$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json) Hash identifier: MaNatrcAOLYBciJo9B7MfAM72TTrvCuYbsB7M7c/nZc= Subject key identifier: 5A:4B:B7:3F:89:F5:49:7D:1F:13:E0:75:7E:2D:5C:6B:BD:BA:8D:7F Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Certificate serial: 1556 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft Manifest number: 154A Signing time: Mon 20 Oct 2025 17:10:52 +0000 Manifest this update: Mon 20 Oct 2025 17:10:52 +0000 Manifest next update: Mon 27 Oct 2025 17:10:52 +0000 Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: /61wub9GFhADCnUsZrn0e9XMYQ8F2oimtTADKMtz4To=) 2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: Iuc0hvonCQ52vF8J3PK6U6v3ddTApNkT2+JlMCbgaDs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 17:10:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5462 (0x1556) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D2A3, serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644 Validity Not Before: Oct 20 17:10:52 2025 GMT Not After : Oct 27 17:10:52 2025 GMT Subject: CN=68f66d1c-d347 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c5:b8:1a:ab:28:ee:6a:ab:91:53:61:be:e4: 6d:45:9c:76:03:55:87:ca:3b:01:4f:8a:b6:70:fa: 26:2d:9a:65:d2:da:f3:93:22:10:9d:a6:83:35:cb: a9:8f:6e:df:a1:5d:ff:40:67:45:8c:57:bd:12:3b: 13:d3:60:9e:01:62:4f:d8:fc:bd:fc:d8:c1:70:da: 5a:19:82:04:a9:66:34:6c:43:d7:2d:1b:71:21:2f: 68:d5:2c:04:51:41:1f:bd:56:87:f1:a4:5f:b8:83: 83:dd:57:05:fc:cd:be:7e:4a:5d:3a:b1:40:89:25: 9a:a1:aa:d7:78:07:1d:8d:6c:c6:09:85:5b:7e:07: 8c:2b:f0:70:ab:86:a3:98:aa:32:63:8e:ad:2e:f7: e3:fb:40:5a:ea:52:e2:ae:52:18:63:aa:7b:32:f6: 67:e5:f2:c6:16:de:80:e9:6d:92:a3:de:37:21:93: 36:b6:82:86:5b:d7:74:98:0a:5b:69:09:28:d9:6f: 0d:7f:e5:a0:4a:2a:fa:f1:f8:09:3a:c8:ef:a0:8e: 06:db:f6:8f:0a:f7:da:4d:b5:06:de:ea:00:3a:65: 7c:e2:21:38:d3:20:40:d3:6d:23:92:b6:88:7e:e4: 26:09:37:9f:a9:fe:02:0c:4d:2a:96:94:cc:f1:a1: 06:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:4B:B7:3F:89:F5:49:7D:1F:13:E0:75:7E:2D:5C:6B:BD:BA:8D:7F X509v3 Authority Key Identifier: keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:1c:85:6d:09:ee:62:e1:21:e7:09:31:dd:54:b2:bb:a5:e1: b1:2e:5a:75:db:33:a9:18:15:69:d8:98:20:e7:aa:6c:33:83: 46:1e:db:37:62:8f:e2:62:26:e3:8a:1c:1b:c8:0c:1c:44:00: 20:97:70:68:3c:05:2a:df:b0:72:4a:0a:f4:ac:61:38:93:96: ea:9d:3b:29:fa:f4:a0:39:cd:50:3d:14:a8:01:99:68:b5:dc: 0d:62:1b:b0:5a:d4:09:de:d3:09:5a:28:21:be:85:18:0f:32: 91:bb:6c:11:6f:ab:93:79:3a:53:f7:b1:99:70:0b:d0:0d:bd: 37:b4:17:ce:73:43:c6:9b:26:6a:0b:6b:3e:15:cd:c1:a3:d2: 0b:9f:70:5f:77:3e:05:d2:aa:d9:f5:bd:fc:47:15:06:99:ba: ee:76:67:42:49:f8:9b:73:27:3f:d7:d4:11:13:4d:e6:22:9a: 7c:45:8e:5f:e0:70:ef:f7:19:91:85:4a:de:a9:e0:bf:68:bd: 38:f9:b3:d6:20:82:a3:c4:7b:83:ae:dc:75:1d:4d:93:91:92: 42:f7:2d:d0:b9:55:05:de:d2:bc:dc:e1:4b:85:39:d2:f2:db: 50:37:19:db:08:aa:c1:b0:a7:48:bb:95:49:a2:52:64:3a:20: a0:26:fa:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4 REJBNEI2NDQwHhcNMjUxMDIwMTcxMDUyWhcNMjUxMDI3MTcxMDUyWjAYMRYwFAYD VQQDEw02OGY2NmQxYy1kMzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6sW4Gqso7mqrkVNhvuRtRZx2A1WHyjsBT4q2cPomLZpl0trzkyIQnaaDNcup j27foV3/QGdFjFe9EjsT02CeAWJP2Py9/NjBcNpaGYIEqWY0bEPXLRtxIS9o1SwE UUEfvVaH8aRfuIOD3VcF/M2+fkpdOrFAiSWaoarXeAcdjWzGCYVbfgeMK/Bwq4aj mKoyY46tLvfj+0Ba6lLirlIYY6p7MvZn5fLGFt6A6W2So943IZM2toKGW9d0mApb aQko2W8Nf+WgSir68fgJOsjvoI4G2/aPCvfaTbUG3uoAOmV84iE40yBA020jkraI fuQmCTefqf4CDE0qlpTM8aEG/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFpLtz+J 9Ul9HxPgdX4tXGu9uo1/MB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0 a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4 QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRHIVtCe5i4SHnCTHdVLK7peGxLlp12zOpGBVp2Jgg56psM4NGHts3 Yo/iYibjihwbyAwcRAAgl3BoPAUq37BySgr0rGE4k5bqnTsp+vSgOc1QPRSoAZlo tdwNYhuwWtQJ3tMJWighvoUYDzKRu2wRb6uTeTpT97GZcAvQDb03tBfOc0PGmyZq C2s+Fc3Bo9ILn3Bfdz4F0qrZ9b38RxUGmbrudmdCSfibcyc/19QRE03mIpp8RY5f 4HDv9xmRhUreqeC/aL04+bPWIIKjxHuDrtx1HU2TkZJC9y3QuVUF3tK83OFLhTnS 8ttQNxnbCKrBsKdIu5VJolJkOiCgJvp9 -----END CERTIFICATE-----Generated at Mon Oct 20 19:29:02 2025 by rpki-client