$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft File: oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft (raw, json) Hash identifier: CZWWzCK0hGcC3yfOXk9xqYKS2cra5Gr3GWacJl56+ag= Subject key identifier: 89:E8:7E:45:30:E5:B1:2F:7E:62:3C:CF:F7:2E:91:84:F1:FE:BC:80 Authority key identifier: A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57 Certificate issuer: /CN=A91FAA91/serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657 Certificate serial: 0200 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft Manifest number: 01E3 Signing time: Mon 03 Nov 2025 02:58:05 +0000 Manifest this update: Mon 03 Nov 2025 02:58:05 +0000 Manifest next update: Mon 10 Nov 2025 02:58:05 +0000 Files and hashes: 1: oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl (hash: FEP/+JRoAkIrPXACliFZPCgyEFh9v3aU6N+8gSZIY7k=) 2: CE65A4E4A57E11EFA1B6E428C4F9AE02.roa (hash: 1SKbx2XsDMYzA80POo6zzafuauDwKbPNh6n7Ob5AjVA=) 3: D0103496FD6611EE9188C568C4F9AE02.roa (hash: PxpNeamT7nJAO8ypf86mF4tTFHjbBgphhBI0WaQ2K6I=) 4: 13D68EB430AB11F0A15DC75AC4F9AE02.roa (hash: 8ceZRP/XUhaUyTjeioD/K4mCivFkQCLXcH6cjJ7JFq0=) 5: E762B166FAF811EE92A3642EC4F9AE02.roa (hash: e/dOTjn5zjRzl7VVF4lYBqEjUR3aP4ajbLKyVpxXtqo=) 6: 803597528D5911F087734E0BC4F9AE02.roa (hash: nE7csU7wzmCX2AbBS7z4n8sEfZSzQpZLx/oSC0wZ/sk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:58:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 512 (0x200) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAA91, serialNumber=A0C80CEE063C9CC82CDCB0BC745C4FE46DD02657 Validity Not Before: Nov 3 02:58:05 2025 GMT Not After : Nov 10 02:58:05 2025 GMT Subject: CN=69081a3d-bf19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3c:30:94:53:93:c2:7c:23:53:4c:b7:fb:fa: f3:9d:43:33:6a:6c:23:31:7c:61:6e:0b:56:87:32: e2:7d:37:cd:74:cb:3f:99:fa:68:b2:c8:54:d0:de: 91:c0:18:a1:a9:6d:0f:0c:59:af:2d:e0:41:b1:90: 1c:e0:23:86:64:b7:87:10:b8:65:8c:6e:04:9b:9d: 5d:3e:0f:40:27:f4:f6:60:be:3d:5f:10:24:80:2f: d1:0d:66:75:e2:76:68:b2:b6:73:ff:ab:f9:6b:2e: 65:3a:92:14:e1:77:1b:eb:d2:8a:bc:4e:d4:18:dc: 56:dc:59:f5:15:3e:b3:0d:ae:22:e2:fb:d4:07:63: 57:32:61:92:fd:a3:3a:80:3d:21:5f:ff:fc:99:14: 22:ce:29:15:12:0e:96:04:cd:48:04:10:a2:93:a8: 6b:17:a5:d2:f6:66:78:c5:4c:94:9f:44:1f:91:5d: 48:c9:e4:04:a8:4b:8e:ac:b7:06:2d:58:40:1f:2d: 17:f1:96:2f:9d:d9:a6:27:ad:3c:cb:94:44:18:a0: 55:a7:97:50:cb:11:4e:15:cf:71:68:62:5c:7c:70: 47:38:27:33:7f:b3:9c:2f:f0:d5:78:46:69:d7:ce: 5a:bb:84:9a:c4:4c:73:e2:c7:97:35:54:39:fb:58: c1:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E8:7E:45:30:E5:B1:2F:7E:62:3C:CF:F7:2E:91:84:F1:FE:BC:80 X509v3 Authority Key Identifier: