$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft File: ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft (raw, json) Hash identifier: OdqlW33ycJTtUrRnqeuM4K9KEwH4U7cOhtwDy2Td5B0= Subject key identifier: E5:0C:F8:CF:BF:8A:F7:EC:D3:48:DE:E9:C7:CE:4C:16:EB:43:2A:EF Authority key identifier: A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 Certificate issuer: /CN=A91EDF00/serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Certificate serial: 04B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft Manifest number: 04B0 Signing time: Wed 05 Nov 2025 00:00:32 +0000 Manifest this update: Wed 05 Nov 2025 00:00:31 +0000 Manifest next update: Wed 12 Nov 2025 00:00:31 +0000 Files and hashes: 1: ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl (hash: qWl+5mBiL4G7TuVtTW7jphZxVUL6NzVNyHDkC+HAJFo=) 2: 1B97FEB84E8111ECA3589560C4F9AE02.roa (hash: xAvVS/7W7xtAjphmjIYm8eiwHHWi2VdeCNpBEO7D7og=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1204 (0x4b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDF00, serialNumber=A33CCA81B55E04655D1B5A7E2CE688C3E46FC530 Validity Not Before: Nov 5 00:00:31 2025 GMT Not After : Nov 12 00:00:31 2025 GMT Subject: CN=690a939f-cd90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:2c:1f:59:83:42:4f:96:a0:3b:59:2c:9d:c4: da:6f:da:c8:f7:21:ac:b5:6d:79:dd:79:bd:e9:5a: a1:51:5d:ad:05:8b:85:51:e4:67:c7:fd:10:ed:99: 5c:9d:7b:72:6e:2e:73:e6:29:06:1b:3c:09:8e:6a: 31:35:cc:76:45:7c:49:d4:0a:33:c5:18:0a:14:c7: 97:76:d4:8f:2a:e6:67:84:44:7f:18:63:60:15:56: 11:a4:f5:93:72:0d:3a:80:01:79:23:33:55:31:39: 16:a2:ef:af:bf:08:1d:79:06:2c:78:99:36:2c:49: 53:47:7e:d8:60:39:99:a2:52:cb:a0:3d:cf:7f:d0: 65:68:61:fc:c6:aa:a2:d8:cf:08:0b:b6:c1:ab:2d: 56:df:1b:69:ac:e7:8c:75:17:ee:e2:0f:a1:9c:72: 1e:a9:5e:64:d0:10:a8:b3:e9:21:50:62:6b:81:5a: a4:cd:e0:f5:3b:b2:80:a9:e1:b2:69:96:12:26:6f: 9f:a7:af:ba:3d:b0:31:58:63:0d:5e:a3:e7:97:82: 26:6d:66:80:03:3a:7a:4d:94:38:2c:63:41:ea:48: 64:09:8d:d0:5c:d4:f5:5b:ec:c4:c1:c3:25:d3:ae: 7a:37:95:5b:0f:a7:be:e4:5d:99:eb:76:3e:20:d3: 16:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:0C:F8:CF:BF:8A:F7:EC:D3:48:DE:E9:C7:CE:4C:16:EB:43:2A:EF X509v3 Authority Key Identifier: keyid:A3:3C:CA:81:B5:5E:04:65:5D:1B:5A:7E:2C:E6:88:C3:E4:6F:C5:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozzKgbVeBGVdG1p-LOaIw-RvxTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDF00/3AE0034A4E7E11EC9E298429C4F9AE02/ozzKgbVeBGVdG1p-LOaIw-RvxTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:ec:7d:4b:4b:cb:7d:0e:22:ce:9a:e8:2c:4b:e7:d2:3a:50: