$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft File: BFm798uEwX7tUbaM6tlBlX14X68.mft (raw, json) Hash identifier: viWb0YYstVTceQJjAUz6Qd3JqLcE+V1raFTGRAR04NA= Subject key identifier: 14:42:88:00:A8:83:D0:4B:1D:D6:76:08:71:A9:44:B7:FB:C8:3A:D6 Authority key identifier: 04:59:BB:F7:CB:84:C1:7E:ED:51:B6:8C:EA:D9:41:95:7D:78:5F:AF Certificate issuer: /CN=A91CFBA9/serialNumber=0459BBF7CB84C17EED51B68CEAD941957D785FAF Certificate serial: 0B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft Manifest number: 09 Signing time: Sun 19 Oct 2025 11:39:55 +0000 Manifest this update: Sun 19 Oct 2025 11:39:54 +0000 Manifest next update: Sun 26 Oct 2025 11:39:54 +0000 Files and hashes: 1: BFm798uEwX7tUbaM6tlBlX14X68.crl (hash: T0y1nboxSo820uP+sYMv5BjbKIXBLHyOotc+wSBurCQ=) 2: 88B9736AA77811F092FD731BC4F9AE02.roa (hash: u+cn9UutTPsBz+rSTM9fD/qL+39w/7zRbkPYbDsgfs4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.crl rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:39:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFBA9, serialNumber=0459BBF7CB84C17EED51B68CEAD941957D785FAF Validity Not Before: Oct 19 11:39:54 2025 GMT Not After : Oct 26 11:39:54 2025 GMT Subject: CN=68f4ce0a-9a8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7b:7e:a7:d7:57:d4:71:0b:a2:37:5d:5e:f2: 61:82:7f:61:78:cd:7c:6c:0c:19:7e:e3:e7:40:d7: 9c:43:c0:c8:cc:1a:41:a8:aa:56:9c:c6:0a:ad:bd: 86:c6:c1:fe:16:fb:38:9e:67:b8:5b:55:3f:33:d8: 5a:9b:88:9a:c5:9e:eb:21:df:b8:54:ff:74:2c:8f: 65:cb:1c:a7:4a:e0:2a:0f:25:53:48:57:25:5e:51: 63:6b:c3:3d:91:1e:5d:ef:8a:bb:2d:de:f9:48:29: af:ee:7a:7c:a0:2b:43:95:e1:ce:18:b8:be:6b:b7: 19:ce:90:53:e1:f3:df:e0:6c:23:dd:31:1c:f4:ef: f6:bc:55:12:cd:d8:2f:82:52:9b:e5:b6:e2:19:32: 9c:84:75:01:2a:3a:97:18:3a:74:f6:7d:7d:3e:bf: fc:3f:13:91:5c:fb:3b:28:b9:49:95:bc:67:1e:fc: 1c:31:0d:9a:43:3d:d4:07:91:17:cd:96:f1:67:91: cc:2f:98:6c:8c:bf:20:18:3d:35:72:9c:3b:f2:a4: 2e:6f:c0:bf:f1:a1:76:aa:f6:25:af:70:e7:be:ff: c0:70:c7:51:55:eb:06:74:1d:b5:e4:69:23:c9:1d: ef:31:74:20:5b:47:25:16:2a:51:b4:dd:30:9f:60: 94:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:42:88:00:A8:83:D0:4B:1D:D6:76:08:71:A9:44:B7:FB:C8:3A:D6 X509v3 Authority Key Identifier: keyid:04:59:BB:F7:CB:84:C1:7E:ED:51:B6:8C:EA:D9:41:95:7D:78:5F:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BFm798uEwX7tUbaM6tlBlX14X68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFBA9/5730159AA77511F094DEBF2DC4F9AE02/BFm798uEwX7tUbaM6tlBlX14X68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:f1:ec:90:a7:a4:59:f8:fb:8e:cd:1b:8b:1e:36:72:57:99: 