$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: yMOWfQikkcCx8poViczwjpsIELM2vkjOKJ7SJsG+gkw= Subject key identifier: C8:9F:C6:0E:A6:00:53:A9:2E:FF:19:E6:D0:11:97:7B:66:A9:E6:D7 Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 01A0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 019C Signing time: Sun 02 Nov 2025 17:42:03 +0000 Manifest this update: Sun 02 Nov 2025 17:42:03 +0000 Manifest next update: Sun 09 Nov 2025 17:42:03 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: kVbY8CjbyjruB8oup6pfvtmzsFkBIvH89MxOVS4nRXI=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: a5Y/yZKxW3IrKI0721MYV+ivPl5QgwwgGyen+XzCmBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:42:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 416 (0x1a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Nov 2 17:42:03 2025 GMT Not After : Nov 9 17:42:03 2025 GMT Subject: CN=690797eb-e4b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a8:99:d2:e1:2b:14:a2:37:5a:7e:07:f2:0d: 0c:6f:10:0e:8b:dc:bc:51:d9:59:c6:e6:38:7c:69: c3:8a:f4:5f:8c:aa:43:75:28:33:83:65:1e:89:af: ee:60:a8:51:9f:9d:c6:bd:8a:52:c9:2a:21:5f:9f: d4:7d:33:d6:81:31:18:74:86:44:64:d9:b7:d8:c9: 23:4f:0e:70:6f:12:75:2b:7e:d7:6b:10:3b:cf:ac: 11:42:ee:ca:01:e0:e2:eb:5f:18:d4:1f:2b:d8:b9: e4:ee:38:89:e8:16:fc:34:6e:be:59:ff:df:a9:07: f8:20:04:a5:2b:df:15:cd:44:04:1c:d6:78:e3:7e: eb:72:e8:64:f5:8a:66:dc:07:d1:5f:33:ee:16:7d: 6a:68:a7:95:ac:dc:a7:da:2a:cf:c1:65:1f:19:ce: 1a:13:42:42:13:9b:d2:54:d7:4f:e5:d2:21:a5:d2: 25:27:5e:ba:e6:06:92:95:89:63:83:e9:60:70:6a: 2c:87:1a:e7:bc:ef:fb:22:ec:1c:a1:ab:f5:b2:71: f5:79:4a:e5:84:2a:d3:cd:b6:6a:46:c7:86:4e:4a: 5b:17:1d:55:86:74:01:f3:df:8f:cc:d0:0b:cb:33: 2d:8b:06:0b:39:44:1f:3f:c7:88:ef:b2:34:e9:36: 73:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:9F:C6:0E:A6:00:53:A9:2E:FF:19:E6:D0:11:97:7B:66:A9:E6:D7 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:2a:10:3d:08:61:1b:10:7a:c4:46:c9:9f:b6:1b:c8:e5:9b: 64:ef:26:d0:d7:5a:60:ab:de:ce:7a:d5:da:2c:1a:8a:ed:b1: c3:7e:a8:59:16:0b:eb:e6:e0:e5:52:03:7c:48:86:a6:39:f7: 01:2e:07:c6:dc:8f:73:b7:ea:a8:67:ed:12:0a:34:17:13:49: 96:4f:af:ed:76:77:71:fa:82:95:7b:d0:2b:63:19:74:a4:8e: 4a:9e:d2:fc:95:2b:d1:90:3a:5f:81:b4:70:ea:64:b3:71:6f: d4:25:87:54:a1:ad:6e:ff:e6:3d:12:55:6b:b9:70:d3:0c:35: a5:13:a3:d2:07:dc:dc:9c:9a:db:f1:16:de:14:c3:24:c5:34: 02:b8:ad:b4:80:9a:04:42:df:e1:d1:6f:bb:9a:10:05:74:c1: c5:32:af:8d:c8:27:59:26:9c:51:b6:1c:63:0b:79:d9:52:7e: 7b:3e:03:0b:41:d6:89:d7:bd:28:65:09:a1:3b:05:73:51:01: ac:5f:34:7f:fe:0c:e7:66:9d:71:ea:c4:6b:d2:ff:2e:dd:18: 64:5f:d9:83:8e:00:85:d7:b4:99:f8:58:2b:6b:e1:cc:28:bf: fb:b6:47:5c:d4:98:14:25:41:b8:be:16:33:de:a3:41:4a:06: fc:d1:7d:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUxMTAyMTc0MjAzWhcNMjUxMTA5MTc0MjAzWjAYMRYwFAYD VQQDEw02OTA3OTdlYi1lNGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvaiZ0uErFKI3Wn4H8g0MbxAOi9y8UdlZxuY4fGnDivRfjKpDdSgzg2Ueia/u YKhRn53GvYpSySohX5/UfTPWgTEYdIZEZNm32MkjTw5wbxJ1K37XaxA7z6wRQu7K AeDi618Y1B8r2Lnk7jiJ6Bb8NG6+Wf/fqQf4IASlK98VzUQEHNZ4437rcuhk9Ypm 3AfRXzPuFn1qaKeVrNyn2irPwWUfGc4aE0JCE5vSVNdP5dIhpdIlJ1665gaSlYlj g+lgcGoshxrnvO/7Iuwcoav1snH1eUrlhCrTzbZqRseGTkpbFx1VhnQB89+PzNAL yzMtiwYLOUQfP8eI77I06TZzLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMifxg6m AFOpLv8Z5tARl3tmqebXMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7KhA9CGEbEHrERsmfthvI5Ztk7ybQ11pgq97OetXaLBqK7bHDfqhZ Fgvr5uDlUgN8SIamOfcBLgfG3I9zt+qoZ+0SCjQXE0mWT6/tdndx+oKVe9ArYxl0 pI5KntL8lSvRkDpfgbRw6mSzcW/UJYdUoa1u/+Y9ElVruXDTDDWlE6PSB9zcnJrb 8RbeFMMkxTQCuK20gJoEQt/h0W+7mhAFdMHFMq+NyCdZJpxRthxjC3nZUn57PgML QdaJ170oZQmhOwVzUQGsXzR//gznZp1x6sRr0v8u3RhkX9mDjgCF17SZ+Fgra+HM KL/7tkdc1JgUJUG4vhYz3qNBSgb80X2f -----END CERTIFICATE-----Generated at Tue Nov 4 19:04:06 2025 by rpki-client