$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft File: oRHoHEs-J72m4nEkl_bbugz7CCY.mft (raw, json) Hash identifier: Q6Wruhgj6ltwq3q6PfsmNooO+du8rbDICrpktI8WwGA= Subject key identifier: B5:1D:34:46:B8:D6:1D:C7:23:CD:F5:17:1F:27:58:5A:F3:FF:6D:3C Authority key identifier: A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 Certificate issuer: /CN=A91C1DB8/serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Certificate serial: 13AF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft Manifest number: 13A3 Signing time: Mon 20 Oct 2025 17:22:24 +0000 Manifest this update: Mon 20 Oct 2025 17:22:23 +0000 Manifest next update: Mon 27 Oct 2025 17:22:23 +0000 Files and hashes: 1: oRHoHEs-J72m4nEkl_bbugz7CCY.crl (hash: eH669M7JLAMGrlCavEymLWEYzzHUIJVK6Iip2Blwgog=) 2: 6D6692CAAA0211EEAADA3D32C4F9AE02.roa (hash: Lfw4Pf1U5kN1CyHW4zjiGH94Ozpr6hL2Iw69vgHFnZ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 17:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5039 (0x13af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1DB8, serialNumber=A111E81C4B3E27BDA6E2712497F6DBBA0CFB0826 Validity Not Before: Oct 20 17:22:23 2025 GMT Not After : Oct 27 17:22:23 2025 GMT Subject: CN=68f66fd0-329a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:a2:f3:5d:03:23:b6:38:16:97:8a:5e:de:47: 12:ae:20:8b:12:35:00:ec:1a:ef:35:b3:54:df:61: 02:67:07:95:d0:67:e1:d1:61:f6:43:fb:48:ab:5a: d3:0f:6b:bf:f5:69:15:59:58:56:50:87:1a:64:fd: 24:65:71:fe:8f:ac:e7:c6:45:94:eb:a7:81:98:99: 14:a3:8c:9d:05:0e:d4:ba:9c:c5:7b:b2:6c:74:85: ee:59:93:4d:f2:8b:7b:6f:89:e4:c7:49:51:b5:5b: 5f:ab:8c:32:7f:c9:ad:c7:33:15:06:29:71:81:ad: 06:c0:0b:6e:16:f6:40:de:68:ec:7b:20:85:02:3f: dd:db:b1:d2:56:5e:a4:d7:7f:37:03:f2:c6:1e:b3: fe:a1:26:1a:ed:4e:40:44:48:5c:3c:d1:8a:f0:be: 30:af:05:ae:36:2f:ba:b2:45:66:e0:9e:e5:d9:e5: ba:39:a8:47:3f:fb:c7:c2:0c:47:ef:32:56:59:69: 01:32:c9:9e:19:d6:e4:dc:95:45:17:7e:30:55:a7: 27:94:37:eb:da:73:ce:15:62:e5:a1:b8:bc:91:99: 5e:62:8e:1a:d2:76:cb:37:59:ec:21:60:9b:9f:6b: 3d:fa:f3:02:46:41:ee:98:48:43:23:99:a0:8f:49: 08:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:1D:34:46:B8:D6:1D:C7:23:CD:F5:17:1F:27:58:5A:F3:FF:6D:3C X509v3 Authority Key Identifier: keyid:A1:11:E8:1C:4B:3E:27:BD:A6:E2:71:24:97:F6:DB:BA:0C:FB:08:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oRHoHEs-J72m4nEkl_bbugz7CCY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/0D9931BAA11E11E89E636710C4F9AE02/oRHoHEs-J72m4nEkl_bbugz7CCY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:17:64:42:e4:f5:b1:3f:95:76:e8:97:6d:be:ad:03:8a:54: 