keyid:A0:C8:0C:EE:06:3C:9C:C8:2C:DC:B0:BC:74:5C:4F:E4:6D:D0:26:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oMgM7gY8nMgs3LC8dFxP5G3QJlc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA91/9420D2100A5A11EEA3F5B441C4F9AE02/oMgM7gY8nMgs3LC8dFxP5G3QJlc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:27:c2:68:45:26:65:98:b2:18:bc:cf:e1:38:b2:f9:f5:45: 6d:be:a3:8f:f5:5e:fe:21:77:d2:2d:f5:4d:a1:b7:1b:a7:b1: dc:8b:e7:b6:ff:5d:9e:a9:13:0d:0b:7f:1f:c3:55:a6:91:e4: 6f:8a:5b:e8:9e:0a:26:d6:97:d3:14:86:df:75:91:5c:57:cb: 76:39:84:c8:2e:e8:90:c3:f2:c3:53:f2:4e:dc:d4:5f:7d:ea: 5a:31:c7:b9:5b:ae:d3:60:a4:e8:0b:71:81:e7:cb:41:f5:32: e0:42:b2:93:76:9f:73:89:79:88:7a:59:b7:bc:e5:a6:66:76: 18:3e:6d:5a:cb:7c:23:79:28:4b:21:60:49:c4:aa:d1:df:0a: 55:67:45:90:d1:8b:d5:e7:df:01:9a:23:54:76:b9:d0:f8:bb: d4:3c:d1:2b:d5:77:a5:f1:a7:3b:59:6f:06:0f:81:3c:ab:25: b0:54:5d:20:6f:67:9e:3e:12:3c:cc:15:40:d1:f3:d0:fc:c6: f6:91:32:3d:f0:b5:e0:59:f9:d6:6f:fd:99:1c:36:00:db:43: dd:d3:a8:02:ae:a0:b7:24:65:63:21:f8:f7:fe:e3:fc:b8:67: 4a:bb:a7:00:24:f5:97:bf:75:a4:16:13:63:0e:c8:cd:e2:76: 8d:c3:d0:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFBOTExMTAvBgNVBAUTKEEwQzgwQ0VFMDYzQzlDQzgyQ0RDQjBCQzc0NUM0RkU0 NkREMDI2NTcwHhcNMjUxMTAzMDI1ODA1WhcNMjUxMTEwMDI1ODA1WjAYMRYwFAYD VQQDEw02OTA4MWEzZC1iZjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsjwwlFOTwnwjU0y3+/rznUMzamwjMXxhbgtWhzLifTfNdMs/mfposshU0N6R wBihqW0PDFmvLeBBsZAc4COGZLeHELhljG4Em51dPg9AJ/T2YL49XxAkgC/RDWZ1 4nZosrZz/6v5ay5lOpIU4Xcb69KKvE7UGNxW3Fn1FT6zDa4i4vvUB2NXMmGS/aM6 gD0hX//8mRQizikVEg6WBM1IBBCik6hrF6XS9mZ4xUyUn0QfkV1IyeQEqEuOrLcG LVhAHy0X8ZYvndmmJ608y5REGKBVp5dQyxFOFc9xaGJcfHBHOCczf7OcL/DVeEZp 185au4SaxExz4seXNVQ5+1jBoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInofkUw 5bEvfmI8z/cukYTx/ryAMB8GA1UdIwQYMBaAFKDIDO4GPJzILNywvHRcT+Rt0CZX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUE5MS85NDIwRDIxMDBB NUExMUVFQTNGNUI0NDFDNEY5QUUwMi9vTWdNN2dZOG5NZ3MzTEM4ZEZ4UDVHM1FK bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29NZ003Z1k4bk1nczNMQzhkRnhQNUczUUpsYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUE5MS85NDIwRDIxMDBBNUExMUVFQTNGNUI0NDFDNEY5QUUwMi9vTWdNN2dZOG5N Z3MzTEM4ZEZ4UDVHM1FKbGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIJ8JoRSZlmLIYvM/hOLL59UVtvqOP9V7+IXfSLfVNobcbp7Hci+e2 /12eqRMNC38fw1WmkeRvilvongom1pfTFIbfdZFcV8t2OYTILuiQw/LDU/JO3NRf fepaMce5W67TYKToC3GB58tB9TLgQrKTdp9ziXmIelm3vOWmZnYYPm1ay3wjeShL IWBJxKrR3wpVZ0WQ0YvV598BmiNUdrnQ+LvUPNEr1Xel8ac7WW8GD4E8qyWwVF0g b2eePhI8zBVA0fPQ/Mb2kTI98LXgWfnWb/2ZHDYA20Pd06gCrqC3JGVjIfj3/uP8 uGdKu6cAJPWXv3WkFhNjDsjN4naNw9A/ -----END CERTIFICATE-----Generated at Tue Nov 4 16:37:28 2025 by rpki-client