2f:8d:b5:ff:22:c5:48:5b:30:96:15:b5:d0:10:88:93:b6:fe: ed:fb:cf:5f:69:b4:83:0b:51:1f:fa:39:e3:de:8a:ba:1f:e7: e8:4d:20:de:a5:8b:29:9c:09:0c:c9:69:1a:18:fd:cf:8f:f3: c5:e0:b9:f5:c6:76:a2:07:31:c9:66:7b:21:0b:df:52:f8:c3: 07:27:d8:35:17:f3:a7:fa:14:78:f3:bb:c6:f0:cb:7c:56:da: 30:0d:2d:8e:ab:83:d5:1b:58:d6:07:b5:45:39:9d:b0:95:77: 79:9b:de:a9:1d:20:ef:60:ea:5f:22:e5:f6:d2:55:f8:e6:38: af:16:1a:5d:44:78:76:c9:00:8c:d9:53:af:4c:73:87:fe:2a: 20:56:26:89:74:ce:cb:80:b8:ab:e7:e3:e6:b5:64:34:c3:2d: e2:a0:a3:99:fe:c4:d7:d7:aa:a1:6a:c7:38:c6:27:a7:e9:5a: ea:b9:6c:c2:de:24:fc:7c:81:05:ea:c4:31:4f:d1:7e:84:78: 81:82:4b:81:45:5b:36:d9:e6:fd:af:cb:df:12:d0:71:a4:ed: dd:00:ac:59:d2:2d:03:22:03:ca:51:5e:04:48:19:a4:a5:f1: 2a:8b:5a:33 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkJBOTExMC8GA1UEBRMoMDQ1OUJCRjdDQjg0QzE3RUVENTFCNjhDRUFEOTQxOTU3 RDc4NUZBRjAeFw0yNTEwMTkxMTM5NTRaFw0yNTEwMjYxMTM5NTRaMBgxFjAUBgNV BAMTDTY4ZjRjZTBhLTlhOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDNe36n11fUcQuiN11e8mGCf2F4zXxsDBl+4+dA15xDwMjMGkGoqlacxgqtvYbG wf4W+zieZ7hbVT8z2FqbiJrFnush37hU/3Qsj2XLHKdK4CoPJVNIVyVeUWNrwz2R Hl3virst3vlIKa/uenygK0OV4c4YuL5rtxnOkFPh89/gbCPdMRz07/a8VRLN2C+C UpvltuIZMpyEdQEqOpcYOnT2fX0+v/w/E5Fc+zsouUmVvGce/BwxDZpDPdQHkRfN lvFnkcwvmGyMvyAYPTVynDvypC5vwL/xoXaq9iWvcOe+/8Bwx1FV6wZ0HbXkaSPJ He8xdCBbRyUWKlG03TCfYJRRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFEKIAKiD 0Esd1nYIcalEt/vIOtYwHwYDVR0jBBgwFoAUBFm798uEwX7tUbaM6tlBlX14X68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGQkE5LzU3MzAxNTlBQTc3 NTExRjA5NERFQkYyREM0RjlBRTAyL0JGbTc5OHVFd1g3dFViYU02dGxCbFgxNFg2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQkZtNzk4dUV3WDd0VWJhTTZ0bEJsWDE0WDY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG QkE5LzU3MzAxNTlBQTc3NTExRjA5NERFQkYyREM0RjlBRTAyL0JGbTc5OHVFd1g3 dFViYU02dGxCbFgxNFg2OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGjx7JCnpFn4+47NG4seNnJXmS+Ntf8ixUhbMJYVtdAQiJO2/u37z19p tIMLUR/6OePeirof5+hNIN6liymcCQzJaRoY/c+P88XgufXGdqIHMclmeyEL31L4 wwcn2DUX86f6FHjzu8bwy3xW2jANLY6rg9UbWNYHtUU5nbCVd3mb3qkdIO9g6l8i 5fbSVfjmOK8WGl1EeHbJAIzZU69Mc4f+KiBWJol0zsuAuKvn4+a1ZDTDLeKgo5n+ xNfXqqFqxzjGJ6fpWuq5bMLeJPx8gQXqxDFP0X6EeIGCS4FFWzbZ5v2vy98S0HGk 7d0ArFnSLQMiA8pRXgRIGaSl8SqLWjM= -----END CERTIFICATE-----Generated at Tue Oct 21 01:32:43 2025 by rpki-client