$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft File: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft (raw, json) Hash identifier: CsB4bPfGR6NapF/jVC7822aYvLbh6mR9htHRNNmeG4s= Subject key identifier: D9:D8:C2:10:5E:BB:DD:17:B9:08:1B:E8:C6:95:7F:92:71:F2:4D:02 Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 2235 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft Manifest number: 21EB Signing time: Tue 04 Nov 2025 15:59:13 +0000 Manifest this update: Tue 04 Nov 2025 15:59:13 +0000 Manifest next update: Tue 11 Nov 2025 15:59:13 +0000 Files and hashes: 1: Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl (hash: 1NnKKR8+3Bb+y8jcOfYFcDOJ4C3ltVB1tg++Rr9pFqI=) 2: 5F649D88F27E11EE8704D12FC4F9AE02.roa (hash: 9qbnU5NoZnRKr5UON4q3pztK39xd0U7HOmGKLDSw1XM=) 3: 5EDC2B56F27E11EE8704D12FC4F9AE02.roa (hash: IkaJ8i577C8HJn9L10GXsDg7dnEgDNc7V/0u1lmvtUc=) 4: 586B33AEF44611EBA78C117AC4F9AE02.roa (hash: W3kQqETMCmWx1rkG4UQFdMD9AvtHip25lMvzH/UT/O4=) 5: 5480D316764D11EA8CB5C039C4F9AE02.roa (hash: d+3xI/dPiUPnPzisac55VOoaa2WbK4PwW/+8FsppPKo=) 6: 11DE1CDA467611EC988CDC09C4F9AE02.roa (hash: VRoVKZ5apQPibJfYuezBj0SVEXkfapSpmG0vCNALPFk=) 7: A73C0BF6D93511E6B2617F7BC4F9AE02.roa (hash: tha3MuUqAY4uta6oQkpRf/6b/EDrjv+89kT9R3U6DBE=) 8: 63BFE4C0292811EEAF894530C4F9AE02.roa (hash: 8CfQ0/1GwUUp0J0kvZBXA7fizuzpoZuw6UptgYm1mO8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:59:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8757 (0x2235) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Nov 4 15:59:13 2025 GMT Not After : Nov 11 15:59:13 2025 GMT Subject: CN=690a22d1-ee4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:19:e2:21:b5:75:6c:bb:b9:dc:90:55:7e:7f: 18:35:81:75:d6:94:d1:05:b8:30:78:b3:06:ad:88: 28:b4:53:72:5a:7e:fe:28:99:5b:1c:b8:ed:54:8c: f4:f3:74:ed:44:e3:54:5c:15:88:cc:ae:42:e6:24: de:66:d3:00:63:4a:17:e0:9c:ba:3f:94:2f:51:d4: fa:e1:78:3b:ea:d0:dd:a2:0d:5f:d3:e2:1a:fd:d3: 79:68:8f:97:bd:69:e4:df:ca:ef:26:9f:0d:76:d1: b6:c3:09:e5:c3:d5:be:df:e8:13:b4:a9:ec:4e:00: 10:dc:c7:0b:fc:77:bb:38:7f:b4:e6:32:08:4b:51: 9b:6d:7b:8d:b7:ef:66:10:51:10:75:d2:0d:12:53: 43:12:5f:9f:2c:08:eb:46:86:2b:39:e2:0f:0d:8c: 4d:fa:16:c4:ef:0a:5d:b0:09:b3:d7:bd:e9:b6:af: eb:91:ea:f0:49:1d:95:fa:a3:ec:c7:86:e7:68:11: 90:5d:79:06:16:46:1c:00:b3:c9:27:8d:22:8d:ea: 