$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft File: NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft (raw, json) Hash identifier: rbRl26maicolqwzxZb2LnwVazbvEcNInMExHp/z4yYs= Subject key identifier: BF:5B:2A:B9:02:5F:86:18:44:62:98:B0:7E:45:6D:8E:70:9F:ED:DF Authority key identifier: 34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 Certificate issuer: /CN=A91FA562/serialNumber=340F813433719A760E3BFE21933687261179C327 Certificate serial: 01C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft Manifest number: 01C1 Signing time: Mon 03 Nov 2025 03:00:35 +0000 Manifest this update: Mon 03 Nov 2025 03:00:34 +0000 Manifest next update: Mon 10 Nov 2025 03:00:34 +0000 Files and hashes: 1: NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl (hash: 82A8vvcU5MwjWIhtE4HOeGtrTJ8w2ibUTxdfwgXRl6w=) 2: 7588035C913E11EFB46E9A72C4F9AE02.roa (hash: mBxiRWgEarnzYFat9Qg22lu2bbXA9CIcAcjVQbJnnic=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 454 (0x1c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA562, serialNumber=340F813433719A760E3BFE21933687261179C327 Validity Not Before: Nov 3 03:00:34 2025 GMT Not After : Nov 10 03:00:34 2025 GMT Subject: CN=69081ad2-00b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c3:ae:bb:02:f1:68:71:41:58:cd:0f:41:84: 93:cf:e7:d5:f1:bd:fc:11:a9:82:b5:b3:1d:b3:05: 15:ed:af:97:67:d0:8c:42:49:d5:fa:2b:ab:8b:ce: 47:aa:eb:f2:1a:f0:82:0f:6d:4a:a6:f5:3d:ec:0e: 2a:0f:74:a5:2a:5c:ab:e8:0b:d3:95:26:8e:a5:4b: ac:c3:62:36:94:3f:74:aa:7b:55:e8:fe:49:41:57: 9c:e1:f1:9b:fb:29:29:2a:9d:7b:df:86:05:d4:c3: ba:3f:48:e9:3e:03:2c:51:ee:f6:ac:43:fe:23:d8: 93:10:69:07:13:1b:ce:95:2e:ac:5d:1d:7b:ca:de: a8:ae:3f:ab:50:27:00:05:7a:39:7a:bd:18:d9:07: 86:11:f6:b7:4d:db:a6:54:17:d8:d9:4f:04:e6:02: 89:c7:84:73:74:37:ed:36:04:96:0d:38:40:ee:8c: 51:2f:cc:01:06:30:29:f6:f6:78:2a:65:6a:88:13: 6a:29:1a:b4:4f:f4:05:77:67:b5:50:23:7c:90:96: 9f:70:05:71:3d:5c:52:9b:10:88:6a:5b:a1:71:ee: 43:c0:67:e4:66:ce:81:1c:96:1d:0d:f1:59:11:04: de:15:97:2e:61:84:eb:c5:f2:01:aa:de:4b:46:03: b0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:5B:2A:B9:02:5F:86:18:44:62:98:B0:7E:45:6D:8E:70:9F:ED:DF X509v3 Authority Key Identifier: keyid:34:0F:81:34:33:71:9A:76:0E:3B:FE:21:93:36:87:26:11:79:C3:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NA-BNDNxmnYOO_4hkzaHJhF5wyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA562/2657F73E0BC911EE8F79BB5DC4F9AE02/NA-BNDNxmnYOO_4hkzaHJhF5wyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:9b:ef:67:23:0e:9d:ca:a8:55:76:d3:81:b6:64:2e:4e:37: 