$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: 8qwaF0iMDJUTfGKJ1gJj2qcmA+URyNQEBcHqkh6nwNU= Subject key identifier: FA:9E:CB:6A:0B:27:6E:DD:CB:38:EF:31:A1:8E:F7:A3:5F:3E:83:04 Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 0956 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 091C Signing time: Wed 10 Sep 2025 20:35:00 +0000 Manifest this update: Wed 10 Sep 2025 20:34:59 +0000 Manifest next update: Wed 17 Sep 2025 20:34:59 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: uwI5V8bIEp/kvtlFGBcvx9N4nbsXEJ+obtBHmF36X8Q=) 2: F2A462E66B6C11F0B453B656C4F9AE02.roa (hash: Ms6hkj2gNBoVKwju3YpVFi7TOZ5XoCEB+ud2155SGQw=) 3: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (hash: krOpio4wz9zZ7mzvOOi6fz/jljv3s2vU7Ok4eA4dM3Q=) 4: 50805C5C6CF911F0A63D4C65C4F9AE02.roa (hash: Qpx6+MAMFv4aX1D2NecodjsfaY0GuU6bXaL2b1GdFHc=) 5: 88252000B55C11ECA9565039C4F9AE02.roa (hash: ROM2aBA2uOLvGraWZ2OMfhtRxZ5DusfnSKSNI9N61E8=) 6: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: J9pnyjCXshJdQFSggqWmHXW0nySYEfDGHTCaX/EZOYk=) 7: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: Ejx3yVkwMIGPx4PH4VpagQp/pASvV9ahz0Vqhx7EKZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 20:20:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2390 (0x956) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Sep 10 20:34:59 2025 GMT Not After : Sep 17 20:34:59 2025 GMT Subject: CN=68c1e0f3-4c36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:60:9f:90:cc:e0:e7:fd:06:4d:d3:6c:5e:33: da:3c:b4:20:6d:04:ce:77:fe:2e:b8:0e:9b:f7:86: 28:0a:8c:b4:dc:48:6b:41:20:cc:d0:40:21:08:5e: af:14:60:b2:42:fa:8a:5d:6d:4e:89:d7:f9:98:b2: 7e:78:40:2b:d7:af:f9:c7:c0:85:c6:f5:d9:11:da: c9:bd:3a:61:6a:e8:df:02:85:ec:38:85:bd:f4:c4: 7b:f6:b2:aa:9f:a1:c0:ad:4d:c4:4c:1f:50:e7:27: d1:e6:7f:7a:bb:d3:55:21:cd:56:75:74:db:6b:1b: 13:32:d9:18:e1:44:9c:ce:49:09:31:ee:f3:36:53: 28:2b:b7:28:17:cc:a4:df:30:1d:93:fa:ac:10:29: 3d:b3:e7:83:48:8f:ac:ac:fe:17:72:4d:e0:e5:b1: 81:3e:3f:39:61:f6:83:eb:83:34:72:cf:3a:b8:5f: 61:53:5a:bc:7a:3b:ed:ac:a7:a0:44:16:66:bb:d9: 0d:13:76:b9:1c:c0:c9:ff:45:47:08:72:60:1b:39: d2:ba:bf:dc:45:aa:57:09:07:e0:90:8c:e0:6c:0f: 7d:da:15:b7:10:0c:26:bc:63:4b:f3:f1:da:bf:78: 74:bc:9d:d5:10:31:7f:59:ed:eb:c0:47:6a:55:57: 4f:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:9E:CB:6A:0B:27:6E:DD:CB:38:EF:31:A1:8E:F7:A3:5F:3E:83:04 X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:1e:4c:f2:7b:3e:43:88:53:35:20:49:50:52:51:fb:fc:57: 63:4c:23:7a:1f:1b:18:9a:61:6a:be:f2:86:d0:4d:9e:35:cb: 7c:c7:6c:cc:1c:0d:c2:39:a0:52:6f:a3:1f:8c:16:99:7e:05: cb:a6:2f:f4:74:1d:c2:5f:49:de:c4:71:15:0a:bb:3f:10:b6: 7f:27:3e:c7:0e:da:34:6f:31:3f:0d:27:c7:72:9d:e5:ec:07: f5:52:b6:98:cd:05:6f:91:dd:17:16:2c:52:dd:9f:5b:15:73: f8:7b:9a:85:17:a8:c0:f3:01:b1:cc:c1:f8:01:01:ac:50:73: 12:06:9d:1c:8f:5f:4d:16:bc:2c:70:63:31:54:ac:ae:d3:18: 1f:fe:a5:e3:00:a4:e1:db:65:34:45:ed:b4:43:86:b0:53:5f: a3:7e:19:71:ff:e6:da:c7:66:4d:80:61:ef:50:02:92:c4:c7: 0e:75:8c:20:ee:78:48:07:16:24:98:7c:86:5f:b6:9c:52:2f: 30:91:7a:3b:f4:de:7c:88:15:71:8f:53:0f:b6:70:88:26:ab: 69:c9:1e:f4:d9:ef:2f:0a:05:27:f0:9b:a9:a4:53:95:de:64: 3c:80:a6:e0:d3:40:54:1f:35:3c:e6:04:83:e3:96:02:53:74: ee:64:dc:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUwOTEwMjAzNDU5WhcNMjUwOTE3MjAzNDU5WjAYMRYwFAYD VQQDEw02OGMxZTBmMy00YzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsmCfkMzg5/0GTdNsXjPaPLQgbQTOd/4uuA6b94YoCoy03EhrQSDM0EAhCF6v FGCyQvqKXW1Oidf5mLJ+eEAr16/5x8CFxvXZEdrJvTphaujfAoXsOIW99MR79rKq n6HArU3ETB9Q5yfR5n96u9NVIc1WdXTbaxsTMtkY4USczkkJMe7zNlMoK7coF8yk 3zAdk/qsECk9s+eDSI+srP4Xck3g5bGBPj85YfaD64M0cs86uF9hU1q8ejvtrKeg RBZmu9kNE3a5HMDJ/0VHCHJgGznSur/cRapXCQfgkIzgbA992hW3EAwmvGNL8/Ha v3h0vJ3VEDF/We3rwEdqVVdP1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPqey2oL J27dyzjvMaGO96NfPoMEMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARHkzyez5DiFM1IElQUlH7/FdjTCN6HxsYmmFqvvKG0E2eNct8x2zM HA3COaBSb6MfjBaZfgXLpi/0dB3CX0nexHEVCrs/ELZ/Jz7HDto0bzE/DSfHcp3l 7Af1UraYzQVvkd0XFixS3Z9bFXP4e5qFF6jA8wGxzMH4AQGsUHMSBp0cj19NFrws cGMxVKyu0xgf/qXjAKTh22U0Re20Q4awU1+jfhlx/+bax2ZNgGHvUAKSxMcOdYwg 7nhIBxYkmHyGX7acUi8wkXo79N58iBVxj1MPtnCIJqtpyR702e8vCgUn8JuppFOV 3mQ8gKbg00BUHzU85gSD45YCU3TuZNx9 -----END CERTIFICATE-----Generated at Wed Sep 10 22:16:26 2025 by rpki-client