$ rpki-client -vvf rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft File: OHvc-OlHoaBOL0OH-99wZUpE0b0.mft (raw, json) Hash identifier: lNqOozxnWUXUASMsV2sUmkFLGLOE4C1j0F/5IaEdUfc= Subject key identifier: F5:BA:B9:6B:33:93:84:18:99:FA:BD:E0:FF:6A:24:53:4A:6F:CD:EA Authority key identifier: 38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD Certificate issuer: /CN=A913ACF4/serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Certificate serial: 0962 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft Manifest number: 095B Signing time: Wed 02 Jul 2025 20:26:25 +0000 Manifest this update: Wed 02 Jul 2025 20:26:24 +0000 Manifest next update: Wed 09 Jul 2025 20:26:24 +0000 Files and hashes: 1: OHvc-OlHoaBOL0OH-99wZUpE0b0.crl (hash: ZCB8sFqu1rLKDojkY+kFz71tgkAQ2WMmSwXsIe1Aflo=) 2: 25E6E72899FE11EAB3E30513C4F9AE02.roa (hash: Z6vRCcxL1bmdrItPmj7qCyzvetl7oMIALv4P0w4CxB8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 20:26:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2402 (0x962) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ACF4, serialNumber=387BDCF8E947A1A04E2F4387FBDF70654A44D1BD Validity Not Before: Jul 2 20:26:24 2025 GMT Not After : Jul 9 20:26:24 2025 GMT Subject: CN=686595f0-07df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:87:68:f1:20:aa:7f:3c:39:c2:2a:5c:25:2e: 4c:2d:e7:ba:28:cb:39:2f:35:ac:27:cc:53:4a:f3: 35:d3:a8:f3:4e:31:42:ee:a9:f4:58:2d:3f:0e:58: 8c:7a:7c:4c:83:db:8c:bf:ae:61:cc:d1:eb:4d:d7: 23:32:1b:ab:ca:78:66:33:1d:b0:5d:9f:e9:66:ec: be:0a:a9:12:c2:c5:98:0f:3e:1d:71:f3:55:6a:e5: 07:da:4c:7b:5b:7c:a5:ac:10:30:08:8c:4a:10:1c: d3:40:19:c7:3b:2e:e6:0f:ec:4f:0c:5d:44:8b:04: 5e:1a:8a:01:a4:77:e3:06:69:26:ac:ff:cb:8a:8a: 28:b6:03:48:30:03:d5:f0:b7:71:52:59:e9:92:81: 8a:59:8b:8c:66:3d:4a:29:1d:35:53:31:25:cf:88: 25:db:5b:1d:a4:cd:82:32:74:4d:0c:b9:65:0e:91: 0d:16:e7:a5:7d:f2:7a:57:74:53:a1:01:94:25:65: 35:0f:fb:c0:d0:9c:fa:8c:b7:44:96:a6:1b:40:cc: 55:ad:a0:52:2e:14:2a:9b:2b:6a:b5:55:91:7f:e6: 17:2a:8c:d0:b4:35:34:e7:1c:0a:2c:1c:9a:a3:c6: 19:2b:57:3b:00:59:cc:77:c9:86:a4:24:51:f1:6b: c4:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:BA:B9:6B:33:93:84:18:99:FA:BD:E0:FF:6A:24:53:4A:6F:CD:EA X509v3 Authority Key Identifier: keyid:38:7B:DC:F8:E9:47:A1:A0:4E:2F:43:87:FB:DF:70:65:4A:44:D1:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OHvc-OlHoaBOL0OH-99wZUpE0b0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ACF4/70E3036C99FC11EA96554510C4F9AE02/OHvc-OlHoaBOL0OH-99wZUpE0b0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:fb:99:40:ee:16:29:5b:78:2c:23:74:9d:e3:8b:a7:36:76: 