$ rpki-client -vvf rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft File: OhbEBL_tNHJEowpa__ZuSZKqKCE.mft (raw, json) Hash identifier: 2rxVRqBRr05DZX364KHtEoXzFkhtFONI7MRud98+Li8= Subject key identifier: 5E:DC:92:41:EB:F6:8D:23:06:BF:B2:6A:84:AC:36:98:CC:B0:A6:5E Authority key identifier: 3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 Certificate issuer: /CN=A91A65C4/serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Certificate serial: 0474 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft Manifest number: 046E Signing time: Sat 23 Aug 2025 00:21:58 +0000 Manifest this update: Sat 23 Aug 2025 00:21:58 +0000 Manifest next update: Sat 30 Aug 2025 00:21:58 +0000 Files and hashes: 1: OhbEBL_tNHJEowpa__ZuSZKqKCE.crl (hash: nKFvTlM0ijoL7Vj1kzk+1/+6A8Mxp3EMO+66jmh3raY=) 2: 9D77DCA4599A11ECA574BF52C4F9AE02.roa (hash: /fF1tdSaYFH2w1w+0HXHgYqEthaF4A0sGCD2uCBxpiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:21:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1140 (0x474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A65C4, serialNumber=3A16C404BFED347244A30A5AFFF66E4992AA2821 Validity Not Before: Aug 23 00:21:58 2025 GMT Not After : Aug 30 00:21:58 2025 GMT Subject: CN=68a909a6-4b64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:94:82:46:e8:fb:cc:65:fe:dc:0b:c8:f0:cd: d2:bf:2f:72:22:0d:e6:f3:99:ff:14:e0:07:b5:92: 0c:1a:42:2e:4c:f2:ea:10:c3:8d:35:fc:c3:d4:32: 56:a5:3f:60:0a:28:56:6d:fa:26:58:70:78:04:11: 07:3d:4e:9a:29:28:0c:0f:cd:00:57:95:23:f0:03: 93:8e:36:56:6b:44:96:f0:73:30:dd:d7:87:82:65: de:84:12:59:76:98:5e:94:63:d4:d9:8a:cf:93:71: e1:07:d4:d3:e7:7a:57:25:a2:c5:ba:fa:26:50:3d: c4:db:99:37:91:a8:5e:b0:75:f4:80:9c:a1:d8:a8: b0:e4:0a:4f:ed:8f:5d:87:45:57:30:ed:b8:6c:c5: 6d:91:c1:b9:92:5a:98:40:26:67:f8:b8:f4:df:03: 07:4e:3d:40:f9:66:c7:0a:c7:c0:f1:a5:9d:cf:21: f8:9f:32:91:e9:7c:34:99:de:09:59:92:5f:ef:01: f9:bb:a2:1e:5f:ad:56:1a:3d:cf:9a:0a:b3:91:82: e4:fb:35:dc:33:6d:54:68:c9:36:e4:33:f0:10:fd: 7b:43:c5:1b:27:40:0d:4a:1e:af:c0:fd:02:fe:c6: 15:81:3c:15:8d:90:ae:a6:d4:5e:7d:fa:88:f2:b8: 4b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:DC:92:41:EB:F6:8D:23:06:BF:B2:6A:84:AC:36:98:CC:B0:A6:5E X509v3 Authority Key Identifier: keyid:3A:16:C4:04:BF:ED:34:72:44:A3:0A:5A:FF:F6:6E:49:92:AA:28:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OhbEBL_tNHJEowpa__ZuSZKqKCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A65C4/3E3A5502599811EC9391D550C4F9AE02/OhbEBL_tNHJEowpa__ZuSZKqKCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:a7:ef:66:61:a6:07:03:86:00:5c:b7:91:78:51:9b:48:54: 