$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: BxQNGi2ZIrCJ6YFPGJGJg+J7REah7qNKe4wJbPWoM78= Subject key identifier: 7D:E9:04:35:43:10:0E:E1:BF:53:66:FC:5B:E6:75:95:2E:69:C5:F8 Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 0945 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 090B Signing time: Fri 08 Aug 2025 20:46:53 +0000 Manifest this update: Fri 08 Aug 2025 20:46:52 +0000 Manifest next update: Fri 15 Aug 2025 20:46:52 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: yjCwrbalelajf65pKeiUpwk0X6iXj7TPc8y7/kh3ACU=) 2: F2A462E66B6C11F0B453B656C4F9AE02.roa (hash: Ms6hkj2gNBoVKwju3YpVFi7TOZ5XoCEB+ud2155SGQw=) 3: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (hash: krOpio4wz9zZ7mzvOOi6fz/jljv3s2vU7Ok4eA4dM3Q=) 4: 50805C5C6CF911F0A63D4C65C4F9AE02.roa (hash: Qpx6+MAMFv4aX1D2NecodjsfaY0GuU6bXaL2b1GdFHc=) 5: 88252000B55C11ECA9565039C4F9AE02.roa (hash: ROM2aBA2uOLvGraWZ2OMfhtRxZ5DusfnSKSNI9N61E8=) 6: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: J9pnyjCXshJdQFSggqWmHXW0nySYEfDGHTCaX/EZOYk=) 7: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: Ejx3yVkwMIGPx4PH4VpagQp/pASvV9ahz0Vqhx7EKZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2373 (0x945) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Aug 8 20:46:52 2025 GMT Not After : Aug 15 20:46:52 2025 GMT Subject: CN=6896623d-a687 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:51:ae:92:cf:6b:0c:22:e8:a8:a9:ac:ea:d3: 9f:e9:6c:26:c5:d0:49:35:69:c8:17:03:55:f0:9f: eb:59:3e:58:03:52:6a:72:c0:75:2d:91:e2:23:a2: f5:b4:f5:e6:6b:38:e6:d7:95:5c:3f:2c:aa:9b:a0: 01:d5:63:61:90:e6:83:e0:f9:3e:ea:d2:7f:00:ca: 77:29:d5:a6:56:eb:d1:c8:5e:e0:ba:0d:c1:a4:1b: bf:42:f5:ab:2f:4a:93:a8:fe:55:68:21:fb:69:1c: 13:96:41:c5:56:c6:dc:1c:ea:a0:f8:af:0b:00:17: a5:67:0a:cf:e3:be:f0:ff:42:ef:ca:5f:2c:f3:e9: 7b:c9:46:c5:a2:57:6b:25:82:ec:d1:19:87:27:be: 67:86:03:98:08:f5:2a:91:b6:3b:2e:58:9e:d8:76: b7:08:fe:da:a8:20:c8:0d:a0:89:68:c6:d7:77:73: 71:84:c3:63:04:e0:03:88:cb:2c:8b:7a:92:e9:e4: 4f:cb:a9:ce:65:fe:12:3f:87:7d:6a:54:8d:75:01: 9a:0b:ca:86:e1:01:07:95:1b:fc:b6:7c:42:06:30: 5a:72:49:5e:61:54:4f:5e:e6:a8:87:bd:d7:91:04: 22:07:94:c8:29:be:48:b1:f8:8d:19:ba:8c:97:af: 2a:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:E9:04:35:43:10:0E:E1:BF:53:66:FC:5B:E6:75:95:2E:69:C5:F8 X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:2e:98:fc:f8:98:e6:72:94:42:d8:9f:f3:bf:40:42:90:8c: df:3c:96:d6:58:6f:bb:4b:af:3c:79:9f:ed:b4:a8:9f:82:2b: ea:aa:cc:09:de:8f:17:d4:c7:b0:70:f6:26:f8:80:f7:6a:37: 8a:81:6f:04:71:cb:2b:38:ce:4d:45:d6:75:7a:09:ff:ad:5d: 88:b1:5f:7c:f8:bd:e9:32:43:a0:d5:89:eb:41:e5:00:eb:00: 9c:2a:cd:97:da:69:af:18:e1:b1:30:55:72:5f:49:b7:e5:d5: d8:ff:59:e1:75:7d:b9:9f:81:da:b1:36:eb:f2:c7:0f:03:4c: 13:15:d7:9e:9c:fd:28:77:d0:e1:ac:f0:a4:29:7d:72:20:a6: bd:9e:b9:3d:ef:27:7f:c6:74:17:c3:17:b8:54:5d:83:aa:92: 3e:c6:bc:6a:7c:5a:97:3a:cb:25:10:a5:8d:cb:85:a6:a1:38: 56:25:25:8f:9f:bf:5a:44:42:43:8e:dc:ab:eb:0b:b6:30:6b: 6a:69:96:59:2b:df:ac:ab:ce:7d:7e:c4:8b:5a:fd:b4:96:62: de:d3:1e:5a:91:32:fd:55:d5:d7:22:e6:a6:6a:d8:96:cf:03: 74:54:0a:0f:f7:fb:75:63:dd:a5:56:18:48:d5:71:38:b9:2c: 3d:df:00:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUwODA4MjA0NjUyWhcNMjUwODE1MjA0NjUyWjAYMRYwFAYD VQQDEw02ODk2NjIzZC1hNjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnlGuks9rDCLoqKms6tOf6WwmxdBJNWnIFwNV8J/rWT5YA1JqcsB1LZHiI6L1 tPXmazjm15VcPyyqm6AB1WNhkOaD4Pk+6tJ/AMp3KdWmVuvRyF7gug3BpBu/QvWr L0qTqP5VaCH7aRwTlkHFVsbcHOqg+K8LABelZwrP477w/0Lvyl8s8+l7yUbFoldr JYLs0RmHJ75nhgOYCPUqkbY7Llie2Ha3CP7aqCDIDaCJaMbXd3NxhMNjBOADiMss i3qS6eRPy6nOZf4SP4d9alSNdQGaC8qG4QEHlRv8tnxCBjBackleYVRPXuaoh73X kQQiB5TIKb5IsfiNGbqMl68qYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH3pBDVD EA7hv1Nm/FvmdZUuacX4MB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2Lpj8+JjmcpRC2J/zv0BCkIzfPJbWWG+7S688eZ/ttKifgivqqswJ 3o8X1MewcPYm+ID3ajeKgW8EccsrOM5NRdZ1egn/rV2IsV98+L3pMkOg1YnrQeUA 6wCcKs2X2mmvGOGxMFVyX0m35dXY/1nhdX25n4HasTbr8scPA0wTFdeenP0od9Dh rPCkKX1yIKa9nrk97yd/xnQXwxe4VF2DqpI+xrxqfFqXOsslEKWNy4WmoThWJSWP n79aREJDjtyr6wu2MGtqaZZZK9+sq859fsSLWv20lmLe0x5akTL9VdXXIuamatiW zwN0VAoP9/t1Y92lVhhI1XE4uSw93wAW -----END CERTIFICATE-----Generated at Sun Aug 10 10:33:05 2025 by rpki-client