09:67:54:0c:29:44:8a:ee:be:0e:39:c5:4a:da:cb:ec:da:b2: 55:53:89:d4:99:6b:aa:64:89:3e:2f:5c:5e:b2:4b:03:24:86: c1:d1:d9:61:47:ed:66:f3:8a:f5:39:9d:cd:6e:a2:52:96:9b: d0:68:8c:5d:40:f4:2e:48:16:50:b6:f2:87:20:72:62:fe:44: c1:a4:4e:16:7f:e2:62:0c:56:5c:9f:bd:17:60:5a:48:47:e9: 85:61:5e:46:a1:14:b9:e6:e6:0c:74:97:d1:27:b8:b6:b4:78: a2:dd:d8:e0:d2:87:84:0b:98:ab:42:81:11:ff:70:1a:12:65: 03:cb:14:71:ec:75:48:fe:bf:f7:52:83:ef:41:da:89:cd:4b: b0:e3:b7:5c:86:da:ee:b2:82:45:37:77:fa:7a:f1:77:cf:72: 0a:3b:e2:17:3b:eb:76:6d:91:33:e7:8e:94:a3:f2:46:a6:42: 9c:e1:e2:b5:02:4d:05:bd:97:b0:eb:87:d3:28:79:b2:d1:e1: ab:ef:3b:45:23:4f:53:2e:f7:61:29:de:12:f8:11:91:f1:5c: 7b:b7:aa:db:9a:71:93:bf:e1:cc:77:8b:33:ba:ff:4b:de:70: 3b:f6:41:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NjIxMTAvBgNVBAUTKDM0MEY4MTM0MzM3MTlBNzYwRTNCRkUyMTkzMzY4NzI2 MTE3OUMzMjcwHhcNMjUxMTAzMDMwMDM0WhcNMjUxMTEwMDMwMDM0WjAYMRYwFAYD VQQDEw02OTA4MWFkMi0wMGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5sOuuwLxaHFBWM0PQYSTz+fV8b38EamCtbMdswUV7a+XZ9CMQknV+iuri85H quvyGvCCD21KpvU97A4qD3SlKlyr6AvTlSaOpUusw2I2lD90qntV6P5JQVec4fGb +ykpKp1734YF1MO6P0jpPgMsUe72rEP+I9iTEGkHExvOlS6sXR17yt6orj+rUCcA BXo5er0Y2QeGEfa3TdumVBfY2U8E5gKJx4RzdDftNgSWDThA7oxRL8wBBjAp9vZ4 KmVqiBNqKRq0T/QFd2e1UCN8kJafcAVxPVxSmxCIaluhce5DwGfkZs6BHJYdDfFZ EQTeFZcuYYTrxfIBqt5LRgOwPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL9bKrkC X4YYRGKYsH5FbY5wn+3fMB8GA1UdIwQYMBaAFDQPgTQzcZp2Djv+IZM2hyYRecMn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Mi8yNjU3RjczRTBC QzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1uWU9PXzRoa3phSEpoRjV3 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BLUJORE54bW5ZT09fNGhremFISmhGNXd5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Mi8yNjU3RjczRTBCQzkxMUVFOEY3OUJCNURDNEY5QUUwMi9OQS1CTkROeG1u WU9PXzRoa3phSEpoRjV3eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmm+9nIw6dyqhVdtOBtmQuTjcJZ1QMKUSK7r4OOcVK2svs2rJVU4nU mWuqZIk+L1xesksDJIbB0dlhR+1m84r1OZ3NbqJSlpvQaIxdQPQuSBZQtvKHIHJi /kTBpE4Wf+JiDFZcn70XYFpIR+mFYV5GoRS55uYMdJfRJ7i2tHii3djg0oeEC5ir QoER/3AaEmUDyxRx7HVI/r/3UoPvQdqJzUuw47dchtrusoJFN3f6evF3z3IKO+IX O+t2bZEz546Uo/JGpkKc4eK1Ak0FvZew64fTKHmy0eGr7ztFI09TLvdhKd4S+BGR 8Vx7t6rbmnGTv+HMd4szuv9L3nA79kEL -----END CERTIFICATE-----Generated at Mon Nov 3 18:14:43 2025 by rpki-client