21:a4:23:09:d2:3e:28:fc:3f:94:af:8a:1f:6d:32:85:0d:3f: 63:9d:99:86:96:7e:b6:a2:38:68:f2:86:4d:a9:a7:3a:84:f2: d0:70:fd:b4:cf:e4:91:fa:54:62:63:30:fe:5a:2b:06:f3:c5: b7:84:a0:44:b3:e0:cc:8e:d4:95:25:8e:2f:4c:e3:f0:10:25: 66:41:6b:77:1a:eb:90:5a:4b:e1:a0:8d:e0:5e:94:76:40:81: 50:90:33:09:41:97:13:68:34:95:d2:f4:67:2b:7e:cd:d2:79: 14:36:18:17:1b:22:3e:89:20:27:74:37:ce:4a:aa:a1:d9:0c: 8b:57:c3:01:40:e9:73:5c:f6:ea:29:92:69:f1:42:15:39:86: 2e:d3:b8:15:cc:14:5f:69:05:e0:ad:e3:9a:7c:35:b5:b3:b6: 0c:41:92:8b:30:8d:e1:a0:3f:80:5d:9d:77:20:ec:03:e9:13: cd:d9:9e:21:2f:69:01:fb:7b:3c:99:0f:ed:b5:ca:a6:bb:01: 7d:c1:8a:79:20:e4:ea:2e:4d:af:b6:b1:3c:7c:7e:95:1e:49: fc:99:ec:5c:ca:a6:14:b2:c9:7a:8c:2e:7e:2c:9a:af:4d:63: 8a:e0:d9:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FDRjQxMTAvBgNVBAUTKDM4N0JEQ0Y4RTk0N0ExQTA0RTJGNDM4N0ZCREY3MDY1 NEE0NEQxQkQwHhcNMjUwNzAyMjAyNjI0WhcNMjUwNzA5MjAyNjI0WjAYMRYwFAYD VQQDEw02ODY1OTVmMC0wN2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwYdo8SCqfzw5wipcJS5MLee6KMs5LzWsJ8xTSvM106jzTjFC7qn0WC0/DliM enxMg9uMv65hzNHrTdcjMhurynhmMx2wXZ/pZuy+CqkSwsWYDz4dcfNVauUH2kx7 W3ylrBAwCIxKEBzTQBnHOy7mD+xPDF1EiwReGooBpHfjBmkmrP/LioootgNIMAPV 8LdxUlnpkoGKWYuMZj1KKR01UzElz4gl21sdpM2CMnRNDLllDpENFuelffJ6V3RT oQGUJWU1D/vA0Jz6jLdElqYbQMxVraBSLhQqmytqtVWRf+YXKozQtDU05xwKLBya o8YZK1c7AFnMd8mGpCRR8WvE3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPW6uWsz k4QYmfq94P9qJFNKb83qMB8GA1UdIwQYMBaAFDh73PjpR6GgTi9Dh/vfcGVKRNG9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUNGNC83MEUzMDM2Qzk5 RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9hQk9MME9ILTk5d1pVcEUw YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09IdmMtT2xIb2FCT0wwT0gtOTl3WlVwRTBiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUNGNC83MEUzMDM2Qzk5RkMxMUVBOTY1NTQ1MTBDNEY5QUUwMi9PSHZjLU9sSG9h Qk9MME9ILTk5d1pVcEUwYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCT+5lA7hYpW3gsI3Sd44unNnYhpCMJ0j4o/D+Ur4ofbTKFDT9jnZmG ln62ojho8oZNqac6hPLQcP20z+SR+lRiYzD+WisG88W3hKBEs+DMjtSVJY4vTOPw ECVmQWt3GuuQWkvhoI3gXpR2QIFQkDMJQZcTaDSV0vRnK37N0nkUNhgXGyI+iSAn dDfOSqqh2QyLV8MBQOlzXPbqKZJp8UIVOYYu07gVzBRfaQXgreOafDW1s7YMQZKL MI3hoD+AXZ13IOwD6RPN2Z4hL2kB+3s8mQ/ttcqmuwF9wYp5IOTqLk2vtrE8fH6V Hkn8mexcyqYUssl6jC5+LJqvTWOK4NmI -----END CERTIFICATE-----Generated at Fri Jul 4 15:40:49 2025 by rpki-client