$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft File: BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json) Hash identifier: KRBZMJxk28sXWJyVRyPCFIGQRG+UVP3ES6Ll1sWUiyw= Subject key identifier: 9F:E9:5A:7F:48:F7:05:AA:BA:01:4A:05:BC:7D:42:DF:AA:BC:05:2F Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB Certificate issuer: /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Certificate serial: 0224 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft Manifest number: 0221 Signing time: Wed 05 Nov 2025 02:11:26 +0000 Manifest this update: Wed 05 Nov 2025 02:11:25 +0000 Manifest next update: Wed 12 Nov 2025 02:11:25 +0000 Files and hashes: 1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: VkqMmExt07bTaq7a/+QTLTp3ldGF9u7dcspjh10qCJA=) 2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:11:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 548 (0x224) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Validity Not Before: Nov 5 02:11:25 2025 GMT Not After : Nov 12 02:11:25 2025 GMT Subject: CN=690ab24e-53dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:50:20:b3:a2:10:1a:03:04:7f:58:fe:21:b9: b9:88:80:7a:c4:b1:18:3f:ee:b8:ff:e5:1a:69:f6: e9:c2:97:59:29:11:46:09:5d:1d:33:32:be:9b:af: b8:6c:19:89:bf:f9:07:c8:18:2d:15:c4:1d:ff:60: b4:7b:14:1d:73:48:6c:19:ad:19:3b:1e:4d:7d:b0: 1d:c2:8b:9f:1e:a5:f8:f1:63:c6:56:e8:91:4d:1b: 69:03:7d:0e:a3:9c:d8:59:21:c5:8a:77:fc:22:73: 60:10:2b:4b:d8:d5:d5:31:1a:bc:1c:90:dd:57:2e: a5:88:09:a4:5c:d9:4f:b0:2e:02:a9:ea:32:f0:9c: 8e:5d:40:be:ce:74:ae:1f:33:0f:9e:08:ec:a7:99: 76:8d:cc:95:33:94:44:84:a6:fb:d1:98:ff:71:38: 2f:d0:e8:12:2f:10:e8:7f:89:1f:81:2e:30:ab:19: 86:11:42:e2:d6:a3:4d:c0:8a:28:4e:f7:f1:1f:c8: 6b:0a:ff:ce:17:28:a6:a1:a4:5e:16:7b:0e:46:6e: 54:2d:1d:d8:a9:c2:fa:2b:8f:7c:d0:13:2d:86:21: a4:d7:e4:79:20:30:ed:3c:64:9b:b5:e4:63:c2:93: c2:d1:d0:8e:e3:50:0d:0a:8a:2d:10:63:2e:ff:c4: e2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:E9:5A:7F:48:F7:05:AA:BA:01:4A:05:BC:7D:42:DF:AA:BC:05:2F X509v3 Authority Key Identifier: keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:18:14:31:98:3b:7b:47:18:28:33:ae:bf:b9:1b:81:a6:22: 9c:22:03:3d:5a:e3:76:f0:5a:92:eb:91:f4:69:3d:12:ba:3c: 48:9c:7a:0c:42:f8:7f:69:69:6f:f7:80:ca:98:28:ce:e6:5a: 32:a0:0f:3c:71:0f:d5:f1:73:d9:20:ba:a2:3a:53:06:46:7b: 93:f1:a7:fa:6f:7a:f2:5e:87:e3:62:7f:ad:74:a6:de:85:a4: 98:24:d2:70:6d:9a:c3:da:fb:74:bd:18:60:d6:5f:63:7d:21: cd:a0:23:b5:d9:c9:81:38:3e:67:c7:59:c8:57:f9:c6:cf:03: 0f:92:6e:7d:73:96:59:c8:3f:90:99:e3:02:e2:a9:67:69:f8: 3c:4e:b9:3a:05:ca:8c:d9:f0:e1:a4:dd:4a:1d:67:1d:c6:19: 98:be:ef:bf:4c:bf:8b:3b:87:6c:7b:f9:bc:72:72:10:4f:61: d3:30:2b:64:a8:af:6f:0e:ae:3e:38:aa:0d:22:a3:b8:a7:64: e8:ef:0d:3a:76:d7:64:60:8f:7f:5b:4e:e8:f0:62:4f:2d:ef: ff:e2:d2:86:83:18:c7:d0:0a:05:6c:5f:e1:db:a7:71:c2:da: 08:21:be:95:8f:ba:1a:9d:f7:46:38:5b:ea:c5:f8:b1:10:70: 32:14:98:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE NzhGQkZDQUIwHhcNMjUxMTA1MDIxMTI1WhcNMjUxMTEyMDIxMTI1WjAYMRYwFAYD VQQDEw02OTBhYjI0ZS01M2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy1Ags6IQGgMEf1j+Ibm5iIB6xLEYP+64/+UaafbpwpdZKRFGCV0dMzK+m6+4 bBmJv/kHyBgtFcQd/2C0exQdc0hsGa0ZOx5NfbAdwoufHqX48WPGVuiRTRtpA30O o5zYWSHFinf8InNgECtL2NXVMRq8HJDdVy6liAmkXNlPsC4Cqeoy8JyOXUC+znSu HzMPngjsp5l2jcyVM5REhKb70Zj/cTgv0OgSLxDof4kfgS4wqxmGEULi1qNNwIoo TvfxH8hrCv/OFyimoaReFnsORm5ULR3YqcL6K4980BMthiGk1+R5IDDtPGSbteRj wpPC0dCO41ANCootEGMu/8TiPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ/pWn9I 9wWqugFKBbx9Qt+qvAUvMB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhGBQxmDt7RxgoM66/uRuBpiKcIgM9WuN28FqS65H0aT0SujxInHoM Qvh/aWlv94DKmCjO5loyoA88cQ/V8XPZILqiOlMGRnuT8af6b3ryXofjYn+tdKbe haSYJNJwbZrD2vt0vRhg1l9jfSHNoCO12cmBOD5nx1nIV/nGzwMPkm59c5ZZyD+Q meMC4qlnafg8Trk6BcqM2fDhpN1KHWcdxhmYvu+/TL+LO4dse/m8cnIQT2HTMCtk qK9vDq4+OKoNIqO4p2To7w06dtdkYI9/W07o8GJPLe//4tKGgxjH0AoFbF/h26dx wtoIIb6Vj7oanfdGOFvqxfixEHAyFJiE -----END CERTIFICATE-----Generated at Wed Nov 5 10:30:13 2025 by rpki-client