$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft File: bwlMAO-I_YtwgT1trctUaHYyjNk.mft (raw, json) Hash identifier: M8/FmRjHvfLG7buWNMhG1Lhwq9hH2SVISWAG5FHXV5M= Subject key identifier: A7:C0:91:C7:2B:9A:E3:0B:D5:24:5F:07:44:70:9C:3A:D8:C4:8A:C7 Authority key identifier: 6F:09:4C:00:EF:88:FD:8B:70:81:3D:6D:AD:CB:54:68:76:32:8C:D9 Certificate issuer: /CN=A91F8E25/serialNumber=6F094C00EF88FD8B70813D6DADCB546876328CD9 Certificate serial: 21C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bwlMAO-I_YtwgT1trctUaHYyjNk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft Manifest number: 2DEF Signing time: Tue 04 Nov 2025 15:32:59 +0000 Manifest this update: Tue 04 Nov 2025 15:32:58 +0000 Manifest next update: Tue 11 Nov 2025 15:32:58 +0000 Files and hashes: 1: bwlMAO-I_YtwgT1trctUaHYyjNk.crl (hash: taUSdbo/sv70IlT9vyZzivyobdV/VjcbptYPXja4XNs=) 2: 85D25098E00111E596BC7D1BC4F9AE02.roa (hash: gA1KT8HsqI/GnzzqWgFcFoqfNIoKvvP6VXwU1a0U7f0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.crl rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bwlMAO-I_YtwgT1trctUaHYyjNk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:32:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8644 (0x21c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8E25, serialNumber=6F094C00EF88FD8B70813D6DADCB546876328CD9 Validity Not Before: Nov 4 15:32:58 2025 GMT Not After : Nov 11 15:32:58 2025 GMT Subject: CN=690a1cab-eaf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:63:f3:06:0b:00:3f:82:e5:55:8b:81:26:57: 64:1a:41:fd:04:6e:f7:37:c4:51:b1:ca:4f:53:6c: f0:7f:6f:47:7b:6e:62:90:0f:9b:73:30:ae:ca:a5: 1c:b3:5d:69:75:b5:57:62:26:0c:0a:55:31:39:08: fe:55:41:97:ac:23:80:d4:7b:01:29:fc:32:fa:23: 3e:25:22:b0:49:24:f4:df:11:cf:bd:ba:60:8d:11: ce:63:fa:15:5f:5a:14:8a:44:65:f1:55:92:c4:74: 70:55:e7:08:0b:65:60:70:47:57:c7:92:f7:ff:f3: cc:a3:b5:74:be:72:c8:0b:97:25:84:fb:00:b0:44: be:06:ac:83:c0:8d:ba:f6:c1:81:0a:04:b9:0c:ad: 03:50:b2:b9:af:5b:c9:87:2b:4d:6a:71:14:22:7d: ca:8c:88:88:79:43:9c:1e:e7:62:b2:5b:3f:6b:28: 93:af:6e:85:32:dc:3a:97:c0:bc:05:ce:26:a2:d4: 78:58:9c:2a:4c:ea:9f:13:3a:74:d2:cb:da:f1:bc: 8b:0b:1e:ed:1e:27:4f:1f:f5:45:e8:3c:46:f6:00: 2b:3b:87:15:81:29:24:3b:69:4c:1d:59:9d:c2:b1: 49:f9:70:79:f3:3d:59:39:e9:e0:2a:7e:ff:fc:03: 9a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:C0:91:C7:2B:9A:E3:0B:D5:24:5F:07:44:70:9C:3A:D8:C4:8A:C7 X509v3 Authority Key Identifier: keyid:6F:09:4C:00:EF:88:FD:8B:70:81:3D:6D:AD:CB:54:68:76:32:8C:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bwlMAO-I_YtwgT1trctUaHYyjNk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:1f:55:f9:de:4a:d3:e2:39:df:a5:c8:8c:9a:a4:d5:f7:de: 87:52:d8:3a:89:2c:5f:de:1b:53:9d:77:70:35:b8:45:f6:76: c8:40:e4:a9:74:28:13:ec:70:f1:3d:90:a6:4e:1e:00:38:5e: 79:c0:ec:d7:db:b0:b5:70:0c:bc:e4:c3:3c:a8:74:3e:e2:b2: 57:57:a4:21:05:80:17:1c:1a:2d:dc:ad:d9:4f:c0:fd:30:d7: 9e:d8:15:6e:a5:d6:35:21:1a:65:65:00:39:8a:05:d0:5a:2f: 6c:ed:d9:34:59:d9:fd:e5:c4:b4:fa:43:ba:77:87:35:19:4e: f7:81:36:2f:96:3d:f4:11:cc:27:48:5f:8f:06:32:a7:98:a6: cd:92:1b:b3:ac:17:34:bd:41:8f:6a:ac:a6:01:b7:c5:f7:aa: 41:b1:ad:0d:af:90:2a:5b:82:8f:0b:e8:8c:28:29:0d:21:0f: 35:db:84:bc:f7:3e:47:76:a3:42:3c:d3:d7:60:6c:54:91:79: 20:d3:ad:7b:09:52:a5:dc:c0:c4:cc:16:46:22:5a:4b:4e:7b: 92:7c:96:a8:59:81:aa:53:d8:2e:be:88:c1:ef:a1:8a:e0:30: 8a:34:81:7f:da:de:6e:d6:eb:fb:78:c7:b8:2a:43:8d:e7:03: 85:7b:f8:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhFMjUxMTAvBgNVBAUTKDZGMDk0QzAwRUY4OEZEOEI3MDgxM0Q2REFEQ0I1NDY4 NzYzMjhDRDkwHhcNMjUxMTA0MTUzMjU4WhcNMjUxMTExMTUzMjU4WjAYMRYwFAYD VQQDEw02OTBhMWNhYi1lYWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsGPzBgsAP4LlVYuBJldkGkH9BG73N8RRscpPU2zwf29He25ikA+bczCuyqUc s11pdbVXYiYMClUxOQj+VUGXrCOA1HsBKfwy+iM+JSKwSST03xHPvbpgjRHOY/oV X1oUikRl8VWSxHRwVecIC2VgcEdXx5L3//PMo7V0vnLIC5clhPsAsES+BqyDwI26 9sGBCgS5DK0DULK5r1vJhytNanEUIn3KjIiIeUOcHudisls/ayiTr26FMtw6l8C8 Bc4motR4WJwqTOqfEzp00sva8byLCx7tHidPH/VF6DxG9gArO4cVgSkkO2lMHVmd wrFJ+XB58z1ZOengKn7//AOaYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKfAkccr muML1SRfB0RwnDrYxIrHMB8GA1UdIwQYMBaAFG8JTADviP2LcIE9ba3LVGh2MozZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEUyNS9GNDM0NDExNjhB MkUxMUUzQjVCNkU5NUU1OTExRUEzMi9id2xNQU8tSV9ZdHdnVDF0cmN0VWFIWXlq TmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2J3bE1BTy1JX1l0d2dUMXRyY3RVYUhZeWpOay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OEUyNS9GNDM0NDExNjhBMkUxMUUzQjVCNkU5NUU1OTExRUEzMi9id2xNQU8tSV9Z dHdnVDF0cmN0VWFIWXlqTmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgH1X53krT4jnfpciMmqTV996HUtg6iSxf3htTnXdwNbhF9nbIQOSp dCgT7HDxPZCmTh4AOF55wOzX27C1cAy85MM8qHQ+4rJXV6QhBYAXHBot3K3ZT8D9 MNee2BVupdY1IRplZQA5igXQWi9s7dk0Wdn95cS0+kO6d4c1GU73gTYvlj30Ecwn SF+PBjKnmKbNkhuzrBc0vUGPaqymAbfF96pBsa0Nr5AqW4KPC+iMKCkNIQ8124S8 9z5HdqNCPNPXYGxUkXkg0617CVKl3MDEzBZGIlpLTnuSfJaoWYGqU9guvojB76GK 4DCKNIF/2t5u1uv7eMe4KkON5wOFe/gz -----END CERTIFICATE-----Generated at Wed Nov 5 17:16:24 2025 by rpki-client