$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft File: BFm798uEwX7tUbaM6tlBlX14X68.mft (raw, json) Hash identifier: kQ9oPlraMUF3QRol39cga7n3iAVn8LWXfUY1zEjfo2o= Subject key identifier: C4:BC:91:2B:BB:95:1C:CC:D4:2C:C2:62:D7:25:89:34:FE:9D:26:BB Authority key identifier: 04:59:BB:F7:CB:84:C1:7E:ED:51:B6:8C:EA:D9:41:95:7D:78:5F:AF Certificate issuer: /CN=A91CFBA9/serialNumber=0459BBF7CB84C17EED51B68CEAD941957D785FAF Certificate serial: 12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft Manifest number: 10 Signing time: Mon 03 Nov 2025 07:58:06 +0000 Manifest this update: Mon 03 Nov 2025 07:58:05 +0000 Manifest next update: Mon 10 Nov 2025 07:58:05 +0000 Files and hashes: 1: BFm798uEwX7tUbaM6tlBlX14X68.crl (hash: q0SHiD1oFlQy+Eq58NPPGGRbBaZWMAzRex8ZjBsVqBc=) 2: 88B9736AA77811F092FD731BC4F9AE02.roa (hash: u+cn9UutTPsBz+rSTM9fD/qL+39w/7zRbkPYbDsgfs4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.crl rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:58:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFBA9, serialNumber=0459BBF7CB84C17EED51B68CEAD941957D785FAF Validity Not Before: Nov 3 07:58:05 2025 GMT Not After : Nov 10 07:58:05 2025 GMT Subject: CN=6908608d-7bec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:85:6e:8f:f6:44:d8:7b:94:00:a7:89:c8:c8: f5:62:f8:f4:0d:e3:85:2a:66:b8:a5:93:2a:5b:42: 05:86:f6:2b:7a:91:43:2c:3f:5c:59:bf:53:d4:15: a7:8e:54:6b:8c:ce:7e:f5:74:7c:32:64:2b:3c:58: 80:67:fa:5d:c8:c8:8d:ba:8c:57:7a:7f:ac:1c:d9: 58:10:30:5a:86:a2:f1:18:33:c1:fe:6d:15:21:cb: 41:6d:f8:ca:7f:ad:9c:69:2f:98:ee:60:2c:17:b9: 39:a3:6c:7c:aa:4f:cf:c7:62:4a:d9:df:29:fc:29: f1:a8:e4:f9:c0:d4:e5:3c:59:b5:64:d7:66:fb:a9: 46:c6:cc:4d:b8:5a:12:44:71:0a:5d:78:4a:80:12: 20:40:d8:b4:b1:1d:dd:86:0c:19:5e:ec:53:bb:77: e6:ba:b3:f8:99:5b:79:15:3d:5c:d5:1d:7e:1f:4b: 69:63:42:cb:2a:9b:10:68:ee:98:5e:d7:2c:a0:9c: 8f:03:76:a5:af:14:c8:80:ea:7d:b0:9c:11:b5:48: f4:66:e1:a8:11:5d:4c:c7:fd:0a:ba:65:7e:e4:fb: d6:2f:bf:1a:ca:12:b4:b2:63:1f:f7:22:9f:ff:21: d8:d9:79:6b:cf:cd:fd:ff:0c:21:77:9d:4f:4f:a1: f9:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:BC:91:2B:BB:95:1C:CC:D4:2C:C2:62:D7:25:89:34:FE:9D:26:BB X509v3 Authority Key Identifier: keyid:04:59:BB:F7:CB:84:C1:7E:ED:51:B6:8C:EA:D9:41:95:7D:78:5F:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:01:3b:d5:b3:de:d8:dd:bf:5b:5c:8c:10:ec:60:88:aa:fb: