$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: teS2xXcsgXSYbCGCDr71cnSLD/h47ZwA9Hgw82Dyrn0= Subject key identifier: 78:6A:99:D5:1D:B3:4B:90:DB:7E:7A:A7:0A:57:83:50:30:2C:02:E7 Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 0971 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 0937 Signing time: Sun 02 Nov 2025 20:16:30 +0000 Manifest this update: Sun 02 Nov 2025 20:16:29 +0000 Manifest next update: Sun 09 Nov 2025 20:16:29 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: YBqwIAoJRRnWizK5HRFvgspkL1QH/0BF4Z8x81t0kDY=) 2: F2A462E66B6C11F0B453B656C4F9AE02.roa (hash: Ms6hkj2gNBoVKwju3YpVFi7TOZ5XoCEB+ud2155SGQw=) 3: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (hash: krOpio4wz9zZ7mzvOOi6fz/jljv3s2vU7Ok4eA4dM3Q=) 4: 50805C5C6CF911F0A63D4C65C4F9AE02.roa (hash: Qpx6+MAMFv4aX1D2NecodjsfaY0GuU6bXaL2b1GdFHc=) 5: 88252000B55C11ECA9565039C4F9AE02.roa (hash: ROM2aBA2uOLvGraWZ2OMfhtRxZ5DusfnSKSNI9N61E8=) 6: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: J9pnyjCXshJdQFSggqWmHXW0nySYEfDGHTCaX/EZOYk=) 7: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: Ejx3yVkwMIGPx4PH4VpagQp/pASvV9ahz0Vqhx7EKZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2417 (0x971) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Nov 2 20:16:29 2025 GMT Not After : Nov 9 20:16:29 2025 GMT Subject: CN=6907bc1e-f1e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:be:f4:c4:dd:63:15:35:fa:52:ca:74:ba:b0: 3d:6c:5c:c9:d7:0f:20:2f:bb:54:f5:81:ff:c9:dd: 7e:9f:df:b2:ed:04:58:0f:49:6d:b9:d8:0e:62:cd: dc:37:b2:3a:5e:b2:b6:cc:ce:e0:00:f1:02:5d:0a: 2e:55:44:74:a2:c5:64:51:f7:61:35:2f:93:d9:33: ce:eb:ab:0b:35:6b:b4:22:9d:37:cc:a9:e4:90:fd: ed:1f:5c:85:cd:03:b6:ad:24:9f:0b:76:0f:61:11: b0:8a:7c:45:34:ff:ea:b3:e6:1f:20:87:67:20:5a: b6:16:c2:e2:77:4a:75:01:73:22:2a:29:3e:50:33: 41:5d:dc:88:69:d6:4d:94:3f:1d:48:59:97:ce:29: d9:ea:ee:17:f8:f9:05:2b:d7:77:ea:cf:d0:46:b6: 3c:70:2b:c7:0b:72:c2:52:57:cd:06:e1:9d:96:d0: de:64:24:c3:f4:e9:04:f6:d8:6c:4b:24:a3:76:01: 9e:26:89:72:86:b1:8c:27:da:85:d9:68:f7:05:0d: 83:72:be:00:f9:17:00:3d:7c:79:54:ed:cb:39:49: 25:43:00:bf:0f:82:2a:37:bb:13:0e:9f:7e:39:42: 5b:1a:ff:2e:95:38:80:b7:67:a5:4e:61:c0:ed:51: 57:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:6A:99:D5:1D:B3:4B:90:DB:7E:7A:A7:0A:57:83:50:30:2C:02:E7 X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:ba:af:ff:b4:b2:92:5f:9a:1b:38:c9:ad:d0:38:96:f9:4a: 93:29:2e:71:82:9b:28:e1:a6:9b:4a:7e:e6:eb:a6:a7:18:50: f2:32:1e:d8:d8:a9:a5:27:9d:08:83:60:89:61:7d:3b:af:e4: 9b:76:db:10:d7:81:f0:ad:d9:02:72:2d:d2:17:a8:0f:2a:0d: d6:01:8a:89:cc:da:4a:4e:fd:a0:1c:a9:a8:dc:56:5e:e8:bd: e6:c5:08:70:61:68:3a:40:d4:e4:b4:a0:87:9c:47:95:85:73: 0e:a0:8e:6b:a4:2b:75:ca:4d:c2:8e:0c:82:8d:f9:0b:e4:7b: 2b:7d:3f:4a:45:28:11:7e:f1:1b:49:da:55:7c:b0:db:48:16: 30:84:77:3c:cb:1d:43:c6:9e:f4:02:5a:9b:65:ae:fa:13:2c: 15:34:dd:60:b2:79:c9:2e:c6:6e:4b:ae:5a:af:75:e9:45:12: b7:37:ce:28:07:06:78:aa:1e:d9:cb:3c:5a:b7:5f:e1:fa:2a: cd:e5:5c:ae:cb:00:c0:53:f4:12:65:dc:32:d4:13:1d:a8:38: b9:0d:69:44:b8:54:6c:28:2e:1f:84:58:89:9a:20:e0:ff:34: 2a:96:3a:8e:f9:6d:e4:18:ca:79:9f:b8:6b:76:91:1f:a6:d5: 97:2e:82:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUxMTAyMjAxNjI5WhcNMjUxMTA5MjAxNjI5WjAYMRYwFAYD VQQDEw02OTA3YmMxZS1mMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyL70xN1jFTX6Usp0urA9bFzJ1w8gL7tU9YH/yd1+n9+y7QRYD0ltudgOYs3c N7I6XrK2zM7gAPECXQouVUR0osVkUfdhNS+T2TPO66sLNWu0Ip03zKnkkP3tH1yF zQO2rSSfC3YPYRGwinxFNP/qs+YfIIdnIFq2FsLid0p1AXMiKik+UDNBXdyIadZN lD8dSFmXzinZ6u4X+PkFK9d36s/QRrY8cCvHC3LCUlfNBuGdltDeZCTD9OkE9ths SySjdgGeJolyhrGMJ9qF2Wj3BQ2Dcr4A+RcAPXx5VO3LOUklQwC/D4IqN7sTDp9+ OUJbGv8ulTiAt2elTmHA7VFXWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHhqmdUd s0uQ2356pwpXg1AwLALnMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUuq//tLKSX5obOMmt0DiW+UqTKS5xgpso4aabSn7m66anGFDyMh7Y 2KmlJ50Ig2CJYX07r+SbdtsQ14HwrdkCci3SF6gPKg3WAYqJzNpKTv2gHKmo3FZe 6L3mxQhwYWg6QNTktKCHnEeVhXMOoI5rpCt1yk3CjgyCjfkL5HsrfT9KRSgRfvEb SdpVfLDbSBYwhHc8yx1Dxp70AlqbZa76EywVNN1gsnnJLsZuS65ar3XpRRK3N84o BwZ4qh7Zyzxat1/h+irN5VyuywDAU/QSZdwy1BMdqDi5DWlEuFRsKC4fhFiJmiDg /zQqljqO+W3kGMp5n7hrdpEfptWXLoKq -----END CERTIFICATE-----Generated at Tue Nov 4 01:10:10 2025 by rpki-client