$ rpki-client -vvf rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft File: BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft (raw, json) Hash identifier: lJR3fiHTwZwAeE7K/xqvaG4XR7T+d1Xy7IkY6NBERdk= Subject key identifier: BB:6F:B3:A6:F1:D8:53:01:4A:AD:A1:9E:A0:43:E0:CA:40:88:ED:B0 Authority key identifier: 05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB Certificate issuer: /CN=A915E77C/serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Certificate serial: 021C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft Manifest number: 0219 Signing time: Sun 19 Oct 2025 04:25:10 +0000 Manifest this update: Sun 19 Oct 2025 04:25:09 +0000 Manifest next update: Sun 26 Oct 2025 04:25:09 +0000 Files and hashes: 1: BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl (hash: UBC34ETh+ZKozjM5OeWwMizzKI0pARioZ7FwwmPJWW4=) 2: A20DDFE2725911ED8CB4D763C4F9AE02.roa (hash: YLNPavuZCOudMxVfyqmjZm9NJz/Z+dCM3fPBM36z61c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:25:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 540 (0x21c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915E77C, serialNumber=05037E4CDE44EC6642C4169FA851372D78FBFCAB Validity Not Before: Oct 19 04:25:09 2025 GMT Not After : Oct 26 04:25:09 2025 GMT Subject: CN=68f46826-4f27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a5:45:c5:54:22:26:b3:77:c9:4b:93:0d:fb: a5:df:eb:0d:4b:b3:3c:c5:b3:e9:87:d2:d3:6d:67: e9:bd:f3:b3:ee:d8:38:2a:93:b1:2f:2b:27:d9:18: fe:05:f8:7c:e8:e3:1a:79:87:24:ee:4c:6f:65:d5: 50:68:2d:37:44:57:1a:29:fb:9c:f6:88:3a:9a:cf: d8:99:a8:05:30:2b:bf:3e:cf:5b:f0:3d:9f:dd:6f: bf:aa:f2:e6:30:92:d1:0f:e2:5b:7e:67:b7:2a:ac: 5d:f4:5e:43:a0:89:16:06:fd:ba:25:d2:95:7c:ec: b3:47:23:2b:15:bf:b9:e0:18:f3:69:21:cd:23:bc: 0d:07:ad:f6:30:29:7e:32:39:6f:a9:25:29:9c:45: 41:d2:9c:38:df:ff:84:ce:76:93:18:99:c8:e0:06: 7d:fe:71:fc:b4:f0:12:61:67:d1:c7:b4:20:fe:cc: 8a:30:87:1f:9a:bc:1d:31:78:83:dc:d2:32:77:aa: d4:e1:f3:19:05:c1:c8:a0:3c:29:12:d3:47:2e:e6: 79:74:3b:22:a2:9f:c4:d5:c5:c1:11:54:0e:ac:ec: 41:b5:07:b0:60:df:db:a6:08:61:bd:35:75:80:39: 64:ed:05:ca:25:b4:5b:46:cc:a9:93:76:4e:ac:a2: b1:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:6F:B3:A6:F1:D8:53:01:4A:AD:A1:9E:A0:43:E0:CA:40:88:ED:B0 X509v3 Authority Key Identifier: keyid:05:03:7E:4C:DE:44:EC:66:42:C4:16:9F:A8:51:37:2D:78:FB:FC:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQN-TN5E7GZCxBafqFE3LXj7_Ks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E77C/F700A9EC725611ED90211562C4F9AE02/BQN-TN5E7GZCxBafqFE3LXj7_Ks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:57:4e:7d:4e:d7:04:33:9d:39:a2:40:46:d0:81:89:5e:aa: 