f8:e1:9b:87:20:21:a9:06:59:21:37:11:ed:a8:f2:4c:27:3f: 25:7e:61:47:85:3f:b5:3a:4a:dc:dc:2d:09:84:de:51:64:9f: 7f:d1:14:5e:34:f0:30:52:f7:bd:1f:83:d1:76:3c:cd:88:28: ac:80:06:70:fc:cc:f2:46:4a:fa:26:46:27:09:2e:1b:57:bc: bd:87:55:aa:5b:a1:ff:55:d4:62:31:8d:39:25:39:03:79:11: 48:a4:ab:2d:da:81:e3:6e:26:d2:19:96:58:95:67:2a:95:1e: d8:db:8b:88:9a:e5:8e:92:d2:06:29:9f:09:e7:12:f7:c8:49: 01:e3:0e:82:30:1c:de:32:25:ab:cf:8a:db:2b:eb:fe:71:c5: 25:f4:87:ac:a0:7f:53:a2:98:89:62:27:d2:2b:64:ba:fc:b1: b0:5f:57:ec:e2:24:1f:9d:f2:a2:81:b3:00:9e:d8:1f:86:6e: a6:2c:82:ab:88:f7:50:80:89:55:9f:25:d8:a8:1f:92:ba:0e: 9e:2a:40:e8:03:be:be:fd:a0:36:70:22:d3:2d:df:95:3e:3e: f6:74:7e:e7:57:13:36:c0:04:f0:15:0c:f6:fd:11:bc:7a:77: aa:e9:c8:64 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkJBOTExMC8GA1UEBRMoMDQ1OUJCRjdDQjg0QzE3RUVENTFCNjhDRUFEOTQxOTU3 RDc4NUZBRjAeFw0yNTExMDMwNzU4MDVaFw0yNTExMTAwNzU4MDVaMBgxFjAUBgNV BAMTDTY5MDg2MDhkLTdiZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDahW6P9kTYe5QAp4nIyPVi+PQN44UqZrilkypbQgWG9it6kUMsP1xZv1PUFaeO VGuMzn71dHwyZCs8WIBn+l3IyI26jFd6f6wc2VgQMFqGovEYM8H+bRUhy0Ft+Mp/ rZxpL5juYCwXuTmjbHyqT8/HYkrZ3yn8KfGo5PnA1OU8WbVk12b7qUbGzE24WhJE cQpdeEqAEiBA2LSxHd2GDBle7FO7d+a6s/iZW3kVPVzVHX4fS2ljQssqmxBo7phe 1yygnI8DdqWvFMiA6n2wnBG1SPRm4agRXUzH/Qq6ZX7k+9YvvxrKErSyYx/3Ip// IdjZeWvPzf3/DCF3nU9PofkBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxLyRK7uV HMzULMJi1yWJNP6dJrswHwYDVR0jBBgwFoAUBFm798uEwX7tUbaM6tlBlX14X68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGQkE5LzU3MzAxNTlBQTc3 NTExRjA5NERFQkYyREM0RjlBRTAyL0JGbTc5OHVFd1g3dFViYU02dGxCbFgxNFg2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQkZtNzk4dUV3WDd0VWJhTTZ0bEJsWDE0WDY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG QkE5LzU3MzAxNTlBQTc3NTExRjA5NERFQkYyREM0RjlBRTAyL0JGbTc5OHVFd1g3 dFViYU02dGxCbFgxNFg2OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFoBO9Wz3tjdv1tcjBDsYIiq+/jhm4cgIakGWSE3Ee2o8kwnPyV+YUeF P7U6StzcLQmE3lFkn3/RFF408DBS970fg9F2PM2IKKyABnD8zPJGSvomRicJLhtX vL2HVapbof9V1GIxjTklOQN5EUikqy3ageNuJtIZlliVZyqVHtjbi4ia5Y6S0gYp nwnnEvfISQHjDoIwHN4yJavPitsr6/5xxSX0h6ygf1OimIliJ9IrZLr8sbBfV+zi JB+d8qKBswCe2B+GbqYsgquI91CAiVWfJdioH5K6Dp4qQOgDvr79oDZwItMt35U+ PvZ0fudXEzbABPAVDPb9Ebx6d6rpyGQ= -----END CERTIFICATE-----Generated at Wed Nov 5 04:07:05 2025 by rpki-client