$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft File: BstI9X1UOpeC2KfJbaTh3tvDwws.mft (raw, json) Hash identifier: Z8ETg/YmVwLgEo1c0JPG+hxMlu7D5+25n948+lUWBO0= Subject key identifier: 02:F1:46:90:F8:EA:41:FC:3E:A7:25:53:85:CC:A5:EE:86:EC:80:87 Authority key identifier: 06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B Certificate issuer: /CN=A91E2EFF/serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B Certificate serial: 44 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft Manifest number: 43 Signing time: Sun 19 Oct 2025 10:52:08 +0000 Manifest this update: Sun 19 Oct 2025 10:52:07 +0000 Manifest next update: Sun 26 Oct 2025 10:52:07 +0000 Files and hashes: 1: BstI9X1UOpeC2KfJbaTh3tvDwws.crl (hash: N8cegtr3DKrhgeLrywiLrdQx1nzTXmQwjrrb+sQdUWg=) 2: 3698C9BA484A11F0B96B9D10C4F9AE02.roa (hash: 3/VlviI5lXmsXT9HHGTTjCEqy33hQJaRKWakW7gYvqc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:52:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68 (0x44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2EFF, serialNumber=06CB48F57D543A9782D8A7C96DA4E1DEDBC3C30B Validity Not Before: Oct 19 10:52:07 2025 GMT Not After : Oct 26 10:52:07 2025 GMT Subject: CN=68f4c2d7-f350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:22:c8:e2:04:32:fd:71:c8:51:43:70:d7:fe: fb:b1:70:a3:a2:ad:91:a3:ad:30:a3:c2:a7:80:ca: d6:ce:01:0c:cb:31:67:82:f4:93:bc:07:90:d6:44: 98:d7:d8:94:c7:8c:f2:ea:81:9c:0b:12:87:e2:2f: 26:18:4a:33:e5:7f:ad:82:b1:fb:d2:7a:9d:68:8e: 4e:75:15:96:34:05:a4:09:a9:63:23:68:9d:04:5a: 5e:7a:d1:3b:51:5b:ee:6a:49:94:a0:c5:04:fe:47: 3b:7b:b0:59:93:07:04:57:33:fb:67:9b:28:78:d3: f0:2e:82:bd:d9:a5:2e:25:3d:00:ac:6c:80:56:6e: f9:ff:0c:c9:31:08:44:5c:90:23:6c:3d:6b:d7:3a: 44:65:94:96:02:d9:a1:17:fc:38:a3:95:52:20:13: a0:39:38:98:ca:a2:4f:9b:35:3d:13:50:0c:6e:9e: 7c:cb:04:63:ed:c2:82:cd:0a:8c:fe:11:b0:d9:a1: b6:3e:93:5b:c6:1a:f3:05:80:a4:d1:ff:69:0d:c0: 9a:4c:4b:54:bc:61:9e:3e:50:9c:cb:2f:10:b8:cd: cb:71:f7:74:c0:b3:2b:be:ce:2f:fa:40:1d:67:a0: 6b:5c:da:54:d0:0f:75:27:ce:b4:69:dc:b9:a1:0e: e5:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:F1:46:90:F8:EA:41:FC:3E:A7:25:53:85:CC:A5:EE:86:EC:80:87 X509v3 Authority Key Identifier: keyid:06:CB:48:F5:7D:54:3A:97:82:D8:A7:C9:6D:A4:E1:DE:DB:C3:C3:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BstI9X1UOpeC2KfJbaTh3tvDwws.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EFF/A314847C484911F0BF070370C4F9AE02/BstI9X1UOpeC2KfJbaTh3tvDwws.