$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft File: oRR-hHvP7urdnompeo2fM2ecp-I.mft (raw, json) Hash identifier: V1z9wROXf1kyXpnpcJBGH2tTuA4QSHjLCsgGtLaH15Y= Subject key identifier: 38:AA:49:6A:28:DE:0A:BC:23:32:CD:BC:2C:6E:B8:91:BE:A9:45:37 Authority key identifier: A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 Certificate issuer: /CN=A91EAD80/serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Certificate serial: BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft Manifest number: BA Signing time: Sun 19 Oct 2025 09:09:16 +0000 Manifest this update: Sun 19 Oct 2025 09:09:16 +0000 Manifest next update: Sun 26 Oct 2025 09:09:16 +0000 Files and hashes: 1: oRR-hHvP7urdnompeo2fM2ecp-I.crl (hash: UbYTzLeAEQdGFfayY6Wjf0LPzuln+nllVjfcuyjC1hY=) 2: 52DF0E62B2FA11EFA36E0387C4F9AE02.roa (hash: zOW380YmpQpMtSyWb7ghqrZ9YCinfgNDwAX0rgUwhPY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:09:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 188 (0xbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAD80, serialNumber=A1147E847BCFEEEADD9E89A97A8D9F33679CA7E2 Validity Not Before: Oct 19 09:09:16 2025 GMT Not After : Oct 26 09:09:16 2025 GMT Subject: CN=68f4aabc-0737 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:02:87:f8:9b:b6:99:e6:4e:7e:29:a1:8d:2a: fd:87:2a:9a:1c:9d:fb:20:a7:86:e1:9b:03:77:c3: 68:ee:39:dd:69:1d:3b:1f:ba:14:51:3a:1c:9d:52: 63:32:34:02:af:5c:37:f5:da:92:7b:9f:ab:c0:6f: 80:2c:a5:1e:8d:99:68:ca:ce:83:5a:aa:37:54:e6: 97:0b:3c:38:5c:74:9c:b2:4d:9d:ec:1a:ef:94:b5: 09:b5:35:64:c7:95:14:1e:4c:a2:fa:da:b9:6a:25: 78:f3:0e:6e:a9:c8:11:ad:4d:f4:9d:f2:7d:1e:e2: ea:57:5f:8d:1b:68:84:7c:39:ec:a3:94:96:9f:8b: 74:5d:e0:80:05:fa:3e:56:47:cc:75:22:1d:10:11: 33:32:53:38:94:85:9f:f3:5f:37:ab:be:7f:5b:51: b1:8e:09:55:b5:94:6a:50:9d:8a:17:69:9b:4e:54: d9:fb:a7:27:21:50:1a:d0:05:aa:ec:e3:a0:ef:e7: c6:ee:4c:2f:d8:7f:a9:c9:fa:9a:b9:18:32:85:87: fa:ac:0c:2a:04:db:6b:98:41:18:81:eb:d5:f4:56: 77:39:25:95:2b:0b:dd:7a:6f:d2:28:92:72:3c:a4: d2:8d:59:24:c2:cb:1f:20:9f:9a:7f:25:e1:44:17: 6b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:AA:49:6A:28:DE:0A:BC:23:32:CD:BC:2C:6E:B8:91:BE:A9:45:37 X509v3 Authority Key Identifier: keyid:A1:14:7E:84:7B:CF:EE:EA:DD:9E:89:A9:7A:8D:9F:33:67:9C:A7:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oRR-hHvP7urdnompeo2fM2ecp-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAD80/D223C5AE94C911EF92CD7258C4F9AE02/oRR-hHvP7urdnompeo2fM2ecp-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:7d:38:df:aa:57:c3:c5:8e:ad:f4:fa:10:5f:df:b4:fe:8d: b0:38:be:97:20:19:cf:20:d9:f9:79:6f:a8:1b:ec:ad:ef:97: ff:0f:c5:24:b3:09:4d:29:4e:9a:00:7f:78:9e:31:53:d4:0e: 60:e0:20:41:43:57:b3:77:fe:e1:52:33:f1:44:14:97:7e:f0: cb:88:46:89:58:68:09:7b:44:52:11:79:4e:9f:6c:a9:1c:90: 78:b2:a4:d7:9b:b1:fa:db:98:c2:0d:83:52:64:bd:4c:09:c9: f3:b2:4f:1f:d6:f3:f9:99:20:95:54:0d:f4:de:48:18:dd:c9: c9:09:d4:07:e9:a2:da:0c:86:1e:72:fb:6b:80:6b:00:48:84: 4a:2a:05:7a:11:29:ac:2d:58:0a:c4:9a:84:53:c8:87:86:c0: b8:a8:48:f1:ee:0d:c4:66:ba:95:3c:e0:45:56:bb:b5:b4:f5: ce:ba:9e:d1:f5:99:67:19:69:01:c1:05:bf:63:1d:d1:16:23: dd:58:21:8f:3d:eb:35:5b:27:44:e2:7d:85:da:5d:cb:39:e7: 1a:d4:17:8a:7a:e8:0c:00:7d:01:9a:8d:39:c2:69:d4:94:5d: e5:57:85:8d:cf:2b:e5:8a:73:51:14:3b:95:6d:29:07:21:e4: 5b:f5:8d:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFEODAxMTAvBgNVBAUTKEExMTQ3RTg0N0JDRkVFRUFERDlFODlBOTdBOEQ5RjMz Njc5Q0E3RTIwHhcNMjUxMDE5MDkwOTE2WhcNMjUxMDI2MDkwOTE2WjAYMRYwFAYD VQQDEw02OGY0YWFiYy0wNzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5QKH+Ju2meZOfimhjSr9hyqaHJ37IKeG4ZsDd8No7jndaR07H7oUUTocnVJj MjQCr1w39dqSe5+rwG+ALKUejZloys6DWqo3VOaXCzw4XHScsk2d7BrvlLUJtTVk x5UUHkyi+tq5aiV48w5uqcgRrU30nfJ9HuLqV1+NG2iEfDnso5SWn4t0XeCABfo+ VkfMdSIdEBEzMlM4lIWf8183q75/W1GxjglVtZRqUJ2KF2mbTlTZ+6cnIVAa0AWq 7OOg7+fG7kwv2H+pyfqauRgyhYf6rAwqBNtrmEEYgevV9FZ3OSWVKwvdem/SKJJy PKTSjVkkwssfIJ+afyXhRBdroQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDiqSWoo 3gq8IzLNvCxuuJG+qUU3MB8GA1UdIwQYMBaAFKEUfoR7z+7q3Z6JqXqNnzNnnKfi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUQ4MC9EMjIzQzVBRTk0 QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1cmRub21wZW8yZk0yZWNw LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29SUi1oSHZQN3VyZG5vbXBlbzJmTTJlY3AtSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUQ4MC9EMjIzQzVBRTk0QzkxMUVGOTJDRDcyNThDNEY5QUUwMi9vUlItaEh2UDd1 cmRub21wZW8yZk0yZWNwLUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUfTjfqlfDxY6t9PoQX9+0/o2wOL6XIBnPINn5eW+oG+yt75f/D8Uk swlNKU6aAH94njFT1A5g4CBBQ1ezd/7hUjPxRBSXfvDLiEaJWGgJe0RSEXlOn2yp HJB4sqTXm7H625jCDYNSZL1MCcnzsk8f1vP5mSCVVA303kgY3cnJCdQH6aLaDIYe cvtrgGsASIRKKgV6ESmsLVgKxJqEU8iHhsC4qEjx7g3EZrqVPOBFVru1tPXOup7R 9ZlnGWkBwQW/Yx3RFiPdWCGPPes1WydE4n2F2l3LOeca1BeKeugMAH0Bmo05wmnU lF3lV4WNzyvlinNRFDuVbSkHIeRb9Y03 -----END CERTIFICATE-----Generated at Mon Oct 20 04:11:12 2025 by rpki-client