$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft File: ovb2YTEslb8FoLUjCxNx1GIv1ic.mft (raw, json) Hash identifier: O0125szLoFgv03EacVSBxdpSbyX5rTUzrUPmKaPjC/4= Subject key identifier: D9:67:A0:CF:47:82:1B:CE:7C:41:F8:0E:A6:4E:52:DA:7E:8C:FA:18 Authority key identifier: A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 Certificate issuer: /CN=A91E7BC4/serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Certificate serial: 0D8A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft Manifest number: 0D82 Signing time: Mon 20 Oct 2025 18:29:29 +0000 Manifest this update: Mon 20 Oct 2025 18:29:28 +0000 Manifest next update: Mon 27 Oct 2025 18:29:28 +0000 Files and hashes: 1: ovb2YTEslb8FoLUjCxNx1GIv1ic.crl (hash: 446g3ckQ4BIUFhPhEF+thMlBI9Dgv4xZCF4LTfCvROs=) 2: 05054224D8E411E9BEB7986DC4F9AE02.roa (hash: C8YUnzVpdG1ic9MCuW7celmXkhXkYeCvagfWnZShYbQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:29:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3466 (0xd8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=A2F6F661312C95BF05A0B5230B1371D4622FD627 Validity Not Before: Oct 20 18:29:28 2025 GMT Not After : Oct 27 18:29:28 2025 GMT Subject: CN=68f67f89-58b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:43:b0:ea:56:eb:00:61:da:04:b9:4e:29:19: cf:50:4b:37:a7:1d:dc:36:de:59:94:01:0a:14:9c: 5f:83:52:df:23:11:22:b7:f0:1c:d5:16:97:84:c8: 70:8c:46:61:15:06:e8:a4:62:91:2a:a4:19:3d:0b: 61:db:ab:be:73:a0:84:66:25:e9:76:4e:ce:5b:18: dd:da:cc:51:57:ab:01:f7:65:d0:17:04:1d:da:ec: 7c:c1:7a:6f:2b:2f:e3:93:b6:86:a1:ec:cf:8b:ee: b0:3d:0c:81:bc:5b:27:f2:2c:b9:b2:69:62:8f:0a: d7:e5:42:0a:a1:28:60:2d:06:c9:aa:59:e1:c7:c8: 9b:4a:e0:c7:b1:c3:8e:e2:36:6f:08:8c:ad:ff:47: 8f:7a:5c:1e:28:c9:22:67:c8:35:7b:f9:f0:cf:f6: 15:39:fc:53:c6:00:21:00:a5:a7:e3:eb:cb:ff:33: c1:ac:55:77:19:b6:e5:b5:ec:2f:9c:9c:e5:d1:ce: 5b:ff:0f:08:c2:0c:f6:03:34:48:4b:3f:2f:f6:3f: 6f:17:b0:29:4c:0e:3f:b7:86:55:72:29:d6:ad:49: 95:8c:f4:a7:27:75:4c:98:45:0a:3a:77:6a:17:76: e6:6a:69:a3:fc:37:67:34:cc:19:bf:88:19:a7:e1: 0e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:67:A0:CF:47:82:1B:CE:7C:41:F8:0E:A6:4E:52:DA:7E:8C:FA:18 X509v3 Authority Key Identifier: keyid:A2:F6:F6:61:31:2C:95:BF:05:A0:B5:23:0B:13:71:D4:62:2F:D6:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ovb2YTEslb8FoLUjCxNx1GIv1ic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/261D2830D50D11E9BAD6C226C4F9AE02/ovb2YTEslb8FoLUjCxNx1GIv1ic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:8b:d7:4b:2d:db:94:3d:2c:df:cc:2f:b1:58:ab:a1:7a:6c: 