aa:05:bf:40:56:cf:57:b1:d4:eb:73:25:a2:5a:b6:ea:68:27: 73:68:9f:b8:54:67:c5:2b:2f:1a:91:f0:3f:3f:fb:43:c8:91: 36:7b:39:be:34:8a:2d:09:ec:68:80:4d:32:04:a5:7d:6a:6a: a6:bc:45:98:e6:1c:e6:db:68:ce:f6:2f:65:df:2c:65:6c:5a: ac:33:e2:41:a9:23:3a:75:b4:80:9f:02:73:be:9d:b2:ec:87: 31:bf:68:c2:67:bc:98:68:ec:89:92:61:e5:d0:81:8f:23:2e: 7f:84:97:3e:f1:ca:7c:e1:25:b5:3e:42:d4:0d:09:1f:d6:b3: 67:b3:9a:ae:09:98:27:50:c6:12:42:71:ce:8d:48:0f:f0:1d: f4:eb:66:71:ff:39:0f:48:75:ee:94:9a:17:20:34:93:e5:1f: a4:f5:05:ca:ee:f7:3b:ec:72:d6:fa:80:bd:ce:bf:27:57:81: 41:af:79:ea:07:2e:95:1b:44:01:d3:37:1a:8e:48:b6:2a:64: fc:98:5c:84:e8:22:3d:c4:e4:e3:30:2a:71:11:ae:10:d4:db: 28:d3:3c:29:9c:a9:fb:16:9c:e2:9d:11:09:30:31:e4:0d:0d: 00:59:81:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RURGMDAxMTAvBgNVBAUTKEEzM0NDQTgxQjU1RTA0NjU1RDFCNUE3RTJDRTY4OEMz RTQ2RkM1MzAwHhcNMjUxMTA1MDAwMDMxWhcNMjUxMTEyMDAwMDMxWjAYMRYwFAYD VQQDEw02OTBhOTM5Zi1jZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2iwfWYNCT5agO1ksncTab9rI9yGstW153Xm96VqhUV2tBYuFUeRnx/0Q7Zlc nXtybi5z5ikGGzwJjmoxNcx2RXxJ1AozxRgKFMeXdtSPKuZnhER/GGNgFVYRpPWT cg06gAF5IzNVMTkWou+vvwgdeQYseJk2LElTR37YYDmZolLLoD3Pf9BlaGH8xqqi 2M8IC7bBqy1W3xtprOeMdRfu4g+hnHIeqV5k0BCos+khUGJrgVqkzeD1O7KAqeGy aZYSJm+fp6+6PbAxWGMNXqPnl4ImbWaAAzp6TZQ4LGNB6khkCY3QXNT1W+zEwcMl 0656N5VbD6e+5F2Z63Y+INMW7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOUM+M+/ ivfs00je6cfOTBbrQyrvMB8GA1UdIwQYMBaAFKM8yoG1XgRlXRtafizmiMPkb8Uw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREYwMC8zQUUwMDM0QTRF N0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJHVmRHMXAtTE9hSXctUnZ4 VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL296ektnYlZlQkdWZEcxcC1MT2FJdy1SdnhUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF REYwMC8zQUUwMDM0QTRFN0UxMUVDOUUyOTg0MjlDNEY5QUUwMi9venpLZ2JWZUJH VmRHMXAtTE9hSXctUnZ4VEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB17H1LS8t9DiLOmugsS+fSOlCqBb9AVs9XsdTrcyWiWrbqaCdzaJ+4 VGfFKy8akfA/P/tDyJE2ezm+NIotCexogE0yBKV9amqmvEWY5hzm22jO9i9l3yxl bFqsM+JBqSM6dbSAnwJzvp2y7Icxv2jCZ7yYaOyJkmHl0IGPIy5/hJc+8cp84SW1 PkLUDQkf1rNns5quCZgnUMYSQnHOjUgP8B3062Zx/zkPSHXulJoXIDST5R+k9QXK 7vc77HLW+oC9zr8nV4FBr3nqBy6VG0QB0zcajki2KmT8mFyE6CI9xOTjMCpxEa4Q 1Nso0zwpnKn7FpzinREJMDHkDQ0AWYFU -----END CERTIFICATE-----Generated at Wed Nov 5 13:47:32 2025 by rpki-client