$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft File: BNhIIeE7gDAzVMS-NDMdURHyvKY.mft (raw, json) Hash identifier: k+/PtR+TakE9tF8da5rdwv+W0YNwqMh1s2j7Q3R2ZEc= Subject key identifier: CA:6D:AC:EB:2C:45:31:DF:52:FE:2E:45:5A:16:6D:68:08:26:E2:63 Authority key identifier: 04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 Certificate issuer: /CN=A91F0721/serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Certificate serial: 01FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft Manifest number: 01FB Signing time: Wed 05 Nov 2025 02:31:43 +0000 Manifest this update: Wed 05 Nov 2025 02:31:42 +0000 Manifest next update: Wed 12 Nov 2025 02:31:42 +0000 Files and hashes: 1: BNhIIeE7gDAzVMS-NDMdURHyvKY.crl (hash: OLLzlQvJhscW69NIMQ9fPvgmWN6gkYjFvyRr92Yz2Rs=) 2: 7659B89AADCC11ED84051211C4F9AE02.roa (hash: S0QCets6nYQwhXbRnwnSRy3OBYGEXLOm6h5sFxoClJ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:31:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 510 (0x1fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0721, serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Validity Not Before: Nov 5 02:31:42 2025 GMT Not After : Nov 12 02:31:42 2025 GMT Subject: CN=690ab70e-0b2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8d:87:4e:40:75:78:e7:68:13:b0:51:a7:fa: 76:cb:8d:81:b8:12:55:cc:bb:57:b8:cc:86:93:0e: 2d:af:ab:57:8b:ee:b4:63:79:36:01:ef:c2:1e:7a: 97:51:de:6c:9f:f8:bb:9e:f6:7c:66:84:41:d4:e9: bc:f7:61:4f:90:be:37:66:38:ef:d7:59:af:9f:b9: 9a:81:a8:e5:64:8d:37:e9:82:f9:ee:61:a8:c6:ac: 96:52:b3:7e:94:24:be:6a:cd:75:2c:48:e7:c9:fc: 1e:0f:78:5a:82:81:3d:7c:a3:bb:2e:19:91:75:0e: ed:72:48:2a:be:dc:72:70:39:63:43:64:6a:12:4d: 4b:b2:f5:50:bb:16:43:1f:59:0a:90:6e:92:da:77: 0b:ab:c1:3d:9e:7c:2c:33:0a:8f:f8:87:eb:b7:43: 7f:72:bc:da:d3:d4:cd:40:b4:29:ee:21:c4:e4:bc: d4:13:1e:13:a1:78:8f:fb:e3:93:3f:4e:79:17:18: c0:2e:ce:d4:69:5f:e5:44:76:dd:ed:1a:bf:78:d2: ce:99:a5:53:9e:ac:96:8a:93:bc:dc:86:83:22:4a: f4:f3:ba:a8:44:26:fb:23:53:ab:81:2e:0f:55:20: 07:58:7d:51:f3:f3:1c:c1:bd:92:7e:93:6b:14:5a: 1f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:6D:AC:EB:2C:45:31:DF:52:FE:2E:45:5A:16:6D:68:08:26:E2:63 X509v3 Authority Key Identifier: keyid:04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:18:52:f4:3f:10:b8:09:79:82:c8:e3:c8:ef:64:9e:cd:10: c5:6c:92:bf:74:e9:5c:29:14:2c:71:8e:88:f4:39:c2:49:f2: 41:3d:f9:76:5e:f9:20:9a:f1:da:e3:b1:3a:a5:73:3c:b1:de: cc:65:bf:3e:2b:73:e1:c8:3f:ee:d9:c3:72:b1:5b:f9:94:c9: 07:8b:8f:87:2a:5a:d8:b8:03:40:61:75:06:b8:cc:85:2b:d3: 36:f3:36:ff:0e:de:b2:7c:eb:9b:a2:ae:55:5f:3f:9a:d2:52: dd:7e:a8:9c:21:60:49:81:df:2f:ab:44:de:b2:7b:ad:ae:69: 61:c6:30:8b:af:cc:93:8f:b7:61:1b:ae:db:23:fe:9d:d3:49: 78:f3:2c:56:30:80:d3:45:c1:d6:ad:81:c1:c5:27:06:03:2d: 90:c3:ad:ef:d8:80:6c:dc:8d:0f:39:fb:43:b6:b5:41:62:db: 25:dc:e6:81:41:35:dd:ab:a6:2b:c6:6b:36:89:31:a6:1a:27: 5b:be:1d:af:a8:2f:92:1b:11:ed:33:01:3b:36:a3:ca:e7:9b: c0:ac:5b:1d:bc:ca:c0:c5:de:71:8c:4e:c2:e7:92:79:16:d1: e4:2d:c0:11:56:d8:4f:c2:e3:0b:01:f1:23:6e:24:10:cb:28: ac:e3:c4:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjA3MjExMTAvBgNVBAUTKDA0RDg0ODIxRTEzQjgwMzAzMzU0QzRCRTM0MzMxRDUx MTFGMkJDQTYwHhcNMjUxMTA1MDIzMTQyWhcNMjUxMTEyMDIzMTQyWjAYMRYwFAYD VQQDEw02OTBhYjcwZS0wYjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAto2HTkB1eOdoE7BRp/p2y42BuBJVzLtXuMyGkw4tr6tXi+60Y3k2Ae/CHnqX Ud5sn/i7nvZ8ZoRB1Om892FPkL43Zjjv11mvn7magajlZI036YL57mGoxqyWUrN+ lCS+as11LEjnyfweD3hagoE9fKO7LhmRdQ7tckgqvtxycDljQ2RqEk1LsvVQuxZD H1kKkG6S2ncLq8E9nnwsMwqP+Ifrt0N/crza09TNQLQp7iHE5LzUEx4ToXiP++OT P055FxjALs7UaV/lRHbd7Rq/eNLOmaVTnqyWipO83IaDIkr087qoRCb7I1OrgS4P VSAHWH1R8/Mcwb2SfpNrFFofgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMptrOss RTHfUv4uRVoWbWgIJuJjMB8GA1UdIwQYMBaAFATYSCHhO4AwM1TEvjQzHVER8rym MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDcyMS9DOTEyN0IzRUFE QzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dEQXpWTVMtTkRNZFVSSHl2 S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JOaElJZUU3Z0RBelZNUy1ORE1kVVJIeXZLWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDcyMS9DOTEyN0IzRUFEQzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dE QXpWTVMtTkRNZFVSSHl2S1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyGFL0PxC4CXmCyOPI72SezRDFbJK/dOlcKRQscY6I9DnCSfJBPfl2 XvkgmvHa47E6pXM8sd7MZb8+K3PhyD/u2cNysVv5lMkHi4+HKlrYuANAYXUGuMyF K9M28zb/Dt6yfOuboq5VXz+a0lLdfqicIWBJgd8vq0TesnutrmlhxjCLr8yTj7dh G67bI/6d00l48yxWMIDTRcHWrYHBxScGAy2Qw63v2IBs3I0POftDtrVBYtsl3OaB QTXdq6Yrxms2iTGmGidbvh2vqC+SGxHtMwE7NqPK55vArFsdvMrAxd5xjE7C55J5 FtHkLcARVthPwuMLAfEjbiQQyyis48RI -----END CERTIFICATE-----Generated at Wed Nov 5 11:22:27 2025 by rpki-client