$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft File: BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json) Hash identifier: Oh/SdfKkVJlYFYWKiDDGkz2BYAx2o9ybxNLHb63cCKk= Subject key identifier: 9A:8C:3B:89:5C:1B:97:01:9D:24:1D:A8:61:62:19:3E:C2:57:EE:4B Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB Certificate issuer: /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Certificate serial: 01CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft Manifest number: 01C9 Signing time: Tue 13 May 2025 02:12:09 +0000 Manifest this update: Tue 13 May 2025 02:12:09 +0000 Manifest next update: Tue 20 May 2025 02:12:09 +0000 Files and hashes: 1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: pPT9Zf+GelgUKXd1T5gqpjyKi0y0+akWbmQ6k1/XIv0=) 2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:12:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 460 (0x1cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Validity Not Before: May 13 02:12:09 2025 GMT Not After : May 20 02:12:09 2025 GMT Subject: CN=6822aa79-d2a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f3:85:3a:81:4a:1b:dc:a9:d3:ba:3c:4c:0c: 72:3c:ee:62:6d:f2:4b:17:06:6c:ce:81:f0:25:6e: fb:89:4a:bc:fd:bd:d3:00:23:3c:75:b5:cd:ea:e6: 24:f7:58:77:aa:88:0b:15:7e:09:f8:17:43:be:5f: b6:b2:3f:c2:cb:cb:fe:a9:ca:4d:27:16:b5:9c:c1: df:3c:bd:9c:cd:2d:73:8d:7d:28:82:83:a6:3a:43: d6:06:d3:57:f9:46:ca:04:5d:b3:3b:ba:9b:5e:2c: 33:8b:43:d4:5d:07:d7:fd:6e:59:71:d4:70:40:2f: ba:22:15:07:51:be:80:bf:83:bf:09:79:56:be:fa: 16:55:04:7b:a5:da:cc:60:68:5f:4f:27:0f:6c:52: f0:38:50:a6:2c:fb:02:c4:3d:9a:a3:b8:ae:ea:b7: 6a:87:5c:cf:9b:48:04:e9:b7:e1:b1:2e:79:c5:8f: ac:bb:30:5b:5f:c8:8a:5c:51:a0:32:46:ef:62:50: 07:79:9f:77:75:4a:9b:eb:28:c7:38:99:7d:69:7f: 84:08:d7:b8:1f:b1:48:66:68:e3:fa:68:15:9e:8d: e4:db:47:74:47:f6:f9:15:de:28:ca:64:0f:24:c4: e4:28:46:8c:95:e8:12:05:ad:5c:c9:6d:24:e4:92: e4:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:8C:3B:89:5C:1B:97:01:9D:24:1D:A8:61:62:19:3E:C2:57:EE:4B X509v3 Authority Key Identifier: keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:35:89:c5:ef:24:6f:91:e7:a3:25:98:d9:f5:fd:97:68:50: ef:06:3c:10:72:51:cd:b3:88:be:79:c2:8e:8e:6f:67:a5:c8: 2b:3e:0b:0d:ca:30:30:5b:55:50:ca:84:ae:48:8d:e1:33:ef: c0:75:4e:9e:bd:b8:65:e9:10:57:55:cc:48:77:c3:34:a1:76: 98:4c:05:a3:3d:0c:84:e6:28:48:6a:83:5e:f4:9e:93:21:94: c7:61:45:d7:25:e8:8b:15:aa:74:78:03:7b:02:7d:62:8f:5f: 20:db:03:33:3e:fc:af:2f:30:0c:5d:75:06:c7:14:5b:a4:06: 7f:5c:50:68:83:b1:67:34:ca:37:88:9b:4e:73:0f:3f:97:20: 4b:eb:d4:0f:ca:f3:4f:17:11:dc:25:b5:49:2c:54:5b:86:8a: 9d:b0:56:24:ba:19:c4:af:0f:e8:8b:20:74:33:08:da:ec:79: 84:5b:b4:8f:6a:f4:87:ac:80:74:91:73:01:c8:95:97:ce:e0: 65:9a:07:93:af:04:d1:38:5d:1c:17:a7:6f:4d:58:48:69:e2: 2a:3a:5e:74:1a:21:99:01:83:5e:c2:3a:3f:23:17:29:68:72: e6:28:c4:d7:33:4a:60:1d:16:58:86:ba:ed:6f:47:49:d5:3c: 64:4c:b0:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE NzhGQkZDQUIwHhcNMjUwNTEzMDIxMjA5WhcNMjUwNTIwMDIxMjA5WjAYMRYwFAYD VQQDEw02ODIyYWE3OS1kMmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt/OFOoFKG9yp07o8TAxyPO5ibfJLFwZszoHwJW77iUq8/b3TACM8dbXN6uYk 91h3qogLFX4J+BdDvl+2sj/Cy8v+qcpNJxa1nMHfPL2czS1zjX0ogoOmOkPWBtNX +UbKBF2zO7qbXiwzi0PUXQfX/W5ZcdRwQC+6IhUHUb6Av4O/CXlWvvoWVQR7pdrM YGhfTycPbFLwOFCmLPsCxD2ao7iu6rdqh1zPm0gE6bfhsS55xY+suzBbX8iKXFGg MkbvYlAHeZ93dUqb6yjHOJl9aX+ECNe4H7FIZmjj+mgVno3k20d0R/b5Fd4oymQP JMTkKEaMlegSBa1cyW0k5JLkEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJqMO4lc G5cBnSQdqGFiGT7CV+5LMB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiNYnF7yRvkeejJZjZ9f2XaFDvBjwQclHNs4i+ecKOjm9npcgrPgsN yjAwW1VQyoSuSI3hM+/AdU6evbhl6RBXVcxId8M0oXaYTAWjPQyE5ihIaoNe9J6T IZTHYUXXJeiLFap0eAN7An1ij18g2wMzPvyvLzAMXXUGxxRbpAZ/XFBog7FnNMo3 iJtOcw8/lyBL69QPyvNPFxHcJbVJLFRbhoqdsFYkuhnErw/oiyB0Mwja7HmEW7SP avSHrIB0kXMByJWXzuBlmgeTrwTROF0cF6dvTVhIaeIqOl50GiGZAYNewjo/Ixcp aHLmKMTXM0pgHRZYhrrtb0dJ1TxkTLCW -----END CERTIFICATE-----Generated at Tue May 13 07:54:52 2025 by rpki-client