82:61:ab:93:51:fc:fc:6c:81:d8:bb:31:b8:da:28:73:9c:75: e0:28:49:62:fa:7d:b3:88:5e:3e:1c:45:1a:92:f7:2b:23:90: 77:d0:0c:8a:7d:4d:25:64:b0:93:57:02:9f:d5:3c:ad:34:f2: da:8e:94:9e:96:08:a7:ea:1a:b0:54:a0:a1:d8:a4:f2:cb:09: 33:fd:d8:3d:16:b9:dd:01:3b:d1:e9:24:61:a0:67:23:36:1a: 0e:f7:e5:2e:eb:11:52:a4:a0:77:1f:34:bb:97:00:fd:7c:a6: 76:8d:58:03:cb:ef:fb:62:7f:59:92:1f:45:56:31:1d:10:f7: 81:4d:92:3e:99:75:cf:18:d1:c1:61:76:f9:7a:04:e6:19:86: 5c:63:df:9d:8d:1a:4e:83:13:4e:96:d9:93:d6:4c:46:1d:72: 07:e5:23:a6:28:99:40:2d:b7:27:d3:5d:32:a7:6e:ff:c1:20: 4b:e7:bb:c0:ba:6e:be:42:32:1b:fc:f0:1e:18:df:19:3f:d8: fa:43:65:32:31:17:5d:7e:27:87:f8:37:87:4b:d9:eb:21:11: bf:d9:f0:1c:fe:60:2c:5d:40:c1:6d:fd:d2:36:f4:74:f0:76: d7:9b:3a:4a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUU3N0MxMTAvBgNVBAUTKDA1MDM3RTRDREU0NEVDNjY0MkM0MTY5RkE4NTEzNzJE NzhGQkZDQUIwHhcNMjUxMDE5MDQyNTA5WhcNMjUxMDI2MDQyNTA5WjAYMRYwFAYD VQQDEw02OGY0NjgyNi00ZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKVFxVQiJrN3yUuTDful3+sNS7M8xbPph9LTbWfpvfOz7tg4KpOxLysn2Rj+ Bfh86OMaeYck7kxvZdVQaC03RFcaKfuc9og6ms/YmagFMCu/Ps9b8D2f3W+/qvLm MJLRD+Jbfme3Kqxd9F5DoIkWBv26JdKVfOyzRyMrFb+54BjzaSHNI7wNB632MCl+ MjlvqSUpnEVB0pw43/+EznaTGJnI4AZ9/nH8tPASYWfRx7Qg/syKMIcfmrwdMXiD 3NIyd6rU4fMZBcHIoDwpEtNHLuZ5dDsiop/E1cXBEVQOrOxBtQewYN/bpghhvTV1 gDlk7QXKJbRbRsypk3ZOrKKx/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtvs6bx 2FMBSq2hnqBD4MpAiO2wMB8GA1UdIwQYMBaAFAUDfkzeROxmQsQWn6hRNy14+/yr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTc3Qy9GNzAwQTlFQzcy NTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdHWkN4QmFmcUZFM0xYajdf S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRTi1UTjVFN0daQ3hCYWZxRkUzTFhqN19Lcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RTc3Qy9GNzAwQTlFQzcyNTYxMUVEOTAyMTE1NjJDNEY5QUUwMi9CUU4tVE41RTdH WkN4QmFmcUZFM0xYajdfS3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAV059TtcEM505okBG0IGJXqqCYauTUfz8bIHYuzG42ihznHXgKEli +n2ziF4+HEUakvcrI5B30AyKfU0lZLCTVwKf1TytNPLajpSelgin6hqwVKCh2KTy ywkz/dg9FrndATvR6SRhoGcjNhoO9+Uu6xFSpKB3HzS7lwD9fKZ2jVgDy+/7Yn9Z kh9FVjEdEPeBTZI+mXXPGNHBYXb5egTmGYZcY9+djRpOgxNOltmT1kxGHXIH5SOm KJlALbcn010yp27/wSBL57vAum6+QjIb/PAeGN8ZP9j6Q2UyMRddfieH+DeHS9nr IRG/2fAc/mAsXUDBbf3SNvR08HbXmzpK -----END CERTIFICATE-----Generated at Mon Oct 20 16:19:07 2025 by rpki-client