$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft File: BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json) Hash identifier: zoLjmWn2SB6X7ikPDdEPL9xkv/AHMWS+Lr8LA/elaCc= Subject key identifier: 8A:C4:81:DB:DD:D2:A3:D0:D3:CE:A1:07:50:02:EE:17:78:95:D3:35 Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB Certificate issuer: /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Certificate serial: 01F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft Manifest number: 01F5 Signing time: Sat 09 Aug 2025 02:49:54 +0000 Manifest this update: Sat 09 Aug 2025 02:49:53 +0000 Manifest next update: Sat 16 Aug 2025 02:49:53 +0000 Files and hashes: 1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: sxdwFbYtNPc/8rGY3y88iuSDTZovJyGGQQjAohMHMGI=) 2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 504 (0x1f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Validity Not Before: Aug 9 02:49:53 2025 GMT Not After : Aug 16 02:49:53 2025 GMT Subject: CN=6896b751-1383 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f3:cd:7f:2b:25:8e:75:93:06:ac:0c:09:a1: e3:7c:78:80:a8:75:b8:42:1f:01:81:a6:c3:82:6c: 58:ad:2f:8e:ee:a7:36:47:2c:36:f5:b0:ab:b8:ca: b2:1b:d0:b9:a1:cc:b6:ce:0e:3b:7c:b7:14:16:52: 4b:67:20:01:6e:54:4c:f6:c4:e0:28:09:03:35:57: 4c:32:e1:da:15:05:98:f2:95:7d:f1:85:84:28:6a: 22:9b:66:8a:36:08:75:a8:54:8f:06:37:ba:00:1f: 1f:5d:d1:90:75:23:7f:de:d2:22:85:f0:92:42:1f: a4:3b:7e:95:2b:e2:48:0c:94:9f:36:c2:ab:3e:1e: 88:c3:d4:e8:d0:b1:0c:56:94:3a:39:d1:09:39:91: 91:84:1e:99:12:96:8d:5d:1b:8c:2f:bc:1a:a2:80: f8:23:75:43:06:51:9d:6d:63:7f:70:48:18:90:a9: 8c:3a:bd:36:57:0a:9d:84:60:bc:b1:2c:fb:90:b9: f7:f5:b3:2b:24:b1:68:eb:1c:d6:4e:9a:5d:5b:d3: 26:16:5c:a7:7d:1e:24:ad:5a:44:a6:5f:88:e1:b5: 69:db:a7:9b:7b:e8:22:87:71:ab:fc:57:17:b8:87: 7c:d3:1a:8a:c8:fe:a9:30:92:06:09:8f:da:fc:a3: 17:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:C4:81:DB:DD:D2:A3:D0:D3:CE:A1:07:50:02:EE:17:78:95:D3:35 X509v3 Authority Key Identifier: keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:b6:b0:ee:a4:5b:67:d1:85:25:bc:47:e6:20:2d:91:d1:83: 48:2f:3c:12:e1:f0:cc:9f:a8:8c:fe:30:80:23:ed:7c:da:6b: 08:9f:81:f5:3c:4e:5f:65:c8:b4:94:86:65:74:20:b3:7e:4b: be:9b:d4:81:59:45:65:46:d8:d6:8a:0e:4a:b6:f1:61:9e:2e: 43:95:12:1a:8e:27:46:34:48:25:b0:ee:16:4a:38:e8:b6:67: 86:ca:9a:f2:5e:9d:66:50:a1:bb:d2:bd:6f:d1:27:4d:46:0c: 47:15:3c:d7:7c:60:ce:f8:3c:48:5c:db:11:c9:75:cb:6d:80: d3:d8:f4:30:0f:ce:f4:63:31:71:3d:b9:8d:74:6e:cb:98:33: 14:e2:42:53:10:d7:c2:4e:80:20:a4:2e:7e:9f:8a:6c:50:87: 94:0f:a1:13:08:7d:d1:cf:44:a2:6b:5b:5d:68:fe:2f:fa:5b: 40:3e:0c:6c:83:e5:fc:d0:26:46:31:b1:26:bf:fc:b8:90:ca: 86:7f:c2:ac:30:7a:85:b8:27:6b:b3:6e:10:23:fe:d5:3b:d1: 05:0c:7a:9c:df:d9:4f:d3:94:6c:91:b6:77:f8:b3:90:e6:27: 46:22:57:8a:fe:47:0e:30:16:94:3a:2c:b6:b5:fa:d2:e2:89: 24:9a:27:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE NzhGQkZDQUIwHhcNMjUwODA5MDI0OTUzWhcNMjUwODE2MDI0OTUzWjAYMRYwFAYD VQQDEw02ODk2Yjc1MS0xMzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzvPNfysljnWTBqwMCaHjfHiAqHW4Qh8BgabDgmxYrS+O7qc2Ryw29bCruMqy G9C5ocy2zg47fLcUFlJLZyABblRM9sTgKAkDNVdMMuHaFQWY8pV98YWEKGoim2aK Ngh1qFSPBje6AB8fXdGQdSN/3tIihfCSQh+kO36VK+JIDJSfNsKrPh6Iw9To0LEM VpQ6OdEJOZGRhB6ZEpaNXRuML7waooD4I3VDBlGdbWN/cEgYkKmMOr02VwqdhGC8 sSz7kLn39bMrJLFo6xzWTppdW9MmFlynfR4krVpEpl+I4bVp26ebe+gih3Gr/FcX uId80xqKyP6pMJIGCY/a/KMXswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIrEgdvd 0qPQ086hB1AC7hd4ldM1MB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8trDupFtn0YUlvEfmIC2R0YNILzwS4fDMn6iM/jCAI+182msIn4H1 PE5fZci0lIZldCCzfku+m9SBWUVlRtjWig5KtvFhni5DlRIajidGNEglsO4WSjjo tmeGypryXp1mUKG70r1v0SdNRgxHFTzXfGDO+DxIXNsRyXXLbYDT2PQwD870YzFx PbmNdG7LmDMU4kJTENfCToAgpC5+n4psUIeUD6ETCH3Rz0Sia1tdaP4v+ltAPgxs g+X80CZGMbEmv/y4kMqGf8KsMHqFuCdrs24QI/7VO9EFDHqc39lP05RskbZ3+LOQ 5idGIleK/kcOMBaUOiy2tfrS4okkmidD -----END CERTIFICATE-----Generated at Sat Aug 9 14:32:47 2025 by rpki-client