3a:c8:19:1e:fb:6a:03:86:f2:98:06:e3:0f:98:21:ea:2e:bc: d5:62:24:c3:40:86:3b:df:dc:7d:20:be:40:2a:57:ea:97:c8: b5:ee:f3:da:8b:bb:e2:e3:da:f1:31:86:1a:bb:93:bb:98:dc: 0e:f0:7b:4b:d5:05:bb:66:57:d3:2a:69:15:af:bf:80:9d:bd: e0:b0:63:1f:a9:1c:61:03:67:94:f6:29:9d:06:bb:39:8e:7a: b7:42:57:3c:c8:33:0b:07:63:93:51:b3:f1:2e:ec:41:a4:36: 4e:57:c7:45:eb:e0:88:16:81:69:96:72:75:e4:2e:0e:8a:e8: 7c:90:f3:5e:7c:02:01:44:2d:a4:ce:5a:51:90:dc:9f:83:a3: 6d:00:5f:96:82:37:1b:c8:7a:e9:cd:7b:cd:9f:70:a1:82:68: 8a:ec:9e:1d:77:53:2e:6d:ce:65:4c:9b:98:73:87:8f:45:12: 94:83:e1:ec:df:41:4e:6c:7f:ce:27:da:e5:2c:86:93:e6:56: fe:eb:1f:a1:81:3f:2a:52:0b:5c:4f:36:cc:6e:5b:31:75:69: ce:8d:3d:11:e0:4f:68:9a:f7:4c:44:b0:6a:85:a2:4c:28:90: 85:29:65:c5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEEyRjZGNjYxMzEyQzk1QkYwNUEwQjUyMzBCMTM3MUQ0 NjIyRkQ2MjcwHhcNMjUxMDIwMTgyOTI4WhcNMjUxMDI3MTgyOTI4WjAYMRYwFAYD VQQDEw02OGY2N2Y4OS01OGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8kOw6lbrAGHaBLlOKRnPUEs3px3cNt5ZlAEKFJxfg1LfIxEit/Ac1RaXhMhw jEZhFQbopGKRKqQZPQth26u+c6CEZiXpdk7OWxjd2sxRV6sB92XQFwQd2ux8wXpv Ky/jk7aGoezPi+6wPQyBvFsn8iy5smlijwrX5UIKoShgLQbJqlnhx8ibSuDHscOO 4jZvCIyt/0ePelweKMkiZ8g1e/nwz/YVOfxTxgAhAKWn4+vL/zPBrFV3Gbbltewv nJzl0c5b/w8Iwgz2AzRISz8v9j9vF7ApTA4/t4ZVcinWrUmVjPSnJ3VMmEUKOndq F3bmammj/DdnNMwZv4gZp+EOXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNlnoM9H ghvOfEH4DqZOUtp+jPoYMB8GA1UdIwQYMBaAFKL29mExLJW/BaC1IwsTcdRiL9Yn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yNjFEMjgzMEQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xiOEZvTFVqQ3hOeDFHSXYx aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL292YjJZVEVzbGI4Rm9MVWpDeE54MUdJdjFpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yNjFEMjgzMEQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi9vdmIyWVRFc2xi OEZvTFVqQ3hOeDFHSXYxaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPi9dLLduUPSzfzC+xWKuhemw6yBke+2oDhvKYBuMPmCHqLrzVYiTD QIY739x9IL5AKlfql8i17vPai7vi49rxMYYau5O7mNwO8HtL1QW7ZlfTKmkVr7+A nb3gsGMfqRxhA2eU9imdBrs5jnq3Qlc8yDMLB2OTUbPxLuxBpDZOV8dF6+CIFoFp lnJ15C4Oiuh8kPNefAIBRC2kzlpRkNyfg6NtAF+WgjcbyHrpzXvNn3ChgmiK7J4d d1Mubc5lTJuYc4ePRRKUg+Hs30FObH/OJ9rlLIaT5lb+6x+hgT8qUgtcTzbMblsx dWnOjT0R4E9omvdMRLBqhaJMKJCFKWXF -----END CERTIFICATE-----Generated at Tue Oct 21 02:25:57 2025 by rpki-client