$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft File: oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft (raw, json) Hash identifier: AK3HBkzdFEt1SwrEoowAXQjJ3qzwu0oHcS/GRJ62g1U= Subject key identifier: 7B:68:32:E9:DB:76:14:4F:19:93:4E:C1:F1:52:FA:31:65:44:3F:13 Authority key identifier: A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 Certificate issuer: /CN=A91D9D8B/serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Certificate serial: 021F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft Manifest number: 021A Signing time: Mon 03 Nov 2025 02:08:39 +0000 Manifest this update: Mon 03 Nov 2025 02:08:38 +0000 Manifest next update: Mon 10 Nov 2025 02:08:38 +0000 Files and hashes: 1: oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl (hash: nxnOccK5iJB4yT9r+gTKWHsj7ady7uzFNtujsfnWb/w=) 2: 95C4C7AA7F7911ED9C1EAE19C4F9AE02.roa (hash: KfdVVRr1UwfhsTtUMM0Ph6w9qtVR9qcrLdXdVzGndCs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 543 (0x21f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D8B, serialNumber=A1938C912AC2F4A958B93DAF8F4B272015B0D8D8 Validity Not Before: Nov 3 02:08:38 2025 GMT Not After : Nov 10 02:08:38 2025 GMT Subject: CN=69080ea6-4f75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:5d:0e:b3:ce:fc:27:23:b2:3f:ae:5a:62:0b: 0e:d1:bf:c9:8e:39:3a:10:4a:32:5d:40:c6:19:40: 72:ca:86:c2:7f:48:87:69:d6:89:6d:22:da:77:ac: 25:7f:77:70:d8:c4:db:dd:89:b3:0a:e7:d2:51:b8: 01:8a:c4:34:9b:ed:3c:b9:88:c2:55:06:ae:28:24: 70:93:25:85:c4:30:0a:b2:7b:95:8b:4c:ef:7c:88: 31:87:60:56:19:b5:56:87:cf:8c:f8:ed:0e:cb:4c: b2:32:ed:d0:05:37:aa:93:48:d5:7e:94:ce:75:b2: d6:9f:67:fb:6d:93:cb:d6:24:fb:bd:d6:9f:4f:09: 1b:a0:30:a3:ca:ef:b9:f8:eb:14:99:9f:1a:22:22: a7:a1:40:eb:db:a7:72:7b:6d:b4:0a:1c:5c:08:15: 61:c2:c5:ed:f0:7c:b0:fc:91:d9:e0:40:e9:26:62: 4d:82:95:4f:73:77:86:4e:24:d4:90:37:ce:0f:69: 66:fe:e4:1e:1b:ae:d6:57:52:09:f1:fc:a4:e7:4b: 0b:f4:b0:5f:2c:64:cc:b6:bc:2f:79:a0:5d:4d:29: 85:7e:b0:c3:be:33:80:e7:5d:d8:0b:ab:c6:10:de: 63:70:d9:70:ed:f3:8c:c7:fa:d8:94:89:78:8e:0e: b2:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:68:32:E9:DB:76:14:4F:19:93:4E:C1:F1:52:FA:31:65:44:3F:13 X509v3 Authority Key Identifier: keyid:A1:93:8C:91:2A:C2:F4:A9:58:B9:3D:AF:8F:4B:27:20:15:B0:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oZOMkSrC9KlYuT2vj0snIBWw2Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D8B/5F11E02A7F7511ED8AFBE673C4F9AE02/oZOMkSrC9KlYuT2vj0snIBWw2Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:d9:47:83:02:44:88:d5:90:8a:75:e5:2d:7d:96:c0:b9:cb: 