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:71:62:9e:e1:bd:9a:52:c2:c9:d4:12:6b:31:3e:97:72:60: 19:62:f6:91:72:cc:9b:64:0f:60:8f:69:52:7c:9d:16:4c:8a: ae:0a:bb:55:58:b4:f8:2b:a8:34:f5:b1:4d:dd:ee:38:20:18: ee:04:16:17:72:72:d9:b3:4f:6b:75:5f:fb:df:d8:b8:f4:c6: be:ad:95:50:01:6a:e1:12:5e:f1:18:2a:5e:5e:d6:84:c2:9f: f4:00:a1:04:f7:30:a8:d7:53:ac:66:26:3b:8e:93:64:f2:40: e3:22:ae:6c:9b:dc:31:6b:9b:29:cd:44:2d:8d:b8:98:9a:60: b6:12:88:0b:29:4a:96:64:ed:34:63:20:df:33:2d:ae:ad:80: a1:e8:11:31:60:2a:26:5b:19:09:6c:6d:90:be:e6:7c:5f:ef: 62:52:3c:4f:a4:c4:9c:60:47:6c:94:cb:23:b7:05:ee:41:a2: d4:ae:af:32:14:ff:aa:50:d9:c2:8f:59:ba:25:e9:9d:bd:09: 3c:9f:1c:a5:fd:9f:3f:18:12:8a:b4:ed:92:4f:6b:4c:9c:a3: 96:d1:6b:d1:ca:ba:39:3b:6b:fd:f3:ec:f2:c5:0b:02:b7:19: e5:3c:f0:3a:3d:ca:d9:76:c5:89:d1:19:af:40:1a:62:5f:9e: 1a:d6:c8:11 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MkVGRjExMC8GA1UEBRMoMDZDQjQ4RjU3RDU0M0E5NzgyRDhBN0M5NkRBNEUxREVE QkMzQzMwQjAeFw0yNTEwMTkxMDUyMDdaFw0yNTEwMjYxMDUyMDdaMBgxFjAUBgNV BAMTDTY4ZjRjMmQ3LWYzNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0IsjiBDL9cchRQ3DX/vuxcKOirZGjrTCjwqeAytbOAQzLMWeC9JO8B5DWRJjX 2JTHjPLqgZwLEofiLyYYSjPlf62CsfvSep1ojk51FZY0BaQJqWMjaJ0EWl560TtR W+5qSZSgxQT+Rzt7sFmTBwRXM/tnmyh40/Augr3ZpS4lPQCsbIBWbvn/DMkxCERc kCNsPWvXOkRllJYC2aEX/DijlVIgE6A5OJjKok+bNT0TUAxunnzLBGPtwoLNCoz+ EbDZobY+k1vGGvMFgKTR/2kNwJpMS1S8YZ4+UJzLLxC4zctx93TAsyu+zi/6QB1n oGtc2lTQD3UnzrRp3LmhDuWjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAvFGkPjq Qfw+pyVThcyl7obsgIcwHwYDVR0jBBgwFoAUBstI9X1UOpeC2KfJbaTh3tvDwwsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyRUZGL0EzMTQ4NDdDNDg0 OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3BlQzJLZkpiYVRoM3R2RHd3 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQnN0STlYMVVPcGVDMktmSmJhVGgzdHZEd3dzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUy RUZGL0EzMTQ4NDdDNDg0OTExRjBCRjA3MDM3MEM0RjlBRTAyL0JzdEk5WDFVT3Bl QzJLZkpiYVRoM3R2RHd3cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMVxYp7hvZpSwsnUEmsxPpdyYBli9pFyzJtkD2CPaVJ8nRZMiq4Ku1VY tPgrqDT1sU3d7jggGO4EFhdyctmzT2t1X/vf2Lj0xr6tlVABauESXvEYKl5e1oTC n/QAoQT3MKjXU6xmJjuOk2TyQOMirmyb3DFrmynNRC2NuJiaYLYSiAspSpZk7TRj IN8zLa6tgKHoETFgKiZbGQlsbZC+5nxf72JSPE+kxJxgR2yUyyO3Be5BotSurzIU /6pQ2cKPWbol6Z29CTyfHKX9nz8YEoq07ZJPa0yco5bRa9HKujk7a/3z7PLFCwK3 GeU88Do9ytl2xYnRGa9AGmJfnhrWyBE= -----END CERTIFICATE-----Generated at Tue Oct 21 03:04:42 2025 by rpki-client