$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: VbUCTntXKP+JjU/RHiv0jKz1RTkSBjlinwRXPcwI8+Y= Subject key identifier: 3C:2C:6D:7E:11:FE:20:01:77:D8:D0:49:9A:E8:F5:C9:5D:AE:FD:AD Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 0972 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 0938 Signing time: Tue 04 Nov 2025 20:24:32 +0000 Manifest this update: Tue 04 Nov 2025 20:24:32 +0000 Manifest next update: Tue 11 Nov 2025 20:24:32 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: FxbPteiA/yZIB6epXBV3jmKsqA2bSy83kCyVLWxvR8Y=) 2: F2A462E66B6C11F0B453B656C4F9AE02.roa (hash: Ms6hkj2gNBoVKwju3YpVFi7TOZ5XoCEB+ud2155SGQw=) 3: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (hash: krOpio4wz9zZ7mzvOOi6fz/jljv3s2vU7Ok4eA4dM3Q=) 4: 50805C5C6CF911F0A63D4C65C4F9AE02.roa (hash: Qpx6+MAMFv4aX1D2NecodjsfaY0GuU6bXaL2b1GdFHc=) 5: 88252000B55C11ECA9565039C4F9AE02.roa (hash: ROM2aBA2uOLvGraWZ2OMfhtRxZ5DusfnSKSNI9N61E8=) 6: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: J9pnyjCXshJdQFSggqWmHXW0nySYEfDGHTCaX/EZOYk=) 7: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: Ejx3yVkwMIGPx4PH4VpagQp/pASvV9ahz0Vqhx7EKZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:24:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2418 (0x972) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Nov 4 20:24:32 2025 GMT Not After : Nov 11 20:24:32 2025 GMT Subject: CN=690a6100-491f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a5:0b:f0:58:98:e0:48:64:10:4c:4f:e2:a2: c8:70:28:1c:82:1f:98:18:88:b7:6b:5a:4e:d2:e0: e6:44:30:a3:09:6e:97:57:c2:f7:73:0f:38:45:ee: 7b:4f:f0:17:ff:b7:92:cf:45:b6:c3:99:fd:07:ea: b2:87:2e:53:8c:f2:88:90:df:98:6e:bd:ac:a8:c7: ce:39:46:a9:d4:24:9b:4e:96:b5:c8:72:7a:7b:8b: 1c:04:e4:ab:a0:fc:2a:e1:07:7c:18:52:c5:62:43: 16:e6:43:b2:15:43:65:a4:a1:2f:c9:21:af:8b:52: 45:7f:1e:1e:03:e9:8d:5e:a9:72:e6:a1:d1:44:f4: c9:c4:5b:12:6e:40:f6:73:1e:0c:34:e4:1b:b5:e0: 69:18:e0:18:9e:47:c9:fc:de:a3:e4:c8:27:33:56: 09:ea:7c:43:c4:c4:e0:89:fd:31:22:95:3f:89:37: 1e:03:24:98:e3:65:d6:99:4c:22:ef:26:cc:b4:d2: 6c:8f:6d:e6:4c:c1:62:01:71:bc:c0:22:c1:a3:fe: a0:b8:01:86:61:4f:f3:02:9d:d0:51:30:8c:2e:91: c7:08:c2:b1:82:f9:15:e3:5c:f8:e1:69:8f:72:04: ef:ad:b8:b0:e0:26:26:90:8f:be:79:36:bd:b7:2b: 6f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:2C:6D:7E:11:FE:20:01:77:D8:D0:49:9A:E8:F5:C9:5D:AE:FD:AD X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:60:c5:03:00:19:ee:a4:97:84:59:a7:b0:41:b9:8a:9b:03: 5f:5f:c8:2e:96:e1:07:2a:a5:14:cb:6d:cc:e8:f1:cf:5d:64: 2c:07:21:b5:f8:92:b3:d2:9d:29:5b:43:4b:80:61:c1:86:98: 83:ff:3a:c7:40:88:91:1c:f8:db:3f:de:f9:77:37:64:e5:91: 37:ff:6b:f7:d7:cc:d7:c1:9f:a5:86:21:f0:92:f6:ba:77:ca: d3:22:af:36:43:b6:f5:4d:9e:ed:90:8c:e6:f8:d1:70:7b:15: d2:3a:1b:93:ad:28:74:aa:ed:cd:f2:58:9d:40:73:c2:1d:34: a2:2c:e0:17:24:5f:90:d8:a5:d3:9a:9d:e8:4b:7c:3b:f4:03: 69:cf:ee:fb:7c:45:47:06:66:a3:41:54:62:3c:9e:04:95:e3: f2:73:c3:65:db:82:76:b1:c4:3c:03:ad:07:d2:4a:f2:4b:14: 47:e6:9b:ce:8a:95:50:8b:8c:ee:e5:ce:66:39:4d:e9:f5:bc: 59:3f:b8:8c:42:30:f3:da:69:06:1b:33:05:06:51:aa:de:12: 08:67:76:c1:46:37:02:a6:51:8c:a3:ed:65:99:5b:b3:d7:5a: 1b:fe:9d:ac:7d:4a:6d:f0:5a:c2:3f:a6:1b:67:75:b3:aa:c3: a7:a3:1f:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUxMTA0MjAyNDMyWhcNMjUxMTExMjAyNDMyWjAYMRYwFAYD VQQDEw02OTBhNjEwMC00OTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6UL8FiY4EhkEExP4qLIcCgcgh+YGIi3a1pO0uDmRDCjCW6XV8L3cw84Re57 T/AX/7eSz0W2w5n9B+qyhy5TjPKIkN+Ybr2sqMfOOUap1CSbTpa1yHJ6e4scBOSr oPwq4Qd8GFLFYkMW5kOyFUNlpKEvySGvi1JFfx4eA+mNXqly5qHRRPTJxFsSbkD2 cx4MNOQbteBpGOAYnkfJ/N6j5MgnM1YJ6nxDxMTgif0xIpU/iTceAySY42XWmUwi 7ybMtNJsj23mTMFiAXG8wCLBo/6guAGGYU/zAp3QUTCMLpHHCMKxgvkV41z44WmP cgTvrbiw4CYmkI++eTa9tytvwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDwsbX4R /iABd9jQSZro9cldrv2tMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDHYMUDABnupJeEWaewQbmKmwNfX8guluEHKqUUy23M6PHPXWQsByG1 +JKz0p0pW0NLgGHBhpiD/zrHQIiRHPjbP975dzdk5ZE3/2v318zXwZ+lhiHwkva6 d8rTIq82Q7b1TZ7tkIzm+NFwexXSOhuTrSh0qu3N8lidQHPCHTSiLOAXJF+Q2KXT mp3oS3w79ANpz+77fEVHBmajQVRiPJ4ElePyc8Nl24J2scQ8A60H0krySxRH5pvO ipVQi4zu5c5mOU3p9bxZP7iMQjDz2mkGGzMFBlGq3hIIZ3bBRjcCplGMo+1lmVuz 11ob/p2sfUpt8FrCP6YbZ3WzqsOnox+A -----END CERTIFICATE-----Generated at Wed Nov 5 00:24:34 2025 by rpki-client