$ rpki-client -vvf rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft File: OAHjYU99QEcCrkIssnnlHcnRTKI.mft (raw, json) Hash identifier: R6ymPtuK/GDyimWeN98IZckfJU43mNngQ2MHG7GJlKw= Subject key identifier: 78:EE:D0:C2:03:2C:7F:F9:B7:46:11:F7:E4:C6:C4:21:E1:A1:17:B6 Authority key identifier: 38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 Certificate issuer: /CN=A912383B/serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Certificate serial: 0857 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft Manifest number: 0850 Signing time: Sat 18 Oct 2025 21:53:44 +0000 Manifest this update: Sat 18 Oct 2025 21:53:43 +0000 Manifest next update: Sat 25 Oct 2025 21:53:43 +0000 Files and hashes: 1: OAHjYU99QEcCrkIssnnlHcnRTKI.crl (hash: O7c+eXChsO679WV0IRfGU5LevoHQ+j/GgaEZcySvXKc=) 2: 4E4AF4A2C2B111EBABFFA212C4F9AE02.roa (hash: OwVRnVKX5TIRRxRa7tYPZCkquxRI/+jnc5rYmXmYkKM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:53:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2135 (0x857) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912383B, serialNumber=3801E3614F7D404702AE422CB279E51DC9D14CA2 Validity Not Before: Oct 18 21:53:43 2025 GMT Not After : Oct 25 21:53:43 2025 GMT Subject: CN=68f40c67-3022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b4:f0:76:a3:e9:f5:d1:fc:07:3a:88:a0:15: e7:39:a5:3c:96:f2:d5:81:ec:09:7c:c4:22:35:10: 04:58:4c:83:a2:9e:d7:46:11:ab:44:a3:52:74:cf: 0c:6c:f8:b7:29:e5:68:33:cd:d9:74:4a:27:ad:b0: dd:b8:a9:79:cd:af:20:10:4c:1a:22:c3:d7:5d:58: a0:63:80:ca:db:58:db:51:d9:7d:75:7d:5b:05:06: a7:35:37:58:bd:56:9b:d0:56:0f:f7:17:ba:7f:34: 2d:08:4c:92:21:e6:e0:ef:81:37:50:22:00:2d:7a: 3b:db:ad:c0:1a:68:fe:cc:82:70:f4:e3:5b:24:65: 01:a4:e1:ba:cd:7a:72:bb:74:58:ec:5f:f9:0c:fa: 7c:00:cb:34:b4:7e:1e:d1:77:e8:96:0b:ae:6d:2c: 93:79:38:40:e3:3f:bb:0a:30:57:59:e3:a8:12:49: ad:e1:bf:84:ce:bf:d3:0f:8d:71:89:35:0a:2e:43: 87:2b:f7:04:c5:eb:2e:7f:67:28:cf:44:2e:11:8b: c2:b9:51:f2:96:d8:cf:84:db:31:fb:88:26:05:16: 16:24:89:6b:46:57:cf:b0:05:28:4b:f2:4f:98:59: b2:f2:da:d4:88:93:eb:d0:6c:6b:b6:c1:68:5b:9c: 8e:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:EE:D0:C2:03:2C:7F:F9:B7:46:11:F7:E4:C6:C4:21:E1:A1:17:B6 X509v3 Authority Key Identifier: keyid:38:01:E3:61:4F:7D:40:47:02:AE:42:2C:B2:79:E5:1D:C9:D1:4C:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OAHjYU99QEcCrkIssnnlHcnRTKI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912383B/FBBA9E9CE02311EA9922DE42C4F9AE02/OAHjYU99QEcCrkIssnnlHcnRTKI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:20:84:d9:3c:d1:62:a3:9f:65:a9:e5:bf:d0:96:20:75:fe: 