$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft File: BNhIIeE7gDAzVMS-NDMdURHyvKY.mft (raw, json) Hash identifier: Nu1V8lmf6a2JMXWmzDTaMFcwEzEkDTUTgQkor8OitD4= Subject key identifier: 8E:C9:E6:BE:34:C2:91:79:41:F6:5D:E5:61:29:03:AF:FB:F0:63:98 Authority key identifier: 04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 Certificate issuer: /CN=A91F0721/serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Certificate serial: 01FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft Manifest number: 01FA Signing time: Mon 03 Nov 2025 02:23:24 +0000 Manifest this update: Mon 03 Nov 2025 02:23:24 +0000 Manifest next update: Mon 10 Nov 2025 02:23:24 +0000 Files and hashes: 1: BNhIIeE7gDAzVMS-NDMdURHyvKY.crl (hash: VrmbUii6V6jY26sqKcHJTSZd3KlrQ28mxgOfqe++k80=) 2: 7659B89AADCC11ED84051211C4F9AE02.roa (hash: S0QCets6nYQwhXbRnwnSRy3OBYGEXLOm6h5sFxoClJ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:23:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 509 (0x1fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0721, serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Validity Not Before: Nov 3 02:23:24 2025 GMT Not After : Nov 10 02:23:24 2025 GMT Subject: CN=6908121c-07e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:bc:e9:f9:71:0f:06:65:01:20:33:9a:05:71: 69:d2:d6:a8:ae:4d:39:3d:68:ad:b3:5f:50:95:75: cf:4c:7f:03:32:06:83:cc:c4:4d:e4:b2:b8:e4:eb: 2a:a3:70:97:4e:18:f7:84:f0:52:b4:d8:de:88:78: 7b:b3:3a:fa:ab:4e:7b:35:a5:72:23:5e:8e:7d:1b: 30:0f:77:c7:be:4e:4d:ef:15:ed:4d:29:1f:5c:2a: 66:c9:e2:2d:2b:39:f3:8d:be:dd:e5:1f:85:15:9a: 3e:8c:c5:e9:87:fa:1f:e7:f9:42:7a:94:77:0a:dc: 1e:b9:1c:92:13:66:f4:99:4a:62:d7:1e:57:88:8b: 59:4f:2f:f0:07:61:3d:ce:bc:7b:ac:f3:b1:21:d1: 2a:b0:6a:0e:3f:1c:59:ed:83:a0:f0:6f:b0:30:9f: b2:b0:3b:d5:9c:eb:c4:52:9e:0a:0b:9b:18:b3:f3: 59:9c:4a:81:bb:a2:de:5d:d5:02:72:92:fd:78:11: 31:ac:a2:d0:81:c3:14:dd:39:3f:aa:97:93:02:0c: a6:be:73:ef:45:54:bc:a2:4c:a2:e5:18:44:2b:92: 07:65:b8:9f:23:6e:4c:0d:0f:25:7f:38:9f:f5:e9: cf:7b:dd:c1:c1:9d:09:ce:47:9b:72:3a:50:32:30: 15:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:C9:E6:BE:34:C2:91:79:41:F6:5D:E5:61:29:03:AF:FB:F0:63:98 X509v3 Authority Key Identifier: keyid:04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:ec:68:7b:bf:8c:ec:ef:c4:35:dd:d6:3f:1c:1a:c4:4d:76: ae:8f:9e:5d:36:60:a2:e8:c2:94:49:db:9b:ff:c1:68:7f:bd: b2:97:bb:cb:95:2f:ba:02:5a:4d:4d:88:6d:d2:4b:9b:78:7f: ce:d8:9d:46:19:86:2e:67:f4:9d:b4:53:bf:7c:19:bb:82:78: d0:39:38:d3:a9:59:a5:bf:a8:08:4c:2a:23:ec:19:0b:76:dd: f2:36:ee:51:a5:67:9d:02:b0:56:3f:80:9f:82:bb:9e:cc:99: d8:78:c9:50:23:88:32:c9:f2:9a:c4:75:c0:e4:81:8f:ad:81: 77:4a:cb:f1:4e:03:13:36:16:5e:37:93:e6:c5:2e:59:89:3c: d8:db:10:9f:a6:0d:5b:8e:4e:6f:59:76:78:7f:21:98:1d:fd: 04:ca:4d:4d:c5:4b:b1:e8:91:44:e7:c2:7c:9b:8e:0c:88:88: d5:10:b6:df:74:93:dc:a0:4f:b6:f6:54:8b:8f:37:ea:4b:7d: 7f:b0:2f:b4:ba:f8:f4:88:f7:5d:93:a5:18:3e:aa:40:43:98: 78:82:60:3c:9f:cf:58:72:56:e7:25:a2:44:1d:1a:cc:3b:73: 83:3c:cb:f0:7c:23:2a:35:48:12:f9:6b:ea:af:33:54:a9:f3: f9:60:92:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjA3MjExMTAvBgNVBAUTKDA0RDg0ODIxRTEzQjgwMzAzMzU0QzRCRTM0MzMxRDUx MTFGMkJDQTYwHhcNMjUxMTAzMDIyMzI0WhcNMjUxMTEwMDIyMzI0WjAYMRYwFAYD VQQDEw02OTA4MTIxYy0wN2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxbzp+XEPBmUBIDOaBXFp0taork05PWits19QlXXPTH8DMgaDzMRN5LK45Osq o3CXThj3hPBStNjeiHh7szr6q057NaVyI16OfRswD3fHvk5N7xXtTSkfXCpmyeIt Kznzjb7d5R+FFZo+jMXph/of5/lCepR3CtweuRySE2b0mUpi1x5XiItZTy/wB2E9 zrx7rPOxIdEqsGoOPxxZ7YOg8G+wMJ+ysDvVnOvEUp4KC5sYs/NZnEqBu6LeXdUC cpL9eBExrKLQgcMU3Tk/qpeTAgymvnPvRVS8okyi5RhEK5IHZbifI25MDQ8lfzif 9enPe93BwZ0JzkebcjpQMjAViwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI7J5r40 wpF5QfZd5WEpA6/78GOYMB8GA1UdIwQYMBaAFATYSCHhO4AwM1TEvjQzHVER8rym MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDcyMS9DOTEyN0IzRUFE QzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dEQXpWTVMtTkRNZFVSSHl2 S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JOaElJZUU3Z0RBelZNUy1ORE1kVVJIeXZLWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDcyMS9DOTEyN0IzRUFEQzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dE QXpWTVMtTkRNZFVSSHl2S1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBT7Gh7v4zs78Q13dY/HBrETXauj55dNmCi6MKUSdub/8Fof72yl7vL lS+6AlpNTYht0kubeH/O2J1GGYYuZ/SdtFO/fBm7gnjQOTjTqVmlv6gITCoj7BkL dt3yNu5RpWedArBWP4CfgruezJnYeMlQI4gyyfKaxHXA5IGPrYF3SsvxTgMTNhZe N5PmxS5ZiTzY2xCfpg1bjk5vWXZ4fyGYHf0Eyk1NxUux6JFE58J8m44MiIjVELbf dJPcoE+29lSLjzfqS31/sC+0uvj0iPddk6UYPqpAQ5h4gmA8n89YclbnJaJEHRrM O3ODPMvwfCMqNUgS+WvqrzNUqfP5YJLx -----END CERTIFICATE-----Generated at Tue Nov 4 21:09:40 2025 by rpki-client