6e:80:f6:a3:de:fe:8b:1a:a2:4e:dd:3d:34:c3:9e:c1:81:e7: 4f:c6:03:d0:b3:5d:da:92:e1:f7:f6:86:3a:b4:bc:d6:2e:0e: 37:ef:39:0c:4e:20:90:e7:e9:0d:95:fa:15:c4:81:9e:56:d1: 6d:fd:d3:55:af:56:4e:49:91:07:bf:97:b1:f7:bc:73:6a:cc: 24:77:d0:38:1f:3c:ac:0d:89:07:ae:71:aa:19:a3:6a:0f:cb: c2:6f:b6:35:2c:65:67:4a:ac:33:38:cb:ab:df:fa:24:08:f1: 6a:a2:21:08:fc:63:b9:0f:c0:5a:97:2b:c8:e0:87:fd:ef:11: 69:8a:a4:e6:f6:d3:25:b0:50:f4:f0:46:18:14:82:90:14:d5: e0:0e:67:1f:f2:7a:66:bc:2e:93:07:51:15:70:26:3c:a4:d3: b6:3e:d0:31:51:8c:27:ff:0d:33:42:5f:06:26:80:ab:32:0d: 6c:3c:cf:59:5d:5c:30:bc:01:cd:12:9e:73:1b:39:58:28:1d: 03:8a:c9:dc:19:1c:b4:12:76:42:fd:a4:a9:c7:cf:e2:69:ff: 5a:55:1a:da:94:40:01:08:ee:84:43:2b:11:67:4f:bd:f1:97: 2b:7b:74:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEOEIxMTAvBgNVBAUTKEExOTM4QzkxMkFDMkY0QTk1OEI5M0RBRjhGNEIyNzIw MTVCMEQ4RDgwHhcNMjUxMTAzMDIwODM4WhcNMjUxMTEwMDIwODM4WjAYMRYwFAYD VQQDEw02OTA4MGVhNi00Zjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+l0Os878JyOyP65aYgsO0b/Jjjk6EEoyXUDGGUByyobCf0iHadaJbSLad6wl f3dw2MTb3YmzCufSUbgBisQ0m+08uYjCVQauKCRwkyWFxDAKsnuVi0zvfIgxh2BW GbVWh8+M+O0Oy0yyMu3QBTeqk0jVfpTOdbLWn2f7bZPL1iT7vdafTwkboDCjyu+5 +OsUmZ8aIiKnoUDr26dye220ChxcCBVhwsXt8Hyw/JHZ4EDpJmJNgpVPc3eGTiTU kDfOD2lm/uQeG67WV1IJ8fyk50sL9LBfLGTMtrwveaBdTSmFfrDDvjOA513YC6vG EN5jcNlw7fOMx/rYlIl4jg6yrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHtoMunb dhRPGZNOwfFS+jFlRD8TMB8GA1UdIwQYMBaAFKGTjJEqwvSpWLk9r49LJyAVsNjY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ4Qi81RjExRTAyQTdG NzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlLbFl1VDJ2ajBzbklCV3cy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29aT01rU3JDOUtsWXVUMnZqMHNuSUJXdzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ4Qi81RjExRTAyQTdGNzUxMUVEOEFGQkU2NzNDNEY5QUUwMi9vWk9Na1NyQzlL bFl1VDJ2ajBzbklCV3cyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBB2UeDAkSI1ZCKdeUtfZbAuctugPaj3v6LGqJO3T00w57BgedPxgPQ s13akuH39oY6tLzWLg437zkMTiCQ5+kNlfoVxIGeVtFt/dNVr1ZOSZEHv5ex97xz aswkd9A4HzysDYkHrnGqGaNqD8vCb7Y1LGVnSqwzOMur3/okCPFqoiEI/GO5D8Ba lyvI4If97xFpiqTm9tMlsFD08EYYFIKQFNXgDmcf8npmvC6TB1EVcCY8pNO2PtAx UYwn/w0zQl8GJoCrMg1sPM9ZXVwwvAHNEp5zGzlYKB0DisncGRy0EnZC/aSpx8/i af9aVRralEABCO6EQysRZ0+98Zcre3Qa -----END CERTIFICATE-----Generated at Tue Nov 4 08:20:01 2025 by rpki-client