4a:ce:80:ff:d7:fb:6d:50:c0:38:a1:26:0f:36:05:df:35:85: fe:28:83:42:72:17:d8:b8:b7:f3:9c:4f:0d:40:dc:f0:d1:87: e1:99:7e:63:b3:b1:3f:91:18:67:87:c3:82:64:ba:99:85:bc: 33:93:2d:2d:53:8c:ed:95:78:22:da:ea:11:f2:07:ac:e7:4d: 40:c3:ea:a9:d3:c2:24:49:99:01:e6:f1:b7:3f:63:e8:44:55: 9b:92:05:29:9f:6f:60:c3:8f:92:d3:db:5a:fb:12:0d:45:45: 5a:1f:e0:db:6e:23:c8:da:30:ee:22:03:a9:12:41:c8:3d:26: 42:38:29:34:49:fb:a4:6f:56:c2:c5:15:92:bf:f6:ad:f1:84: eb:91:34:cb:02:a2:7b:f3:41:a1:45:b7:54:ff:d8:89:12:f6: 29:e2:bf:64:f6:cb:48:43:79:b4:9f:85:58:ba:74:c4:ce:5b: aa:fe:21:ba:1b:0d:cf:a1:51:ad:fe:57:55:18:ca:0c:54:b5: 02:26:41:ab:99:65:07:28:ee:a9:03:64:16:00:8e:dc:f2:4f: 73:cf:24:75:e5:9f:ee:8a:ed:47:f4:34:64:58:98:d1:8c:13: 4f:7e:6f:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4M0IxMTAvBgNVBAUTKDM4MDFFMzYxNEY3RDQwNDcwMkFFNDIyQ0IyNzlFNTFE QzlEMTRDQTIwHhcNMjUxMDE4MjE1MzQzWhcNMjUxMDI1MjE1MzQzWjAYMRYwFAYD VQQDEw02OGY0MGM2Ny0zMDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzrTwdqPp9dH8BzqIoBXnOaU8lvLVgewJfMQiNRAEWEyDop7XRhGrRKNSdM8M bPi3KeVoM83ZdEonrbDduKl5za8gEEwaIsPXXVigY4DK21jbUdl9dX1bBQanNTdY vVab0FYP9xe6fzQtCEySIebg74E3UCIALXo7263AGmj+zIJw9ONbJGUBpOG6zXpy u3RY7F/5DPp8AMs0tH4e0XfolguubSyTeThA4z+7CjBXWeOoEkmt4b+Ezr/TD41x iTUKLkOHK/cExesuf2coz0QuEYvCuVHyltjPhNsx+4gmBRYWJIlrRlfPsAUoS/JP mFmy8trUiJPr0GxrtsFoW5yObQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHju0MID LH/5t0YR9+TGxCHhoRe2MB8GA1UdIwQYMBaAFDgB42FPfUBHAq5CLLJ55R3J0Uyi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgzQi9GQkJBOUU5Q0Uw MjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFFY0Nya0lzc25ubEhjblJU S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09BSGpZVTk5UUVjQ3JrSXNzbm5sSGNuUlRLSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgzQi9GQkJBOUU5Q0UwMjMxMUVBOTkyMkRFNDJDNEY5QUUwMi9PQUhqWVU5OVFF Y0Nya0lzc25ubEhjblJUS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfIITZPNFio59lqeW/0JYgdf5KzoD/1/ttUMA4oSYPNgXfNYX+KINC chfYuLfznE8NQNzw0YfhmX5js7E/kRhnh8OCZLqZhbwzky0tU4ztlXgi2uoR8ges 501Aw+qp08IkSZkB5vG3P2PoRFWbkgUpn29gw4+S09ta+xINRUVaH+DbbiPI2jDu IgOpEkHIPSZCOCk0Sfukb1bCxRWSv/at8YTrkTTLAqJ780GhRbdU/9iJEvYp4r9k 9stIQ3m0n4VYunTEzluq/iG6Gw3PoVGt/ldVGMoMVLUCJkGrmWUHKO6pA2QWAI7c 8k9zzyR15Z/uiu1H9DRkWJjRjBNPfm9m -----END CERTIFICATE-----Generated at Mon Oct 20 13:50:16 2025 by rpki-client