSVXM8LWTqcNUBzGtAvBva4CRvDVGMT1BRoV5eprf+lw0iQXsnQA+BcW WtN0PqYTPfYbQfxb4bEvvP+mpNfNyxxrwVS1BxGLhXRLWVNVet6Ew91PZ5Ld1CC/ ftowVvx8YUdfw2IYMz3r16c1wafcb6nXkZ27XTIFMdbOvQc/TTYFMGSibXV95H5A ERGMMwUHXwAtgp5xX1ddebutZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNoIkZF0 X/yRzM6o6B6M5GsFKYPnMB8GA1UdIwQYMBaAFDoUlCW+MoXWEUsB9sL8iKF6/0vs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUI0RS8yQ0E0NzA2Njk5 NzAxMUU4ODYxREQwNTdDNEY5QUUwMi9PaFNVSmI0eWhkWVJTd0gyd3Z5SW9Ycl9T LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oU1VKYjR5aGRZUlN3SDJ3dnlJb1hyX1Mtdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUI0RS8yQ0E0NzA2Njk5NzAxMUU4ODYxREQwNTdDNEY5QUUwMi9PaFNVSmI0eWhk WVJTd0gyd3Z5SW9Ycl9TLXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzmQLR2+452FjKYJojTdTlddj1Rc6/DpxZR5JCL/k0v5qp/t5JXVZu JU8ki2cMrfmjdMrkhFLfoTrl1Cwd2+pBWTnSjS26Mda4uu5UrBOzPX3syQFRQTOp AhgBdDJtvz2KQLyzD6Cs0g5dy+ZDQ1R7QPXlvSQDOqiHg18Rhokf9r+sZOjuAx7k L7OXRrv23bRES8ncz+R4K4N0SrCZzUmMooSRzenGMejM0J+54w7yVtMAk1lUcwVR fbns7JTOcDIj4SX87V2/8xH7Ik+h85Kw9w1KWomiWjxL3Fgku0Nlf93SWfkx0oYw AdYjSYqiM6vzMsU5c5I4FrhTm3oSs1N8 -----END CERTIFICATE-----Generated at Wed Nov 5 05:14:19 2025 by rpki-client