$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: NQwIIYV1pnfi6EjRfZjPeKLU5aqZgU3dDVsKE8BMwwc= Subject key identifier: DF:61:9A:72:FB:20:47:AB:D3:CE:E2:0E:F9:18:BD:FA:13:F0:B5:30 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0D85 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D63 Signing time: Thu 04 Sep 2025 18:10:00 +0000 Manifest this update: Thu 04 Sep 2025 18:10:00 +0000 Manifest next update: Thu 11 Sep 2025 18:10:00 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: ccqwlnwNUly8K57elpXTk62IlMDBXLrDZwb7YKIO2Os=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 18:10:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3461 (0xd85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: Sep 4 18:10:00 2025 GMT Not After : Sep 11 18:10:00 2025 GMT Subject: CN=68b9d5f8-4557 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:96:93:98:b1:32:e7:e2:02:e2:1e:70:99:11: 09:d2:1f:03:f9:71:df:82:62:ec:2f:a7:ca:50:54: cb:80:85:0f:75:06:50:5a:08:47:aa:01:b3:7c:67: e9:ba:2a:1d:47:68:6a:e5:23:b3:5b:52:5a:53:9e: ab:1e:12:b8:6e:d9:79:66:dd:f0:14:f4:a9:9b:20: 99:da:8f:42:e0:5b:02:d9:4b:5e:df:84:5d:a7:0a: d7:42:39:39:33:b6:cd:75:3a:44:73:8b:c1:2e:5d: b8:1d:b0:59:56:55:9a:99:a0:0a:25:5a:d6:6f:d9: 3e:1e:30:fd:53:89:65:49:89:a5:b6:94:fd:14:46: 9c:89:66:1d:96:21:75:89:f0:05:ad:61:24:26:66: 49:af:26:9b:c6:f4:6f:76:66:eb:a6:fe:21:80:f6: a0:b1:00:98:ab:5e:2a:09:29:86:6f:81:2c:bb:9c: 20:04:4d:7c:0b:71:69:f1:5e:6d:b2:b2:f5:f4:28: bb:8b:76:b7:21:7f:1c:ba:17:3a:73:ee:0b:4f:ad: 2e:de:b9:f2:1a:05:f6:8e:e0:60:de:6f:24:ca:56: e2:35:80:31:5d:cf:ce:0e:68:61:19:fe:bf:fc:c9: b9:8a:dc:86:f9:9a:11:75:37:9d:c0:05:a5:13:cc: fc:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:61:9A:72:FB:20:47:AB:D3:CE:E2:0E:F9:18:BD:FA:13:F0:B5:30 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:d0:cb:62:27:9f:99:5b:55:cf:7f:a2:df:0e:36:46:d5:5c: 91:e8:3f:17:27:8f:76:e6:28:c4:f5:60:67:72:90:a6:b2:e9: c5:b1:19:69:b5:f8:98:7b:c0:33:31:c5:4b:53:a2:d2:c3:8e: 5e:0e:f5:97:1e:f6:fa:32:00:cd:7a:1e:52:f2:29:6d:e9:42: 6a:36:0e:93:0d:23:a3:c8:eb:93:c8:37:a0:ed:9d:ff:a1:a8: d0:e1:fb:10:20:41:c3:05:65:b4:22:a2:17:c7:9c:9b:0f:7d: b4:1d:40:06:80:d4:7f:15:99:9e:39:9e:7b:e2:c8:b8:ec:95: 59:0f:3c:c2:66:e7:2c:d1:23:29:53:5c:43:74:32:c4:00:bb: 08:93:d8:38:c2:e3:8f:86:d4:9a:a6:6e:ea:f9:de:12:8c:4e: 80:1c:fa:5d:60:59:2c:44:5e:9c:75:f1:3b:c9:e4:59:7f:8a: 32:15:bb:ed:8d:a3:4e:45:07:89:18:d7:42:48:fb:b2:34:a8: 05:69:81:16:c7:28:e9:f3:fa:fd:3c:d8:46:b1:a9:e5:92:c9: ab:d9:06:22:d0:75:e2:bf:a0:a8:55:00:85:b8:d5:86:94:22: 24:19:ba:7a:f9:2b:56:7a:ba:d9:82:f9:a6:13:68:8e:01:b0: e9:66:a9:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUwOTA0MTgxMDAwWhcNMjUwOTExMTgxMDAwWjAYMRYwFAYD VQQDEw02OGI5ZDVmOC00NTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq5aTmLEy5+IC4h5wmREJ0h8D+XHfgmLsL6fKUFTLgIUPdQZQWghHqgGzfGfp uiodR2hq5SOzW1JaU56rHhK4btl5Zt3wFPSpmyCZ2o9C4FsC2Ute34RdpwrXQjk5 M7bNdTpEc4vBLl24HbBZVlWamaAKJVrWb9k+HjD9U4llSYmltpT9FEaciWYdliF1 ifAFrWEkJmZJryabxvRvdmbrpv4hgPagsQCYq14qCSmGb4Esu5wgBE18C3Fp8V5t srL19Ci7i3a3IX8cuhc6c+4LT60u3rnyGgX2juBg3m8kylbiNYAxXc/ODmhhGf6/ /Mm5ityG+ZoRdTedwAWlE8z8ywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN9hmnL7 IEer087iDvkYvfoT8LUwMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAP0MtiJ5+ZW1XPf6LfDjZG1VyR6D8XJ4925ijE9WBncpCmsunFsRlp tfiYe8AzMcVLU6LSw45eDvWXHvb6MgDNeh5S8ilt6UJqNg6TDSOjyOuTyDeg7Z3/ oajQ4fsQIEHDBWW0IqIXx5ybD320HUAGgNR/FZmeOZ574si47JVZDzzCZucs0SMp U1xDdDLEALsIk9g4wuOPhtSapm7q+d4SjE6AHPpdYFksRF6cdfE7yeRZf4oyFbvt jaNORQeJGNdCSPuyNKgFaYEWxyjp8/r9PNhGsanlksmr2QYi0HXiv6CoVQCFuNWG lCIkGbp6+StWerrZgvmmE2iOAbDpZqkz -----END CERTIFICATE-----Generated at Sat Sep 6 15:21:32 2025 by rpki-client