$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft File: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft (raw, json) Hash identifier: 5ZkVis8T6kiJ36cW0dmapf1MjIg5hCGIRit/HwG5Kc0= Subject key identifier: C5:62:FA:73:7A:91:6C:82:1F:13:32:BE:F7:3C:FE:F0:89:4C:23:07 Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 0199 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft Manifest number: 0195 Signing time: Mon 20 Oct 2025 18:11:55 +0000 Manifest this update: Mon 20 Oct 2025 18:11:54 +0000 Manifest next update: Mon 27 Oct 2025 18:11:54 +0000 Files and hashes: 1: OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl (hash: 6LsbqD0VaBnKdla1Gz2+AuM/8vAy8KX155bSv1qkups=) 2: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (hash: a5Y/yZKxW3IrKI0721MYV+ivPl5QgwwgGyen+XzCmBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 409 (0x199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Oct 20 18:11:54 2025 GMT Not After : Oct 27 18:11:54 2025 GMT Subject: CN=68f67b6b-43a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:21:c4:fd:20:5e:4a:e4:3c:d5:dc:c5:b6:df: 16:f1:c0:b9:df:ad:2a:a8:4f:0b:a9:49:26:46:94: 90:f2:b1:86:7e:fb:23:d4:d1:bc:bb:15:36:f9:42: 67:4f:66:01:8e:fa:10:55:44:ac:19:83:c0:3c:de: 47:f6:53:a3:4a:da:42:04:d3:a7:56:f8:fa:d7:57: e4:e5:e4:8d:15:bd:25:ab:42:f9:ab:c0:2e:e5:a4: 09:9a:bf:fe:c6:29:cf:ea:9e:a0:50:89:ab:fb:9b: 53:5d:c1:82:35:49:d0:78:77:be:00:ee:69:ff:c3: 98:e5:61:80:ca:36:fa:97:9c:c7:ec:99:56:65:04: a8:89:0b:57:c3:54:7f:56:4d:18:dc:53:2b:e9:ff: 24:c8:7f:71:73:66:0a:3e:87:5e:01:4c:b2:8d:cb: 38:39:39:90:48:a9:fa:f9:0f:58:9f:39:24:81:bc: a4:4d:6f:52:27:dd:bc:26:1c:01:8e:1e:6e:aa:16: c8:4c:4e:bf:d6:ea:a3:97:2c:22:94:e8:57:56:63: a4:33:4c:3f:48:12:96:71:f6:4e:b0:2a:37:5e:99: e7:8e:cc:df:b3:93:00:a5:ae:7a:36:2f:47:00:2f: 5e:a4:62:91:7a:c5:03:9a:02:e5:c1:6b:57:04:4c: d3:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:62:FA:73:7A:91:6C:82:1F:13:32:BE:F7:3C:FE:F0:89:4C:23:07 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:50:68:4f:56:93:3d:99:63:12:46:52:90:da:89:f0:0c:72: 9f:90:44:6d:f3:11:d0:22:5a:bc:16:3e:b5:08:25:68:71:cc: 6d:42:e2:d7:6f:b8:08:1f:8a:e7:99:55:ff:e3:76:5d:86:e8: 80:28:26:63:43:42:f0:1e:aa:04:e8:07:e0:70:3c:c0:f6:c6: c1:b0:97:15:17:a8:a4:b7:26:20:bf:49:21:41:94:7c:ad:ac: 66:2b:3e:f0:f7:aa:fd:f7:63:ca:f1:48:8e:f9:7a:4f:04:29: 32:79:6f:cc:f1:c5:a6:7e:b7:4a:f2:31:8f:aa:53:fa:9c:05: 78:5e:77:05:d1:b3:f4:28:20:62:a1:b8:ee:e0:de:cb:96:0d: 2b:ca:2d:56:73:66:f5:31:44:4b:2a:29:a6:f3:9c:7f:6e:53: fa:f9:bb:41:b7:b4:1c:80:1d:50:37:0c:9b:0f:d7:f7:94:7b: 0d:7a:d0:bf:41:7e:8e:41:58:48:92:e6:b4:3b:0c:bc:2a:99: ab:36:1b:b6:9c:a2:a8:60:00:0b:d5:23:ba:6f:5d:c6:2b:4f: 3d:f1:f2:4c:eb:16:ca:59:78:b7:dc:23:80:bb:fe:7f:24:0d: 6f:d4:44:ec:65:4f:22:4d:fd:39:63:31:90:d1:d8:70:5f:f3: 40:ed:c0:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUxMDIwMTgxMTU0WhcNMjUxMDI3MTgxMTU0WjAYMRYwFAYD VQQDEw02OGY2N2I2Yi00M2E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoiHE/SBeSuQ81dzFtt8W8cC5360qqE8LqUkmRpSQ8rGGfvsj1NG8uxU2+UJn T2YBjvoQVUSsGYPAPN5H9lOjStpCBNOnVvj611fk5eSNFb0lq0L5q8Au5aQJmr/+ xinP6p6gUImr+5tTXcGCNUnQeHe+AO5p/8OY5WGAyjb6l5zH7JlWZQSoiQtXw1R/ Vk0Y3FMr6f8kyH9xc2YKPodeAUyyjcs4OTmQSKn6+Q9YnzkkgbykTW9SJ928JhwB jh5uqhbITE6/1uqjlywilOhXVmOkM0w/SBKWcfZOsCo3Xpnnjszfs5MApa56Ni9H AC9epGKResUDmgLlwWtXBEzTiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMVi+nN6 kWyCHxMyvvc8/vCJTCMHMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Njg1Ni8yRERCNDI2RTQ4NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2 eWtCbzB6bUVSUE5rRUlWSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjUGhPVpM9mWMSRlKQ2onwDHKfkERt8xHQIlq8Fj61CCVoccxtQuLX b7gIH4rnmVX/43ZdhuiAKCZjQ0LwHqoE6AfgcDzA9sbBsJcVF6iktyYgv0khQZR8 raxmKz7w96r992PK8UiO+XpPBCkyeW/M8cWmfrdK8jGPqlP6nAV4XncF0bP0KCBi obju4N7Llg0ryi1Wc2b1MURLKimm85x/blP6+btBt7QcgB1QNwybD9f3lHsNetC/ QX6OQVhIkua0Owy8KpmrNhu2nKKoYAAL1SO6b13GK0898fJM6xbKWXi33COAu/5/ JA1v1ETsZU8iTf05YzGQ0dhwX/NA7cBj -----END CERTIFICATE-----Generated at Tue Oct 21 02:26:05 2025 by rpki-client