39:f2:6e:db:28:bc:c4:d9:bb:46:33:ee:c2:ad:78: a8:17:e1:f8:51:67:c5:4b:43:05:21:ea:31:6a:de: 48:a0:ed:08:b8:55:d8:0a:dd:d0:00:04:27:31:9b: d2:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:D8:C2:10:5E:BB:DD:17:B9:08:1B:E8:C6:95:7F:92:71:F2:4D:02 X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:91:64:3c:6e:4e:0c:64:ef:66:d9:cc:19:e6:aa:84:8e:b2: 42:ab:be:91:47:5f:24:cc:c5:ba:70:84:eb:6e:66:21:ac:cc: 8c:00:7a:7b:15:67:18:06:30:a6:45:f5:94:00:2e:8a:08:a7: 24:2f:1e:c7:3d:4d:df:d2:c9:26:52:a3:19:dd:5d:c9:1b:1c: 5a:5c:66:c3:43:3d:47:db:be:a6:ec:94:65:bc:d9:2b:54:ff: 17:57:38:19:4b:1e:87:87:d8:4c:2b:7a:1e:3b:42:87:6c:43: 42:6b:cc:91:24:c6:bb:d2:f6:37:c3:3d:e7:8a:60:24:f1:5a: 6f:37:81:3b:98:2b:b1:07:c2:ea:5a:88:ac:ab:40:06:65:28: f5:46:6b:47:e1:4e:aa:ec:1e:31:2f:f7:5c:47:4b:8d:04:dc: 1d:f1:82:0f:4e:d5:48:cd:2d:f3:0d:d5:0b:41:6d:08:8a:98: ea:6b:cd:ae:3a:8a:27:b4:09:5d:0f:ad:ee:21:21:a4:6a:71: df:0f:42:cd:3c:85:93:83:96:87:37:49:7c:f7:11:25:d5:f9: 2a:cb:94:a5:43:57:b3:72:25:64:db:8e:93:aa:a0:5b:01:51: db:26:96:bb:7d:a9:50:88:3b:45:8b:c8:52:f2:55:f8:4f:d5: a1:96:f2:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUxMTA0MTU1OTEzWhcNMjUxMTExMTU1OTEzWjAYMRYwFAYD VQQDEw02OTBhMjJkMS1lZTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwxniIbV1bLu53JBVfn8YNYF11pTRBbgweLMGrYgotFNyWn7+KJlbHLjtVIz0 83TtRONUXBWIzK5C5iTeZtMAY0oX4Jy6P5QvUdT64Xg76tDdog1f0+Ia/dN5aI+X vWnk38rvJp8NdtG2wwnlw9W+3+gTtKnsTgAQ3McL/He7OH+05jIIS1GbbXuNt+9m EFEQddINElNDEl+fLAjrRoYrOeIPDYxN+hbE7wpdsAmz173ptq/rkerwSR2V+qPs x4bnaBGQXXkGFkYcALPJJ40ijeo58m7bKLzE2btGM+7CrXioF+H4UWfFS0MFIeox at5IoO0IuFXYCt3QAAQnMZvS6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNnYwhBe u90XuQgb6MaVf5Jx8k0CMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEVCRi81Rjg0RDdEOERCODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24w S0l2TkR3cFVKUTFaTDFRTlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1kWQ8bk4MZO9m2cwZ5qqEjrJCq76RR18kzMW6cITrbmYhrMyMAHp7 FWcYBjCmRfWUAC6KCKckLx7HPU3f0skmUqMZ3V3JGxxaXGbDQz1H276m7JRlvNkr VP8XVzgZSx6Hh9hMK3oeO0KHbENCa8yRJMa70vY3wz3nimAk8VpvN4E7mCuxB8Lq Woisq0AGZSj1RmtH4U6q7B4xL/dcR0uNBNwd8YIPTtVIzS3zDdULQW0Iipjqa82u OoontAldD63uISGkanHfD0LNPIWTg5aHN0l89xEl1fkqy5SlQ1ezciVk246TqqBb AVHbJpa7falQiDtFi8hS8lX4T9WhlvLQ -----END CERTIFICATE-----Generated at Wed Nov 5 16:31:07 2025 by rpki-client