$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft File: Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft (raw, json) Hash identifier: 3sevXCiHACt8op91KGBPQb9IqvXjbgSE7oImFpnmsz4= Subject key identifier: 74:EE:6A:88:B3:E2:ED:8E:05:DB:AC:08:05:81:02:47:63:46:DD:F0 Authority key identifier: 3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D Certificate issuer: /CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D Certificate serial: 04B9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft Manifest number: 04A6 Signing time: Sun 19 Oct 2025 01:53:02 +0000 Manifest this update: Sun 19 Oct 2025 01:53:02 +0000 Manifest next update: Sun 26 Oct 2025 01:53:02 +0000 Files and hashes: 1: Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl (hash: qsg+GUp09XN8fwrCFuyfG2pKFlvY4IxLMp0sl5UK850=) 2: FF9D89B6AB4C11ECB0C94F67C4F9AE02.roa (hash: p5RWbmc3OrbusuGd87uXwNNKECyHXGRqb7DFbO3Zzjc=) 3: 451AF9F2E3DC11ECB9410B43C4F9AE02.roa (hash: PvyXkvk9rsG65qDLSBUO/zxV1I1w1ViEmt67rzLWH3U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1209 (0x4b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8E3D, serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D Validity Not Before: Oct 19 01:53:02 2025 GMT Not After : Oct 26 01:53:02 2025 GMT Subject: CN=68f4447e-497c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:35:cf:60:24:94:5b:89:1d:9f:bc:82:d4:b5: b9:e5:ef:bb:d4:01:f6:c0:51:87:46:34:9d:39:f5: e2:09:ec:0b:6d:f0:a7:f8:75:3c:e3:95:f1:e1:46: 0a:32:a2:c6:2c:bf:92:fe:27:e6:6e:36:c5:cb:24: b2:6f:d7:c8:ee:fd:41:95:56:57:75:c7:ed:ad:45: e7:d3:be:b3:88:87:f6:0e:84:14:da:2a:7d:97:93: 35:06:a9:57:74:5d:61:61:a8:f5:96:2c:e0:cf:dd: 74:4c:ed:3b:85:ad:24:ac:5e:0c:1c:3f:e6:80:f4: 78:5a:1f:62:7f:1e:d7:7e:63:21:3f:c4:dd:b3:5f: 73:3f:0d:72:82:b4:28:f0:4a:c0:b9:b4:c5:21:a0: d5:bc:2e:a1:27:d5:2c:37:e2:a8:5e:84:d5:2b:d6: 7e:8e:b5:14:11:88:f7:e0:f8:99:90:5b:65:e3:e7: ea:a6:3f:3d:3c:32:81:d8:1c:5d:22:9e:ab:5b:ac: ec:0d:c5:66:58:4a:31:7e:37:0d:23:39:9d:fa:f2: a5:0e:3d:bd:f6:05:0d:19:3c:86:86:70:ea:35:5d: b7:15:47:60:ab:40:9e:5f:44:7b:59:8a:80:bc:6a: 47:40:32:2e:c2:3e:3d:4c:a4:15:fe:fe:2e:2c:60: e4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:EE:6A:88:B3:E2:ED:8E:05:DB:AC:08:05:81:02:47:63:46:DD:F0 X509v3 Authority Key Identifier: keyid:3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:ca:76:7e:48:2a:3e:a1:1d:e2:f7:df:e3:cd:89:79:9d:cf: 1c:45:4d:69:65:10:94:aa:b5:b7:a7:fe:d4:0b:a9:a6:c4:fd: 39:2a:f3:a1:73:60:da:67:8c:b5:45:a1:40:a7:48:bf:b7:f3: 84:90:35:8b:81:d5:b4:aa:5e:ec:b9:66:72:e8:ef:19:27:5a: 37:4b:24:69:65:e1:72:99:a9:59:17:ce:b6:ed:54:d0:d8:1b: 69:02:a6:9d:a2:d1:fb:d9:ef:3b:bd:64:5a:e5:e4:76:d4:40: cd:e9:13:15:c6:a4:52:8e:65:3f:0a:bd:1c:01:ea:df:01:44: 14:fb:6e:b8:0c:b7:63:fb:42:b6:51:6f:aa:45:93:82:c9:2e: 0e:d0:be:a9:38:e9:e9:e0:bd:71:2e:a4:77:a6:73:ad:60:5d: d8:71:5b:67:43:6d:03:8f:4c:10:56:80:7d:3e:f7:46:1b:2b: 0a:e9:c5:e3:5c:db:e4:26:3b:18:7e:1a:48:8c:0e:0c:cd:b1: ad:11:a0:eb:6a:b3:9b:8f:e8:ea:f1:6b:ed:f2:13:38:25:33: 3b:77:3b:4e:a5:5a:58:72:91:30:6b:db:2d:b1:78:ef:98:aa: d0:05:bf:3b:03:e8:df:9e:bf:e9:a8:75:d3:33:2b:08:58:94: 1f:b4:89:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhFM0QxMTAvBgNVBAUTKDNBQUZGQkI3RUE0QTYwRDc3QkI0NDI4NEFDQkYyNUMz OThCQTlBNkQwHhcNMjUxMDE5MDE1MzAyWhcNMjUxMDI2MDE1MzAyWjAYMRYwFAYD VQQDEw02OGY0NDQ3ZS00OTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxDXPYCSUW4kdn7yC1LW55e+71AH2wFGHRjSdOfXiCewLbfCn+HU845Xx4UYK MqLGLL+S/ifmbjbFyySyb9fI7v1BlVZXdcftrUXn076ziIf2DoQU2ip9l5M1BqlX dF1hYaj1lizgz910TO07ha0krF4MHD/mgPR4Wh9ifx7XfmMhP8Tds19zPw1ygrQo 8ErAubTFIaDVvC6hJ9UsN+KoXoTVK9Z+jrUUEYj34PiZkFtl4+fqpj89PDKB2Bxd Ip6rW6zsDcVmWEoxfjcNIzmd+vKlDj299gUNGTyGhnDqNV23FUdgq0CeX0R7WYqA vGpHQDIuwj49TKQV/v4uLGDkVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHTuaoiz 4u2OBdusCAWBAkdjRt3wMB8GA1UdIwQYMBaAFDqv+7fqSmDXe7RChKy/JcOYuppt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEUzRC8wQUI0Mzg2QTU4 NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi9PcV83dC1wS1lOZDd0RUtFckw4bHc1aTZt bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09xXzd0LXBLWU5kN3RFS0VyTDhsdzVpNm1tMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OEUzRC8wQUI0Mzg2QTU4NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi9PcV83dC1wS1lO ZDd0RUtFckw4bHc1aTZtbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOynZ+SCo+oR3i99/jzYl5nc8cRU1pZRCUqrW3p/7UC6mmxP05KvOh c2DaZ4y1RaFAp0i/t/OEkDWLgdW0ql7suWZy6O8ZJ1o3SyRpZeFymalZF8627VTQ 2BtpAqadotH72e87vWRa5eR21EDN6RMVxqRSjmU/Cr0cAerfAUQU+264DLdj+0K2 UW+qRZOCyS4O0L6pOOnp4L1xLqR3pnOtYF3YcVtnQ20Dj0wQVoB9PvdGGysK6cXj XNvkJjsYfhpIjA4MzbGtEaDrarObj+jq8Wvt8hM4JTM7dztOpVpYcpEwa9stsXjv mKrQBb87A+jfnr/pqHXTMysIWJQftIl3 -----END CERTIFICATE-----Generated at Mon Oct 20 14:06:52 2025 by rpki-client