$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft File: ok2WODNZy0lmoVuakGkT61RWZXs.mft (raw, json) Hash identifier: rndLq25tIeAxlEpIOWg0znLHLtNCVWYt6yv5XfGmpeY= Subject key identifier: 2E:75:F6:A0:B6:D8:80:AA:8F:B4:C6:11:1C:70:61:AF:27:AB:FA:79 Authority key identifier: A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B Certificate issuer: /CN=A91C9C03/serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft Manifest number: 54 Signing time: Sun 19 Oct 2025 10:44:28 +0000 Manifest this update: Sun 19 Oct 2025 10:44:27 +0000 Manifest next update: Sun 26 Oct 2025 10:44:27 +0000 Files and hashes: 1: ok2WODNZy0lmoVuakGkT61RWZXs.crl (hash: VnA1v1Zxb160t0sGn8teZbXPm+idaCZlkgIUdNptNg4=) 2: 19088D04716211F0A531A51FC4F9AE02.roa (hash: UYhhmkQaI1q3+QjYEo/76mR50UYMRxm9p33lOpn/bSs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:44:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9C03, serialNumber=A24D96383359CB4966A15B9A906913EB5456657B Validity Not Before: Oct 19 10:44:27 2025 GMT Not After : Oct 26 10:44:27 2025 GMT Subject: CN=68f4c10c-e7c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:58:34:6b:1e:bc:cf:cb:bc:dc:a0:a6:5d:95: 37:e3:e7:8a:ed:29:49:05:d4:f9:5c:d0:37:19:ad: 01:0b:cf:d5:7e:8e:76:33:50:f3:f0:b4:c0:44:4a: 91:25:50:32:2b:9d:5c:ae:3c:59:7a:5a:78:b9:63: 44:21:73:f2:74:d9:e4:fd:83:0f:7e:b9:8d:88:b5: 24:5e:7b:f6:1c:92:9c:72:b3:1f:08:76:d1:fd:1e: cf:27:d6:d7:8a:f5:c9:c1:37:64:4b:95:0f:7b:2f: 10:51:e3:24:84:83:65:73:ac:6b:cf:62:e8:52:81: f4:52:a7:da:b9:ba:de:54:47:06:73:75:8f:e4:76: a5:e1:33:5b:15:e1:45:56:ea:ff:63:58:1a:6c:d5: e4:a2:25:83:dc:59:d0:d6:3d:41:25:49:ea:8e:c8: 1f:59:34:0b:7b:c0:73:01:ef:c5:ef:94:c4:42:5f: 10:03:ed:3f:98:e2:8c:1c:d6:e3:61:47:6e:f0:85: 66:a3:d3:99:ad:0c:1a:8b:91:96:ea:0f:25:a9:77: af:74:08:db:81:77:e8:f2:fc:4a:6e:8f:2b:5c:b4: cb:d8:9d:e4:ea:f0:32:a0:c6:eb:e1:1e:08:6c:4e: fa:23:bb:a3:13:44:15:46:a5:8a:24:8c:b6:06:5b: 4a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:75:F6:A0:B6:D8:80:AA:8F:B4:C6:11:1C:70:61:AF:27:AB:FA:79 X509v3 Authority Key Identifier: keyid:A2:4D:96:38:33:59:CB:49:66:A1:5B:9A:90:69:13:EB:54:56:65:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ok2WODNZy0lmoVuakGkT61RWZXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9C03/37D18A1639A311F0BAD72C3CC4F9AE02/ok2WODNZy0lmoVuakGkT61RWZXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:32:d4:87:e9:8b:7a:8e:7b:cc:7c:4a:da:74:91:54:e1:3c: 