23:77:5b:cd:bf:b1:26:81:ef:23:a6:6f:c4:1e:96:18:ce:61: 84:77:5a:df:a9:08:7c:c5:32:fd:91:d6:2f:48:fe:ec:b8:27: 48:c7:97:c6:cb:0f:ac:7d:77:f5:1b:85:4d:57:cb:18:ce:b0: 6c:7c:6f:5d:c2:5e:71:45:38:a0:71:40:62:3a:33:16:98:8d: 6e:ba:f3:7f:f2:a4:89:ba:0e:5f:7f:4a:63:c2:aa:c8:7a:c9: fa:fb:d8:38:9e:f9:47:0b:89:53:e2:67:79:26:a9:3b:5e:96: c6:13:a6:49:7f:62:1a:94:55:5c:6c:a0:8e:4b:34:ea:52:bc: fc:97:48:95:57:4b:6a:af:b0:2a:b6:4d:d9:cd:01:5a:79:6d: 62:32:ee:5d:3b:8c:94:5e:9f:42:a2:13:27:d3:5a:55:fb:b7: 98:64:af:a8:80:d5:d7:52:2d:c5:4b:7c:be:44:84:f0:f1:39: ab:2a:21:94:8e:0c:d8:ec:68:60:da:96:0d:67:28:71:02:e0: ce:45:70:f3:92:29:7f:3b:35:70:73:74:34:60:69:e5:78:ab: 2a:01:f1:5e:12:bd:87:8b:5a:11:f2:76:6a:92:7f:87:0a:47: cd:88:e0:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFEQjgxMTAvBgNVBAUTKEExMTFFODFDNEIzRTI3QkRBNkUyNzEyNDk3RjZEQkJB MENGQjA4MjYwHhcNMjUxMDIwMTcyMjIzWhcNMjUxMDI3MTcyMjIzWjAYMRYwFAYD VQQDEw02OGY2NmZkMC0zMjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6KLzXQMjtjgWl4pe3kcSriCLEjUA7BrvNbNU32ECZweV0Gfh0WH2Q/tIq1rT D2u/9WkVWVhWUIcaZP0kZXH+j6znxkWU66eBmJkUo4ydBQ7UupzFe7JsdIXuWZNN 8ot7b4nkx0lRtVtfq4wyf8mtxzMVBilxga0GwAtuFvZA3mjseyCFAj/d27HSVl6k 1383A/LGHrP+oSYa7U5AREhcPNGK8L4wrwWuNi+6skVm4J7l2eW6OahHP/vHwgxH 7zJWWWkBMsmeGdbk3JVFF34wVacnlDfr2nPOFWLlobi8kZleYo4a0nbLN1nsIWCb n2s9+vMCRkHumEhDI5mgj0kI0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLUdNEa4 1h3HI831Fx8nWFrz/208MB8GA1UdIwQYMBaAFKER6BxLPie9puJxJJf227oM+wgm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8wRDk5MzFCQUEx MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3Mm00bkVrbF9iYnVnejdD Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29SSG9IRXMtSjcybTRuRWtsX2JidWd6N0NDWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MURCOC8wRDk5MzFCQUExMUUxMUU4OUU2MzY3MTBDNEY5QUUwMi9vUkhvSEVzLUo3 Mm00bkVrbF9iYnVnejdDQ1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNF2RC5PWxP5V26Jdtvq0DilQjd1vNv7Emge8jpm/EHpYYzmGEd1rf qQh8xTL9kdYvSP7suCdIx5fGyw+sfXf1G4VNV8sYzrBsfG9dwl5xRTigcUBiOjMW mI1uuvN/8qSJug5ff0pjwqrIesn6+9g4nvlHC4lT4md5Jqk7XpbGE6ZJf2IalFVc bKCOSzTqUrz8l0iVV0tqr7Aqtk3ZzQFaeW1iMu5dO4yUXp9CohMn01pV+7eYZK+o gNXXUi3FS3y+RITw8TmrKiGUjgzY7Ghg2pYNZyhxAuDORXDzkil/OzVwc3Q0YGnl eKsqAfFeEr2Hi1oR8nZqkn+HCkfNiOBu -----END CERTIFICATE-----Generated at Mon Oct 20 19:26:52 2025 by rpki-client