51:d7:cc:de:02:eb:e9:56:fd:32:67:4a:fd:76:ee:ff:4a:72: 6e:15:43:0e:86:a7:e4:4e:7a:37:c9:a3:a9:51:78:1d:c3:19: 27:c5:33:9d:8d:21:c1:7b:a2:86:cc:fc:fd:b0:54:6f:51:0d: 3f:98:fe:bc:db:5f:5b:68:49:ad:42:f3:fe:1c:5c:6c:42:a2: 63:89:eb:67:00:ec:fd:dc:fb:6c:bc:ba:9c:ee:59:f9:0c:af: 0a:1a:c6:29:99:09:5e:3e:1c:66:73:5c:b6:f9:d4:35:0c:65: 3f:5f:ba:af:93:6a:e8:e5:66:98:1f:20:45:d1:b8:ae:b6:c1: 12:42:be:82:22:a8:d4:b1:33:7a:16:70:b0:00:89:dd:5b:86: bb:b8:23:03:a5:77:18:03:fc:b7:5d:a2:a9:50:b3:68:00:5d: d3:b5:20:f9:f4:b5:f4:91:7e:03:65:80:5a:d5:7f:ac:5d:f5: d9:5f:f8:98:e2:a2:0b:09:d7:02:b5:78:8b:fb:1a:57:61:e1: b5:ae:79:29:4d:da:c6:27:06:33:0e:48:50:1c:46:35:8a:29: ed:ec:a5:7d:82:ff:72:c6:5e:d2:a3:f3:77:91:5e:c1:02:d1: b6:fe:25:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1QzQxMTAvBgNVBAUTKDNBMTZDNDA0QkZFRDM0NzI0NEEzMEE1QUZGRjY2RTQ5 OTJBQTI4MjEwHhcNMjUwODIzMDAyMTU4WhcNMjUwODMwMDAyMTU4WjAYMRYwFAYD VQQDEw02OGE5MDlhNi00YjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA05SCRuj7zGX+3AvI8M3Svy9yIg3m85n/FOAHtZIMGkIuTPLqEMONNfzD1DJW pT9gCihWbfomWHB4BBEHPU6aKSgMD80AV5Uj8AOTjjZWa0SW8HMw3deHgmXehBJZ dphelGPU2YrPk3HhB9TT53pXJaLFuvomUD3E25k3kahesHX0gJyh2Kiw5ApP7Y9d h0VXMO24bMVtkcG5klqYQCZn+Lj03wMHTj1A+WbHCsfA8aWdzyH4nzKR6Xw0md4J WZJf7wH5u6IeX61WGj3PmgqzkYLk+zXcM21UaMk25DPwEP17Q8UbJ0ANSh6vwP0C /sYVgTwVjZCuptReffqI8rhL5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF7ckkHr 9o0jBr+yaoSsNpjMsKZeMB8GA1UdIwQYMBaAFDoWxAS/7TRyRKMKWv/2bkmSqigh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjVDNC8zRTNBNTUwMjU5 OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5ISkVvd3BhX19adVNaS3FL Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09oYkVCTF90TkhKRW93cGFfX1p1U1pLcUtDRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NjVDNC8zRTNBNTUwMjU5OTgxMUVDOTM5MUQ1NTBDNEY5QUUwMi9PaGJFQkxfdE5I SkVvd3BhX19adVNaS3FLQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmp+9mYaYHA4YAXLeReFGbSFRR18zeAuvpVv0yZ0r9du7/SnJuFUMO hqfkTno3yaOpUXgdwxknxTOdjSHBe6KGzPz9sFRvUQ0/mP68219baEmtQvP+HFxs QqJjietnAOz93PtsvLqc7ln5DK8KGsYpmQlePhxmc1y2+dQ1DGU/X7qvk2ro5WaY HyBF0biutsESQr6CIqjUsTN6FnCwAIndW4a7uCMDpXcYA/y3XaKpULNoAF3TtSD5 9LX0kX4DZYBa1X+sXfXZX/iY4qILCdcCtXiL+xpXYeG1rnkpTdrGJwYzDkhQHEY1 iint7KV9gv9yxl7So/N3kV7BAtG2/iVc -----END CERTIFICATE-----Generated at Sat Aug 23 17:22:13 2025 by rpki-client