$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: upQP63uQ13Sni3vpNiXjWOMGNgE9SLtZ0XWo10/WSK4= Subject key identifier: 6F:2A:46:BE:0C:C2:4A:D4:6E:59:FE:9F:B0:50:2B:72:17:BA:6F:19 Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 097C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 0975 Signing time: Fri 22 Aug 2025 20:16:14 +0000 Manifest this update: Fri 22 Aug 2025 20:16:14 +0000 Manifest next update: Fri 29 Aug 2025 20:16:14 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: 8iG/ZPEMW4AIe/mkxOtWYmgw/I574P5Qt0vBnTe9qio=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 20:16:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2428 (0x97c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Aug 22 20:16:14 2025 GMT Not After : Aug 29 20:16:14 2025 GMT Subject: CN=68a8d00e-fc19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:47:ef:eb:f1:de:df:32:bd:61:de:d4:1a:47: 1c:22:3c:f4:42:b9:1b:58:68:7d:c4:97:29:2c:5c: 27:2d:fb:1a:c5:a4:b9:2b:dc:f4:92:8d:34:e1:9e: 2b:6c:59:62:4b:37:9a:6e:f4:08:14:c4:b8:17:28: 4d:f7:ae:08:8d:54:10:d9:f3:ce:f1:dc:23:10:ef: 93:c2:8a:30:ba:26:7a:1a:a2:f3:1d:88:98:06:55: c5:3d:39:ab:3e:18:6b:55:19:83:0f:ed:23:83:a4: bc:c5:77:92:30:9a:da:6c:77:f7:62:9a:af:69:c1: 17:16:ba:dc:da:5c:13:3b:bc:26:cc:ad:e7:d9:49: 48:76:57:c9:72:22:ec:5e:bf:22:c4:b3:96:99:e7: a9:c6:4d:74:66:5b:59:73:7b:cc:2b:52:9f:c9:bb: b4:33:f3:29:28:b2:c3:06:05:bf:25:ed:5d:e5:6b: 2c:85:56:21:95:fe:68:cb:ec:04:8a:ad:ac:d3:d9: a1:a7:f6:84:da:f2:50:22:58:a0:76:0f:b4:14:f6: ae:6a:52:45:de:38:a7:c7:01:fd:bb:4b:18:f9:69: 88:06:f7:9a:29:de:2b:b8:06:f9:f3:bb:6a:53:df: 3f:a8:fe:33:5a:7d:4d:1c:e8:e4:fb:36:86:0e:86: 36:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:2A:46:BE:0C:C2:4A:D4:6E:59:FE:9F:B0:50:2B:72:17:BA:6F:19 X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:3a:e4:ed:1f:0b:e4:99:03:28:c7:e7:82:40:ae:26:71:6e: e4:40:ca:83:12:ba:d3:5d:c4:13:38:00:3c:ca:da:93:ac:08: 4e:c3:b9:07:22:f4:97:8a:d8:a5:9c:51:e1:cb:26:ac:a4:16: fb:35:2f:ad:46:53:1f:7b:b5:41:0b:72:1b:52:19:07:21:10: 46:66:44:9d:ec:53:08:9e:5f:df:b0:0f:c8:3e:1b:37:56:2d: a4:62:c8:b6:df:e0:8e:bd:87:d6:85:5f:5b:a3:ef:62:43:62: 55:c0:9c:cc:c4:5a:bd:a4:56:55:e8:08:37:04:82:00:01:af: 54:1b:8e:58:42:1d:5b:ae:57:db:b4:46:b0:ca:a0:80:3f:67: c3:41:10:45:7d:82:01:1b:6c:f5:f3:f6:27:c3:6b:00:26:3d: 24:a1:80:0d:cd:1d:fe:66:9a:36:36:88:b0:3e:e6:80:42:6f: 47:ac:ca:4c:d1:82:4a:55:c8:9e:7c:50:dc:9a:53:a9:ea:9d: 50:09:46:ea:00:e9:87:ee:66:21:87:30:5f:32:ba:cc:09:7c: e5:f1:50:1a:70:71:5b:f9:5b:00:a2:03:52:73:ab:1e:87:3f: 99:cf:ad:af:09:92:37:e4:30:31:db:d3:e4:22:a5:67:fa:d1: 02:0a:cc:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwODIyMjAxNjE0WhcNMjUwODI5MjAxNjE0WjAYMRYwFAYD VQQDEw02OGE4ZDAwZS1mYzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEfv6/He3zK9Yd7UGkccIjz0QrkbWGh9xJcpLFwnLfsaxaS5K9z0ko004Z4r bFliSzeabvQIFMS4FyhN964IjVQQ2fPO8dwjEO+TwoowuiZ6GqLzHYiYBlXFPTmr PhhrVRmDD+0jg6S8xXeSMJrabHf3YpqvacEXFrrc2lwTO7wmzK3n2UlIdlfJciLs Xr8ixLOWmeepxk10ZltZc3vMK1Kfybu0M/MpKLLDBgW/Je1d5WsshVYhlf5oy+wE iq2s09mhp/aE2vJQIligdg+0FPaualJF3jinxwH9u0sY+WmIBveaKd4ruAb587tq U98/qP4zWn1NHOjk+zaGDoY2swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG8qRr4M wkrUbln+n7BQK3IXum8ZMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvOuTtHwvkmQMox+eCQK4mcW7kQMqDErrTXcQTOAA8ytqTrAhOw7kH IvSXitilnFHhyyaspBb7NS+tRlMfe7VBC3IbUhkHIRBGZkSd7FMInl/fsA/IPhs3 Vi2kYsi23+COvYfWhV9bo+9iQ2JVwJzMxFq9pFZV6Ag3BIIAAa9UG45YQh1brlfb tEawyqCAP2fDQRBFfYIBG2z18/Ynw2sAJj0koYANzR3+Zpo2NoiwPuaAQm9HrMpM 0YJKVciefFDcmlOp6p1QCUbqAOmH7mYhhzBfMrrMCXzl8VAacHFb+VsAogNSc6se hz+Zz62vCZI35DAx29PkIqVn+tECCswQ -----END CERTIFICATE-----Generated at Sun Aug 24 04:50:41 2025 by rpki-client