4e:9a:8d:33:d7:bc:f4:88:60:f7:5f:55:bd:37:f8:f0:d1:fb: 11:08:bf:b6:c8:f1:43:10:e3:13:a2:e8:79:75:34:2b:9b:e9: 72:ce:a9:4f:5a:3c:b3:7e:94:33:d4:b5:d3:fe:46:62:aa:9f: 06:8c:2b:c8:53:67:95:2d:d0:b0:bc:5c:69:11:5b:81:14:08: 5c:8a:3d:2b:4f:74:bc:9a:ce:a1:66:6b:e4:7b:9a:f9:4a:bf: d8:79:9b:16:7c:c6:b5:a9:c6:87:5d:d0:70:da:11:8d:e7:3a: ee:d8:d9:10:16:be:66:52:6d:b0:86:b4:be:47:46:b1:b0:a2: fc:e5:af:04:d7:f8:08:ed:5c:6d:1f:81:94:ba:3c:8b:e0:6e: 99:5f:a4:44:99:8b:2a:0b:9e:5b:20:0b:76:05:d8:d3:f0:be: 8f:a2:a7:ce:84:16:87:3d:77:53:78:6e:64:e2:b0:c3:a9:7e: e9:16:48:70:1b:8a:60:ba:ca:1b:16:4f:5c:a5:49:04:fb:97: 7f:8e:ab:cc:31:48:17:b6:ad:cb:2a:0c:f7:d4:aa:0e:bd:3a: e0:2c:dd:89:92:27:db:dc:1b:1a:96:32:5b:ac:aa:e0:ec:89: de:bd:3b:f5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUMwMzExMC8GA1UEBRMoQTI0RDk2MzgzMzU5Q0I0OTY2QTE1QjlBOTA2OTEzRUI1 NDU2NjU3QjAeFw0yNTEwMTkxMDQ0MjdaFw0yNTEwMjYxMDQ0MjdaMBgxFjAUBgNV BAMTDTY4ZjRjMTBjLWU3YzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvWDRrHrzPy7zcoKZdlTfj54rtKUkF1Plc0DcZrQELz9V+jnYzUPPwtMBESpEl UDIrnVyuPFl6Wni5Y0Qhc/J02eT9gw9+uY2ItSRee/Yckpxysx8IdtH9Hs8n1teK 9cnBN2RLlQ97LxBR4ySEg2VzrGvPYuhSgfRSp9q5ut5URwZzdY/kdqXhM1sV4UVW 6v9jWBps1eSiJYPcWdDWPUElSeqOyB9ZNAt7wHMB78XvlMRCXxAD7T+Y4owc1uNh R27whWaj05mtDBqLkZbqDyWpd690CNuBd+jy/EpujytctMvYneTq8DKgxuvhHghs Tvoju6MTRBVGpYokjLYGW0qxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULnX2oLbY gKqPtMYRHHBhryer+nkwHwYDVR0jBBgwFoAUok2WODNZy0lmoVuakGkT61RWZXsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5QzAzLzM3RDE4QTE2MzlB MzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBsbW9WdWFrR2tUNjFSV1pY cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2syV09ETlp5MGxtb1Z1YWtHa1Q2MVJXWlhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5 QzAzLzM3RDE4QTE2MzlBMzExRjBCQUQ3MkMzQ0M0RjlBRTAyL29rMldPRE5aeTBs bW9WdWFrR2tUNjFSV1pYcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABAy1Ifpi3qOe8x8Stp0kVThPE6ajTPXvPSIYPdfVb03+PDR+xEIv7bI 8UMQ4xOi6Hl1NCub6XLOqU9aPLN+lDPUtdP+RmKqnwaMK8hTZ5Ut0LC8XGkRW4EU CFyKPStPdLyazqFma+R7mvlKv9h5mxZ8xrWpxodd0HDaEY3nOu7Y2RAWvmZSbbCG tL5HRrGwovzlrwTX+AjtXG0fgZS6PIvgbplfpESZiyoLnlsgC3YF2NPwvo+ip86E Foc9d1N4bmTisMOpfukWSHAbimC6yhsWT1ylSQT7l3+Oq8wxSBe2rcsqDPfUqg69 OuAs3YmSJ9vcGxqWMlusquDsid69O/U= -----END CERTIFICATE-----Generated at Sun Oct 19 23:21:42 2025 by rpki-client