$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: ZSNU5xnqeqUP3cpiC9g0cwL7S0fb327/+WVKIucSxw0= Subject key identifier: 75:3B:FC:8A:57:BC:41:C9:59:A4:6C:68:C9:87:D2:9F:BA:04:FD:8D Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0D9C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D7A Signing time: Mon 20 Oct 2025 18:30:24 +0000 Manifest this update: Mon 20 Oct 2025 18:30:23 +0000 Manifest next update: Mon 27 Oct 2025 18:30:23 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: h3XuAEWOhRgMlnja6UhjKfuzoIXrarM6b4Ps3cv2q7w=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:30:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3484 (0xd9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: Oct 20 18:30:23 2025 GMT Not After : Oct 27 18:30:23 2025 GMT Subject: CN=68f67fbf-af7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:58:bc:19:ee:8c:13:0f:cb:f2:2b:8d:7d:85: ac:e5:eb:b3:11:17:41:da:93:a3:94:7b:06:c7:a5: 47:b3:e2:83:ed:71:7d:4d:40:8b:3a:58:0f:22:43: df:24:4d:47:ba:e3:a6:da:ba:65:17:38:e9:e7:61: c6:e5:20:8c:07:2b:4c:69:83:b3:8d:85:64:0f:89: d8:0b:db:49:ab:65:36:f1:2d:15:c0:cb:45:6f:77: 4a:d5:83:fb:7b:b5:c6:f5:21:25:f3:66:8d:5d:f5: 8a:c7:8b:d0:f3:95:68:d2:df:2c:ad:18:a7:2a:0b: 5a:36:b4:bf:6e:79:85:00:48:d1:bb:66:6e:13:ac: 4f:ef:fb:07:a4:a4:69:b5:d2:00:9b:45:93:96:99: 95:3e:f9:1a:44:37:94:72:6c:26:38:24:97:b0:c1: 59:7d:d9:13:fc:85:10:67:44:ae:83:1f:1d:4c:4e: ec:44:33:6c:c4:09:96:f0:f3:e0:e8:58:dc:3b:a1: 30:b7:68:93:45:72:7a:88:36:bc:cd:73:66:61:28: de:ec:34:6d:9a:6e:f5:41:de:c5:bf:e3:80:54:55: f4:81:cf:96:a7:8d:05:11:ab:c9:e4:06:42:d2:f6: 0c:8c:be:ac:3f:67:4c:91:1e:b4:29:57:ae:91:1f: 15:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3B:FC:8A:57:BC:41:C9:59:A4:6C:68:C9:87:D2:9F:BA:04:FD:8D X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:4f:b6:e1:66:45:9b:ac:28:04:33:de:c1:d8:54:1e:dd:d2: a0:99:ef:44:ed:bf:fb:f3:49:c2:3a:84:31:4e:a1:4a:4d:9a: 54:bd:4c:59:8b:de:b7:28:5a:84:c8:99:3b:d2:23:3d:c9:dd: 9e:dd:3d:bf:b0:e9:67:c9:d0:a2:6a:a5:22:98:7a:22:f5:9d: 1f:13:14:d0:6f:ab:c1:f2:12:08:15:fc:4d:93:69:22:ff:58: bb:63:fd:08:26:aa:29:86:4a:94:cc:b6:9d:c5:74:0a:f8:ae: d9:86:97:19:5d:fd:b0:94:b6:e9:ad:d4:c0:3f:66:61:e5:f1: 66:f8:52:c8:45:0e:8e:3f:df:ad:55:92:d1:a9:d0:81:9f:ab: d5:ce:14:77:19:46:78:1a:5a:b4:1a:4f:ea:d1:f9:3f:40:42: 72:17:27:80:c0:6c:19:80:2c:bf:45:fb:59:99:33:a3:97:4d: 30:bc:de:b8:0c:0a:bc:b0:df:fb:bf:f7:c2:46:9d:8e:e2:46: d8:ab:72:71:e0:e4:20:bd:14:95:1b:43:e4:8f:ec:e8:59:db: 31:22:d7:bb:fc:3e:c8:f9:15:67:6d:52:49:67:7e:ee:f3:97: 3d:7a:51:28:2f:34:86:5d:8a:86:9a:bb:66:e2:13:db:6f:62: 22:1e:e4:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUxMDIwMTgzMDIzWhcNMjUxMDI3MTgzMDIzWjAYMRYwFAYD VQQDEw02OGY2N2ZiZi1hZjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVi8Ge6MEw/L8iuNfYWs5euzERdB2pOjlHsGx6VHs+KD7XF9TUCLOlgPIkPf JE1HuuOm2rplFzjp52HG5SCMBytMaYOzjYVkD4nYC9tJq2U28S0VwMtFb3dK1YP7 e7XG9SEl82aNXfWKx4vQ85Vo0t8srRinKgtaNrS/bnmFAEjRu2ZuE6xP7/sHpKRp tdIAm0WTlpmVPvkaRDeUcmwmOCSXsMFZfdkT/IUQZ0Sugx8dTE7sRDNsxAmW8PPg 6FjcO6Ewt2iTRXJ6iDa8zXNmYSje7DRtmm71Qd7Fv+OAVFX0gc+Wp40FEavJ5AZC 0vYMjL6sP2dMkR60KVeukR8VlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHU7/IpX vEHJWaRsaMmH0p+6BP2NMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3T7bhZkWbrCgEM97B2FQe3dKgme9E7b/780nCOoQxTqFKTZpUvUxZ i963KFqEyJk70iM9yd2e3T2/sOlnydCiaqUimHoi9Z0fExTQb6vB8hIIFfxNk2ki /1i7Y/0IJqophkqUzLadxXQK+K7ZhpcZXf2wlLbprdTAP2Zh5fFm+FLIRQ6OP9+t VZLRqdCBn6vVzhR3GUZ4Glq0Gk/q0fk/QEJyFyeAwGwZgCy/RftZmTOjl00wvN64 DAq8sN/7v/fCRp2O4kbYq3Jx4OQgvRSVG0Pkj+zoWdsxIte7/D7I+RVnbVJJZ37u 85c9elEoLzSGXYqGmrtm4hPbb2IiHuRT -----END CERTIFICATE-----Generated at Wed Oct 22 17:01:11 2025 by rpki-client